Make it possible to set a time for verification.

[openssl.git] / ssl / tls1.h

diff --git a/ssl/tls1.h b/ssl/tls1.h
index 8fe7d7cef226cb395c69485d92034f0c9798b685..f121e042719e1cce6a64b7ffd898e86368cb3892 100644 (file)
--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@@ -174,6 +174,9 @@ extern "C" {
 #define TLS1_get_version(s) \
                ((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0)
 
+#define TLS1_get_client_version(s) \
+               ((s->client_version >> 8) == TLS1_VERSION_MAJOR ? s->client_version : 0)
+
 #define TLS1_AD_DECRYPTION_FAILED      21
 #define TLS1_AD_RECORD_OVERFLOW                22
 #define TLS1_AD_UNKNOWN_CA             48      /* fatal */
@@ -193,8 +196,6 @@ extern "C" {
 #define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
 #define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
 #define TLS1_AD_UNKNOWN_PSK_IDENTITY   115     /* fatal */
-#define TLS1_AD_UNKNOWN_SRP_USERNAME 120 /* fatal */
-#define TLS1_AD_MISSING_SRP_USERNAME 121
 
 /* ExtensionType values from RFC3546 / RFC4366 */
 #define TLSEXT_TYPE_server_name                        0
@@ -252,12 +253,17 @@ extern "C" {
 #define TLSEXT_hash_sha384                             5
 #define TLSEXT_hash_sha512                             6
 
+/* ExtensionType value from RFC5764 */
+#define TLSEXT_TYPE_use_srtp                           14
+
 #ifndef OPENSSL_NO_TLSEXT
 
 #define TLSEXT_MAXLEN_host_name 255
 
-const char *SSL_get_servername(const SSL *s, const int type) ;
-int SSL_get_servername_type(const SSL *s) ;
+const char *SSL_get_servername(const SSL *s, const int type);
+int SSL_get_servername_type(const SSL *s);
+int SSL_export_keying_material(SSL *s, unsigned char *out, int olen, 
+        char *label, int llen, unsigned char *p, int plen, int use_context);
 
 #define SSL_set_tlsext_host_name(s,name) \
 SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)