# include <errno.h>
# include "e_os.h"
+# if defined(__unix) || defined(__unix__)
+# include <sys/time.h> /* struct timeval for DTLS */
+# endif
# include <openssl/buffer.h>
# include <openssl/comp.h>
# define SSL_CLIENT_USE_TLS1_2_CIPHERS(s) \
((!SSL_IS_DTLS(s) && s->client_version >= TLS1_2_VERSION) || \
(SSL_IS_DTLS(s) && DTLS_VERSION_GE(s->client_version, DTLS1_2_VERSION)))
+/*
+ * Determine if a client should send signature algorithms extension:
+ * as with TLS1.2 cipher we can't rely on method flags.
+ */
+# define SSL_CLIENT_USE_SIGALGS(s) \
+ SSL_CLIENT_USE_TLS1_2_CIPHERS(s)
# ifdef TLSEXT_TYPE_encrypt_then_mac
# define SSL_USE_ETM(s) (s->s3->flags & TLS1_FLAGS_ENCRYPT_THEN_MAC)
* Validates that the SCTs (Signed Certificate Timestamps) are sufficient.
* If they are not, the connection should be aborted.
*/
- ct_validation_cb ct_validation_callback;
+ ssl_ct_validation_cb ct_validation_callback;
void *ct_validation_callback_arg;
# endif
X509_VERIFY_PARAM *param;
/* Per connection DANE state */
- struct dane_st dane;
+ SSL_DANE dane;
/* crypto */
STACK_OF(SSL_CIPHER) *cipher_list;
* Validates that the SCTs (Signed Certificate Timestamps) are sufficient.
* If they are not, the connection should be aborted.
*/
- ct_validation_cb ct_validation_callback;
+ ssl_ct_validation_cb ct_validation_callback;
/* User-supplied argument tha tis passed to the ct_validation_callback */
void *ct_validation_callback_arg;
/*
pitem *pqueue_find(pqueue *pq, unsigned char *prio64be);
pitem *pqueue_iterator(pqueue *pq);
pitem *pqueue_next(piterator *iter);
-void pqueue_print(pqueue *pq);
int pqueue_size(pqueue *pq);
typedef struct dtls1_state_st {
__owur int custom_exts_copy(custom_ext_methods *dst, const custom_ext_methods *src);
void custom_exts_free(custom_ext_methods *exts);
+void ssl_comp_free_compression_methods_int(void);
+
# else
# define ssl_init_wbio_buffer SSL_test_functions()->p_ssl_init_wbio_buffer
projects / openssl.git / blobdiff