X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=include%2Fopenssl%2Fssl.h;h=cb60258035d9cb22d0d3df6e8afc70324125e0f9;hp=43c68012f7f18803506103198f999c6238ca26c8;hb=76af303761670cd54a93f1b196bcd7b2eaf7c29c;hpb=fae4772c24b89526f70c74fa14a85c5c16bced9a diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 43c68012f7..cb60258035 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -145,9 +145,7 @@ # include -# ifndef OPENSSL_NO_COMP -# include -# endif +# include # include # ifdef OPENSSL_USE_DEPRECATED # include @@ -158,7 +156,6 @@ # include # include -# include # include # include @@ -173,35 +170,6 @@ extern "C" { */ # define SSL_SESSION_ASN1_VERSION 0x0001 -/* text strings for the ciphers */ - -/* - * VRS Additional Kerberos5 entries - */ -# define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA -# define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA -# define SSL_TXT_KRB5_RC4_128_SHA SSL3_TXT_KRB5_RC4_128_SHA -# define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA -# define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5 -# define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5 -# define SSL_TXT_KRB5_RC4_128_MD5 SSL3_TXT_KRB5_RC4_128_MD5 -# define SSL_TXT_KRB5_IDEA_128_CBC_MD5 SSL3_TXT_KRB5_IDEA_128_CBC_MD5 - -# define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA -# define SSL_TXT_KRB5_RC2_40_CBC_SHA SSL3_TXT_KRB5_RC2_40_CBC_SHA -# define SSL_TXT_KRB5_RC4_40_SHA SSL3_TXT_KRB5_RC4_40_SHA -# define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5 -# define SSL_TXT_KRB5_RC2_40_CBC_MD5 SSL3_TXT_KRB5_RC2_40_CBC_MD5 -# define SSL_TXT_KRB5_RC4_40_MD5 SSL3_TXT_KRB5_RC4_40_MD5 - -# define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA -# define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5 -# define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA -# define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5 -# define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA -# define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5 -# define SSL_MAX_KRB5_PRINCIPAL_LENGTH 256 - # define SSL_MAX_SSL_SESSION_ID_LENGTH 32 # define SSL_MAX_SID_CTX_LENGTH 32 @@ -209,6 +177,8 @@ extern "C" { # define SSL_MAX_KEY_ARG_LENGTH 8 # define SSL_MAX_MASTER_KEY_LENGTH 48 +/* text strings for the ciphers */ + /* These are used to specify which ciphers to use and not to use */ # define SSL_TXT_EXP40 "EXPORT40" @@ -228,13 +198,15 @@ extern "C" { # define SSL_TXT_kDH "kDH" # define SSL_TXT_kEDH "kEDH"/* alias for kDHE */ # define SSL_TXT_kDHE "kDHE" -# define SSL_TXT_kKRB5 "kKRB5" # define SSL_TXT_kECDHr "kECDHr" # define SSL_TXT_kECDHe "kECDHe" # define SSL_TXT_kECDH "kECDH" # define SSL_TXT_kEECDH "kEECDH"/* alias for kECDHE */ # define SSL_TXT_kECDHE "kECDHE" # define SSL_TXT_kPSK "kPSK" +# define SSL_TXT_kRSAPSK "kRSAPSK" +# define SSL_TXT_kECDHEPSK "kECDHEPSK" +# define SSL_TXT_kDHEPSK "kDHEPSK" # define SSL_TXT_kGOST "kGOST" # define SSL_TXT_kSRP "kSRP" @@ -242,7 +214,6 @@ extern "C" { # define SSL_TXT_aDSS "aDSS" # define SSL_TXT_aDH "aDH" # define SSL_TXT_aECDH "aECDH" -# define SSL_TXT_aKRB5 "aKRB5" # define SSL_TXT_aECDSA "aECDSA" # define SSL_TXT_aPSK "aPSK" # define SSL_TXT_aGOST94 "aGOST94" @@ -261,7 +232,6 @@ extern "C" { # define SSL_TXT_ECDHE "ECDHE"/* same as "kECDHE:-AECDH" */ # define SSL_TXT_AECDH "AECDH" # define SSL_TXT_ECDSA "ECDSA" -# define SSL_TXT_KRB5 "KRB5" # define SSL_TXT_PSK "PSK" # define SSL_TXT_SRP "SRP" @@ -275,6 +245,8 @@ extern "C" { # define SSL_TXT_AES256 "AES256" # define SSL_TXT_AES "AES" # define SSL_TXT_AES_GCM "AESGCM" +# define SSL_TXT_AES_CCM "AESCCM" +# define SSL_TXT_AES_CCM_8 "AESCCM8" # define SSL_TXT_CAMELLIA128 "CAMELLIA128" # define SSL_TXT_CAMELLIA256 "CAMELLIA256" # define SSL_TXT_CAMELLIA "CAMELLIA" @@ -318,7 +290,7 @@ extern "C" { * The following cipher list is used by default. It also is substituted when * an application-defined cipher list string starts with 'DEFAULT'. */ -# define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL" +# define SSL_DEFAULT_CIPHER_LIST "ALL:!COMPLEMENTOFDEFAULT:!eNULL" /* * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always * starts with a reasonable order, and all we have to do for DEFAULT is @@ -371,8 +343,6 @@ typedef int (*tls_session_secret_cb_fn) (SSL *s, void *secret, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); -# ifndef OPENSSL_NO_TLSEXT - /* Typedefs for handling custom extensions */ typedef int (*custom_ext_add_cb) (SSL *s, unsigned int ext_type, @@ -386,18 +356,18 @@ typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type, const unsigned char *in, size_t inlen, int *al, void *parse_arg); -# endif - /* Allow initial connection to servers that don't support RI */ # define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L /* Removed from OpenSSL 0.9.8q and 1.0.0c */ +/* Dead forever, see CVE-2010-4180. */ # define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x0L # define SSL_OP_TLSEXT_PADDING 0x00000010L # define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L # define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040L # define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L # define SSL_OP_TLS_D5_BUG 0x00000100L -# define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L +/* Removed from OpenSSL 1.1.0 */ +# define SSL_OP_TLS_BLOCK_PADDING_BUG 0x0L /* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */ # define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0 @@ -672,9 +642,7 @@ __owur int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx); int SSL_SRP_CTX_free(SSL *ctx); int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx); __owur int SSL_srp_server_param_with_username(SSL *s, int *ad); -__owur int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key); __owur int SRP_Calc_A_param(SSL *s); -__owur int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key); # endif @@ -703,9 +671,6 @@ __owur int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key); typedef int (*GEN_SESSION_CB) (const SSL *ssl, unsigned char *id, unsigned int *id_len); -typedef struct ssl_comp_st SSL_COMP; - - # define SSL_SESS_CACHE_OFF 0x0000 # define SSL_SESS_CACHE_CLIENT 0x0001 # define SSL_SESS_CACHE_SERVER 0x0002 @@ -785,7 +750,7 @@ void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, *cookie_len)); void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb) (SSL *ssl, - unsigned char + const unsigned char *cookie, unsigned int cookie_len)); @@ -807,12 +772,10 @@ void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, unsigned *len); # endif -# ifndef OPENSSL_NO_TLSEXT __owur int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, const unsigned char *client, unsigned int client_len); -# endif # define OPENSSL_NPN_UNSUPPORTED 0 # define OPENSSL_NPN_NEGOTIATED 1 @@ -903,7 +866,6 @@ const char *SSL_get_psk_identity_hint(const SSL *s); const char *SSL_get_psk_identity(const SSL *s); # endif -# ifndef OPENSSL_NO_TLSEXT /* Register callbacks to handle custom TLS Extensions for client or server. */ __owur int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type, @@ -922,8 +884,6 @@ __owur int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type, __owur int SSL_extension_supported(unsigned int ext_type); -# endif - # define SSL_NOTHING 1 # define SSL_WRITING 2 # define SSL_READING 3 @@ -946,7 +906,6 @@ __owur int SSL_extension_supported(unsigned int ext_type); # include # include /* This is mostly sslv3 with a few tweaks */ # include /* Datagram TLS */ -# include # include /* Support for the use_srtp extension */ #ifdef __cplusplus @@ -1149,40 +1108,38 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) # define SSL_CTRL_SET_MAX_CERT_LIST 51 # define SSL_CTRL_SET_MAX_SEND_FRAGMENT 52 /* see tls1.h for macros based on these */ -# ifndef OPENSSL_NO_TLSEXT -# define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53 -# define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54 -# define SSL_CTRL_SET_TLSEXT_HOSTNAME 55 -# define SSL_CTRL_SET_TLSEXT_DEBUG_CB 56 -# define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57 -# define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58 -# define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59 -/*# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT 60 */ -/*# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61 */ -/*# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62 */ -# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63 -# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64 -# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65 -# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66 -# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS 67 -# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS 68 -# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69 -# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70 -# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71 -# define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72 -# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75 -# define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76 -# define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77 -# define SSL_CTRL_SET_SRP_ARG 78 -# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79 -# define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80 -# define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81 -# ifndef OPENSSL_NO_HEARTBEATS -# define SSL_CTRL_TLS_EXT_SEND_HEARTBEAT 85 -# define SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING 86 -# define SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS 87 -# endif -# endif /* OPENSSL_NO_TLSEXT */ +# define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53 +# define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54 +# define SSL_CTRL_SET_TLSEXT_HOSTNAME 55 +# define SSL_CTRL_SET_TLSEXT_DEBUG_CB 56 +# define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57 +# define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58 +# define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59 +/*# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT 60 */ +/*# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61 */ +/*# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62 */ +# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63 +# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64 +# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65 +# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66 +# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS 67 +# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS 68 +# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69 +# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70 +# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71 +# define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72 +# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75 +# define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76 +# define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77 +# define SSL_CTRL_SET_SRP_ARG 78 +# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79 +# define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80 +# define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81 +# ifndef OPENSSL_NO_HEARTBEATS +# define SSL_CTRL_TLS_EXT_SEND_HEARTBEAT 85 +# define SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING 86 +# define SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS 87 +# endif # define DTLS_CTRL_GET_TIMEOUT 73 # define DTLS_CTRL_HANDLE_TIMEOUT 74 # define DTLS_CTRL_LISTEN 75 @@ -1427,17 +1384,11 @@ __owur int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const unsigned char *d, __owur int SSL_use_certificate(SSL *ssl, X509 *x); __owur int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len); -# ifndef OPENSSL_NO_TLSEXT /* Set serverinfo data for the current active cert. */ __owur int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo, size_t serverinfo_length); -# ifndef OPENSSL_NO_STDIO __owur int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file); -# endif /* NO_STDIO */ -# endif - -# ifndef OPENSSL_NO_STDIO __owur int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type); __owur int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type); __owur int SSL_use_certificate_file(SSL *ssl, const char *file, int type); @@ -1450,11 +1401,9 @@ __owur int SSL_use_certificate_chain_file(SSL *ssl, const char *file); __owur STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); __owur int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, const char *file); -# ifndef OPENSSL_SYS_VMS +# ifndef OPENSSL_SYS_VMS int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, const char *dir); -# endif - # endif void SSL_load_error_strings(void); @@ -1598,12 +1547,14 @@ __owur const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */ __owur const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */ # endif -__owur const SSL_METHOD *SSLv23_method(void); /* Negotiate highest available SSL/TLS - * version */ -__owur const SSL_METHOD *SSLv23_server_method(void); /* Negotiate highest available - * SSL/TLS version */ -__owur const SSL_METHOD *SSLv23_client_method(void); /* Negotiate highest available - * SSL/TLS version */ +#define SSLv23_method TLS_method +#define SSLv23_server_method TLS_server_method +#define SSLv23_client_method TLS_client_method + +/* Negotiate highest available SSL/TLS version */ +__owur const SSL_METHOD *TLS_method(void); +__owur const SSL_METHOD *TLS_server_method(void); +__owur const SSL_METHOD *TLS_client_method(void); __owur const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */ __owur const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */ @@ -1630,6 +1581,7 @@ __owur const SSL_METHOD *DTLS_server_method(void); /* DTLS 1.0 and 1.2 */ __owur const SSL_METHOD *DTLS_client_method(void); /* DTLS 1.0 and 1.2 */ __owur STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s); +__owur STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *s); __owur STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s); __owur int SSL_do_handshake(SSL *s); @@ -1681,6 +1633,8 @@ void SSL_set_shutdown(SSL *ssl, int mode); __owur int SSL_get_shutdown(const SSL *ssl); __owur int SSL_version(const SSL *ssl); __owur int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx); +__owur int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx); +__owur int SSL_CTX_set_default_verify_file(SSL_CTX *ctx); __owur int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, const char *CApath); # define SSL_get0_session SSL_get_session/* just peek at pointer */ @@ -1698,6 +1652,13 @@ void SSL_set_state(SSL *ssl, int state); void SSL_set_verify_result(SSL *ssl, long v); __owur long SSL_get_verify_result(const SSL *ssl); +__owur size_t SSL_get_client_random(const SSL *ssl, unsigned char *out, + size_t outlen); +__owur size_t SSL_get_server_random(const SSL *ssl, unsigned char *out, + size_t outlen); +__owur size_t SSL_SESSION_get_master_key(const SSL_SESSION *ssl, + unsigned char *out, size_t outlen); + __owur int SSL_set_ex_data(SSL *ssl, int idx, void *data); void *SSL_get_ex_data(const SSL *ssl, int idx); __owur int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, @@ -1774,7 +1735,6 @@ void SSL_set_tmp_ecdh_callback(SSL *ssl, int keylength)); # endif -# ifndef OPENSSL_NO_COMP __owur const COMP_METHOD *SSL_get_current_compression(SSL *s); __owur const COMP_METHOD *SSL_get_current_expansion(SSL *s); __owur const char *SSL_COMP_get_name(const COMP_METHOD *comp); @@ -1783,13 +1743,6 @@ __owur STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP) *meths); void SSL_COMP_free_compression_methods(void); __owur int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm); -# else -__owur const void *SSL_get_current_compression(SSL *s); -__owur const void *SSL_get_current_expansion(SSL *s); -__owur const char *SSL_COMP_get_name(const void *comp); -void *SSL_COMP_get_compression_methods(void); -__owur int SSL_COMP_add_compression_method(int id, void *cm); -# endif const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr); int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c); @@ -1929,6 +1882,8 @@ __owur void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx); __owur const struct openssl_ssl_test_functions *SSL_test_functions(void); # endif +extern const char SSL_version_str[]; + /* BEGIN ERROR CODES */ /* * The following lines are auto generated by the script mkerr.pl. Any changes @@ -1956,6 +1911,7 @@ void ERR_load_SSL_strings(void); # define SSL_F_DTLS1_GET_RECORD 254 # define SSL_F_DTLS1_HANDLE_TIMEOUT 297 # define SSL_F_DTLS1_HEARTBEAT 305 +# define SSL_F_DTLS1_LISTEN 350 # define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255 # define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288 # define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256 @@ -1972,14 +1928,8 @@ void ERR_load_SSL_strings(void); # define SSL_F_DTLS1_SEND_SERVER_HELLO 266 # define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE 267 # define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 268 -# define SSL_F_SSL23_ACCEPT 115 -# define SSL_F_SSL23_CLIENT_HELLO 116 -# define SSL_F_SSL23_CONNECT 117 -# define SSL_F_SSL23_GET_CLIENT_HELLO 118 -# define SSL_F_SSL23_GET_SERVER_HELLO 119 -# define SSL_F_SSL23_PEEK 237 -# define SSL_F_SSL23_READ 120 -# define SSL_F_SSL23_WRITE 121 +# define SSL_F_DTLS_GET_REASSEMBLED_MESSAGE 370 +# define SSL_F_READ_STATE_MACHINE 352 # define SSL_F_SSL3_ACCEPT 128 # define SSL_F_SSL3_ADD_CERT_TO_BUF 296 # define SSL_F_SSL3_CALLBACK_CTRL 233 @@ -1998,6 +1948,7 @@ void ERR_load_SSL_strings(void); # define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135 # define SSL_F_SSL3_GET_CERT_STATUS 289 # define SSL_F_SSL3_GET_CERT_VERIFY 136 +# define SSL_F_SSL3_GET_CHANGE_CIPHER_SPEC 349 # define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137 # define SSL_F_SSL3_GET_CLIENT_HELLO 138 # define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139 @@ -2070,7 +2021,6 @@ void ERR_load_SSL_strings(void); # define SSL_F_SSL_CTX_SET_TRUST 229 # define SSL_F_SSL_CTX_USE_CERTIFICATE 171 # define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172 -# define SSL_F_USE_CERTIFICATE_CHAIN_FILE 220 # define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173 # define SSL_F_SSL_CTX_USE_PRIVATEKEY 174 # define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175 @@ -2103,6 +2053,7 @@ void ERR_load_SSL_strings(void); # define SSL_F_SSL_READ 223 # define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT 320 # define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT 321 +# define SSL_F_SSL_SESSION_DUP 348 # define SSL_F_SSL_SESSION_NEW 189 # define SSL_F_SSL_SESSION_PRINT_FP 190 # define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312 @@ -2117,6 +2068,7 @@ void ERR_load_SSL_strings(void); # define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218 # define SSL_F_SSL_SET_SESSION_TICKET_EXT 294 # define SSL_F_SSL_SET_TRUST 228 +# define SSL_F_SSL_SET_VERSION 347 # define SSL_F_SSL_SET_WFD 196 # define SSL_F_SSL_SHUTDOWN 224 # define SSL_F_SSL_SRP_CTX_INIT 313 @@ -2135,6 +2087,7 @@ void ERR_load_SSL_strings(void); # define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206 # define SSL_F_SSL_VERIFY_CERT_CHAIN 207 # define SSL_F_SSL_WRITE 208 +# define SSL_F_STATE_MACHINE 353 # define SSL_F_TLS12_CHECK_PEER_SIGALG 333 # define SSL_F_TLS1_CERT_VERIFY_MAC 286 # define SSL_F_TLS1_CHANGE_CIPHER_STATE 209 @@ -2149,6 +2102,25 @@ void ERR_load_SSL_strings(void); # define SSL_F_TLS1_PROCESS_HEARTBEAT 341 # define SSL_F_TLS1_SETUP_KEY_BLOCK 211 # define SSL_F_TLS1_SET_SERVER_SIGALGS 335 +# define SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK 354 +# define SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE 355 +# define SSL_F_TLS_CONSTRUCT_CLIENT_HELLO 356 +# define SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE 357 +# define SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY 358 +# define SSL_F_TLS_CONSTRUCT_FINISHED 359 +# define SSL_F_TLS_GET_MESSAGE_BODY 351 +# define SSL_F_TLS_GET_MESSAGE_HEADER 350 +# define SSL_F_TLS_PREPARE_CLIENT_CERTIFICATE 360 +# define SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST 361 +# define SSL_F_TLS_PROCESS_CERT_STATUS 362 +# define SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC 363 +# define SSL_F_TLS_PROCESS_FINISHED 364 +# define SSL_F_TLS_PROCESS_KEY_EXCHANGE 365 +# define SSL_F_TLS_PROCESS_NEW_SESSION_TICKET 366 +# define SSL_F_TLS_PROCESS_SERVER_CERTIFICATE 367 +# define SSL_F_TLS_PROCESS_SERVER_DONE 368 +# define SSL_F_TLS_PROCESS_SERVER_HELLO 369 +# define SSL_F_USE_CERTIFICATE_CHAIN_FILE 220 /* Reason codes. */ # define SSL_R_APP_DATA_IN_HANDSHAKE 100 @@ -2159,8 +2131,12 @@ void ERR_load_SSL_strings(void); # define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106 # define SSL_R_BAD_DECOMPRESSION 107 # define SSL_R_BAD_DH_G_LENGTH 108 +# define SSL_R_BAD_DH_G_VALUE 375 # define SSL_R_BAD_DH_PUB_KEY_LENGTH 109 +# define SSL_R_BAD_DH_PUB_KEY_VALUE 393 # define SSL_R_BAD_DH_P_LENGTH 110 +# define SSL_R_BAD_DH_P_VALUE 395 +# define SSL_R_BAD_DH_VALUE 102 # define SSL_R_BAD_DIGEST_LENGTH 111 # define SSL_R_BAD_DSA_SIGNATURE 112 # define SSL_R_BAD_ECC_CERT 304 @@ -2211,6 +2187,7 @@ void ERR_load_SSL_strings(void); # define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307 # define SSL_R_COMPRESSION_LIBRARY_ERROR 142 # define SSL_R_CONNECTION_TYPE_NOT_SET 144 +# define SSL_R_COOKIE_GEN_CALLBACK_FAILURE 400 # define SSL_R_COOKIE_MISMATCH 308 # define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145 # define SSL_R_DATA_LENGTH_TOO_LONG 146 @@ -2234,6 +2211,7 @@ void ERR_load_SSL_strings(void); # define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151 # define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 # define SSL_R_EXTRA_DATA_IN_MESSAGE 153 +# define SSL_R_FRAGMENTED_CLIENT_HELLO 401 # define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154 # define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 355 # define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 356 @@ -2246,22 +2224,12 @@ void ERR_load_SSL_strings(void); # define SSL_R_INVALID_COMPRESSION_ALGORITHM 341 # define SSL_R_INVALID_NULL_CMD_NAME 385 # define SSL_R_INVALID_PURPOSE 278 +# define SSL_R_INVALID_SEQUENCE_NUMBER 402 # define SSL_R_INVALID_SERVERINFO_DATA 388 # define SSL_R_INVALID_SRP_USERNAME 357 # define SSL_R_INVALID_STATUS_RESPONSE 328 # define SSL_R_INVALID_TICKET_KEYS_LENGTH 325 # define SSL_R_INVALID_TRUST 279 -# define SSL_R_KRB5 285 -# define SSL_R_KRB5_C_CC_PRINC 286 -# define SSL_R_KRB5_C_GET_CRED 287 -# define SSL_R_KRB5_C_INIT 288 -# define SSL_R_KRB5_C_MK_REQ 289 -# define SSL_R_KRB5_S_BAD_TICKET 290 -# define SSL_R_KRB5_S_INIT 291 -# define SSL_R_KRB5_S_RD_REQ 292 -# define SSL_R_KRB5_S_TKT_EXPIRED 293 -# define SSL_R_KRB5_S_TKT_NYV 294 -# define SSL_R_KRB5_S_TKT_SKEW 295 # define SSL_R_LENGTH_MISMATCH 159 # define SSL_R_LENGTH_TOO_SHORT 160 # define SSL_R_LIBRARY_BUG 274 @@ -2306,6 +2274,7 @@ void ERR_load_SSL_strings(void); # define SSL_R_NO_SHARED_SIGATURE_ALGORITHMS 376 # define SSL_R_NO_SRTP_PROFILES 359 # define SSL_R_NO_VERIFY_CALLBACK 194 +# define SSL_R_NO_VERIFY_COOKIE_CALLBACK 403 # define SSL_R_NULL_SSL_CTX 195 # define SSL_R_NULL_SSL_METHOD_PASSED 196 # define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197 @@ -2344,7 +2313,6 @@ void ERR_load_SSL_strings(void); # define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 362 # define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 363 # define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 364 -# define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 # define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321 # define SSL_R_SSL3_EXT_INVALID_SERVERNAME 319 # define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 320