* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
# include "packet_locl.h"
# include "internal/dane.h"
# include "internal/refcount.h"
+# include "internal/tsan_assist.h"
+# include "internal/bio.h"
# ifdef OPENSSL_BUILD_SHLIBSSL
# undef OPENSSL_EXTERN
(c)[1]=(unsigned char)(((l)>> 8)&0xff), \
(c)[2]=(unsigned char)(((l) )&0xff)),(c)+=3)
+# define TLS_MAX_VERSION_INTERNAL TLS1_3_VERSION
+# define DTLS_MAX_VERSION_INTERNAL DTLS1_2_VERSION
+
/*
* DTLS version numbers are strange because they're inverted. Except for
* DTLS1_BAD_VER, which should be considered "lower" than the rest.
long (*ssl_ctx_callback_ctrl) (SSL_CTX *s, int cb_id, void (*fp) (void));
};
-# define TLS13_MAX_RESUMPTION_PSK_LENGTH 64
+/*
+ * Matches the length of PSK_MAX_PSK_LEN. We keep it the same value for
+ * consistency, even in the event of OPENSSL_NO_PSK being defined.
+ */
+# define TLS13_MAX_RESUMPTION_PSK_LENGTH 256
/*-
* Lets make this into an ASN.1 type structure as follows
const unsigned char *data, int len,
int *copy);
struct {
- int sess_connect; /* SSL new conn - started */
- int sess_connect_renegotiate; /* SSL reneg - requested */
- int sess_connect_good; /* SSL new conne/reneg - finished */
- int sess_accept; /* SSL new accept - started */
- int sess_accept_renegotiate; /* SSL reneg - requested */
- int sess_accept_good; /* SSL accept/reneg - finished */
- int sess_miss; /* session lookup misses */
- int sess_timeout; /* reuse attempt on timeouted session */
- int sess_cache_full; /* session removed due to full cache */
- int sess_hit; /* session reuse actually done */
- int sess_cb_hit; /* session-id that was not in the cache was
- * passed back via the callback. This
- * indicates that the application is supplying
- * session-id's from other processes - spooky
- * :-) */
+ TSAN_QUALIFIER int sess_connect; /* SSL new conn - started */
+ TSAN_QUALIFIER int sess_connect_renegotiate; /* SSL reneg - requested */
+ TSAN_QUALIFIER int sess_connect_good; /* SSL new conne/reneg - finished */
+ TSAN_QUALIFIER int sess_accept; /* SSL new accept - started */
+ TSAN_QUALIFIER int sess_accept_renegotiate; /* SSL reneg - requested */
+ TSAN_QUALIFIER int sess_accept_good; /* SSL accept/reneg - finished */
+ TSAN_QUALIFIER int sess_miss; /* session lookup misses */
+ TSAN_QUALIFIER int sess_timeout; /* reuse attempt on timeouted session */
+ TSAN_QUALIFIER int sess_cache_full; /* session removed due to full cache */
+ TSAN_QUALIFIER int sess_hit; /* session reuse actually done */
+ TSAN_QUALIFIER int sess_cb_hit; /* session-id that was not in
+ * the cache was passed back via
+ * the callback. This indicates
+ * that the application is
+ * supplying session-id's from
+ * other processes - spooky
+ * :-) */
} stats;
CRYPTO_REF_COUNT references;
/*
* What we put in certificate_authorities extension for TLS 1.3
* (ClientHello and CertificateRequest) or just client cert requests for
- * earlier versions.
+ * earlier versions. If client_ca_names is populated then it is only used
+ * for client cert requests, and in preference to ca_names.
*/
STACK_OF(X509_NAME) *ca_names;
+ STACK_OF(X509_NAME) *client_ca_names;
/*
* Default values to use in SSL structures follow (these are copied by
/* Callback to determine if early_data is acceptable or not */
SSL_allow_early_data_cb_fn allow_early_data_cb;
void *allow_early_data_cb_data;
+
+ /* Do we advertise Post-handshake auth support? */
+ int pha_enabled;
+
+ /* Callback for SSL async handling */
+ SSL_async_callback_fn async_cb;
+ void *async_cb_arg;
};
struct ssl_st {
* DTLS1_VERSION)
*/
int version;
- /* TODO(TLS1.3): Remove this before release */
- int version_draft;
/* SSLv3 */
const SSL_METHOD *method;
/*
EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
unsigned char write_iv[EVP_MAX_IV_LENGTH]; /* TLSv1.3 static write IV */
EVP_MD_CTX *write_hash; /* used for mac generation */
- /* Count of how many KeyUpdate messages we have received */
- unsigned int key_update_count;
/* session info */
/* client cert? */
/* This is used to hold the server certificate used */
long verify_result;
/* extra application data */
CRYPTO_EX_DATA ex_data;
- /* for server side, keep the list of CA_dn we can use */
+ /*
+ * What we put in certificate_authorities extension for TLS 1.3
+ * (ClientHello and CertificateRequest) or just client cert requests for
+ * earlier versions. If client_ca_names is populated then it is only used
+ * for client cert requests, and in preference to ca_names.
+ */
STACK_OF(X509_NAME) *ca_names;
+ STACK_OF(X509_NAME) *client_ca_names;
CRYPTO_REF_COUNT references;
/* protocol behaviour */
uint32_t options;
int key_update;
/* Post-handshake authentication state */
SSL_PHA_STATE post_handshake_auth;
- int pha_forced;
+ int pha_enabled;
uint8_t* pha_context;
size_t pha_context_len;
int certreqs_sent;
/* Callback to determine if early_data is acceptable or not */
SSL_allow_early_data_cb_fn allow_early_data_cb;
void *allow_early_data_cb_data;
+
+ /* Callback for SSL async handling */
+ SSL_async_callback_fn async_cb;
+ void *async_cb_arg;
};
/*
DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
__owur int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
const SSL_CIPHER *const *bp);
-__owur int set_ciphersuites(STACK_OF(SSL_CIPHER) **currciphers, const char *str);
__owur STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
STACK_OF(SSL_CIPHER) *tls13_ciphersuites,
STACK_OF(SSL_CIPHER) **cipher_list,
__owur int ssl_ctx_security(const SSL_CTX *ctx, int op, int bits, int nid,
void *other);
+__owur int ssl_cert_lookup_by_nid(int nid, size_t *pidx);
__owur const SSL_CERT_LOOKUP *ssl_cert_lookup_by_pkey(const EVP_PKEY *pk,
size_t *pidx);
__owur const SSL_CERT_LOOKUP *ssl_cert_lookup_by_idx(size_t idx);
__owur int ssl_choose_client_version(SSL *s, int version,
RAW_EXTENSION *extensions);
__owur int ssl_get_min_max_version(const SSL *s, int *min_version,
- int *max_version);
+ int *max_version, int *real_max);
__owur long tls1_default_timeout(void);
__owur int dtls1_do_write(SSL *s, int type);
const unsigned char *secret,
const unsigned char *label, size_t labellen,
const unsigned char *data, size_t datalen,
- unsigned char *out, size_t outlen);
+ unsigned char *out, size_t outlen, int fatal);
__owur int tls13_derive_key(SSL *s, const EVP_MD *md,
const unsigned char *secret, unsigned char *key,
size_t keylen);
__owur int tls1_set_peer_legacy_sigalg(SSL *s, const EVP_PKEY *pkey);
__owur int tls1_lookup_md(const SIGALG_LOOKUP *lu, const EVP_MD **pmd);
__owur size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs);
+# ifndef OPENSSL_NO_EC
+__owur int tls_check_sigalg_curve(const SSL *s, int curve);
+# endif
__owur int tls12_check_peer_sigalg(SSL *s, uint16_t, EVP_PKEY *pkey);
__owur int ssl_set_client_disabled(SSL *s);
__owur int ssl_cipher_disabled(SSL *s, const SSL_CIPHER *c, int op, int echde);