More TLS extension related changes.

[openssl.git] / ssl / tls1.h
diff --git a/ssl/tls1.h b/ssl/tls1.h

index b5370f20fb5dba02d61a526bd8fee28344fcb3e7..0a9c1ea500fe011a088e87f3eceb583d4fa248b4 100644 (file)
--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@@ -149,7 +149,12 @@ extern "C" {
  #define TLS1_AD_INTERNAL_ERROR         80      /* fatal */
  #define TLS1_AD_USER_CANCELLED         90
  #define TLS1_AD_NO_RENEGOTIATION       100
-#define TLS1_AD_UNRECOGNIZED_NAME      122
+/* codes 110-114 are from RFC3546 */
+#define TLS1_AD_UNSUPPORTED_EXTENSION  110
+#define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
+#define TLS1_AD_UNRECOGNIZED_NAME      112
+#define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
+#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
  
  /* ExtensionType values from RFC 3546 */
  #define TLSEXT_TYPE_server_name                        0
@@ -158,9 +163,6 @@ extern "C" {
  #define TLSEXT_TYPE_trusted_ca_keys            3
  #define TLSEXT_TYPE_truncated_hmac             4
  #define TLSEXT_TYPE_status_request             5
-#if 0
-#define TLSEXT_TYPE_srp                                6
-#endif
  
  /* NameType value from RFC 3546 */
  #define TLSEXT_NAMETYPE_host_name 0
@@ -168,33 +170,25 @@ extern "C" {
  
  #ifndef OPENSSL_NO_TLSEXT
  
+#define TLSEXT_MAXLEN_host_name 255
+
  const char *SSL_get_servername(const SSL *s, const int type) ;
  int SSL_get_servername_type(const SSL *s) ;
  
-#define SSL_set_tlsext_hostname(s,name) \
+#define SSL_set_tlsext_host_name(s,name) \
  SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
  
  #define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
  SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb)
-#define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
-SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
  
-#define SSL_set_tlsext_servername_done(s,t) \
-SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_SERVERNAME_DONE,t, NULL)
+#define SSL_TLSEXT_ERR_OK 0    
+#define SSL_TLSEXT_ERR_ALERT_WARNING 1  
+#define SSL_TLSEXT_ERR_ALERT_FATAL 2 
+#define SSL_TLSEXT_ERR_NOACK 3
  
-#if 0
-#  if 0
+#define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
+SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
  
-       #define SSL_get_tlsext_hostname(s,psn) \
-       SSL_ctrl(s,SSL_CTRL_GET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name, (void *)psn)
-#  else
-       /* XXX this looks weird for a macro, define a function instead? */
-        * or just used SSL_get_servername() directly ... */
-       #define SSL_get_tlsext_hostname(s,psn) \
-       (*psn = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name),*psn != NULL)
-#  endif
-#endif
-  
  #endif
  
  
@@ -371,6 +365,3 @@ SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_SERVERNAME_DONE,t, NULL)
  }
  #endif
  #endif
-
-
-