X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fssl3.h;h=17dd50c069c0360e13d99f7bf4643921e1243e7c;hp=0ae97b42069292103c625441be4f439e421fc85a;hb=889f39c70ffd2971de9bf076fa0c11bca49aa581;hpb=36086186a9b90cdad0d2cd0a598a10f03f8f4bcc

diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index 0ae97b4206..17dd50c069 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -149,12 +149,18 @@ extern "C" {
 #define SSL3_CK_DH_RSA_DES_64_CBC_SHA		0x0300000F
 #define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 	0x03000010
 
-#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA		0x03000011
-#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA		0x03000012
-#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA	0x03000013
-#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA		0x03000014
-#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA		0x03000015
-#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA	0x03000016
+#define SSL3_CK_DHE_DSS_DES_40_CBC_SHA		0x03000011
+#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA          SSL3_CK_DHE_DSS_DES_40_CBC_SHA
+#define SSL3_CK_DHE_DSS_DES_64_CBC_SHA		0x03000012
+#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA		SSL3_CK_DHE_DSS_DES_64_CBC_SHA
+#define SSL3_CK_DHE_DSS_DES_192_CBC3_SHA	0x03000013
+#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA	SSL3_CK_DHE_DSS_DES_192_CBC3_SHA
+#define SSL3_CK_DHE_RSA_DES_40_CBC_SHA		0x03000014
+#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA		SSL3_CK_DHE_RSA_DES_40_CBC_SHA
+#define SSL3_CK_DHE_RSA_DES_64_CBC_SHA		0x03000015
+#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA		SSL3_CK_DHE_RSA_DES_64_CBC_SHA
+#define SSL3_CK_DHE_RSA_DES_192_CBC3_SHA	0x03000016
+#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA	SSL3_CK_DHE_RSA_DES_192_CBC3_SHA
 
 #define SSL3_CK_ADH_RC4_40_MD5			0x03000017
 #define SSL3_CK_ADH_RC4_128_MD5			0x03000018
@@ -422,6 +428,8 @@ typedef struct ssl3_buffer_st
  * effected, but we can't prevent that.
  */
 #define SSL3_FLAGS_SGC_RESTART_DONE		0x0040
+/* Set if we encrypt then mac instead of usual mac then encrypt */
+#define TLS1_FLAGS_ENCRYPT_THEN_MAC		0x0080
 
 #ifndef OPENSSL_NO_SSL_INTERN
 
@@ -588,9 +596,9 @@ typedef struct ssl3_state_st
 	 * running on OS X 10.6 or newer. We wish to know this because Safari
 	 * on 10.8 .. 10.8.3 has broken ECDHE-ECDSA support. */
 	char is_probably_safari;
-#endif	/* OPENSSL_NO_EC */
+#endif /* !OPENSSL_NO_EC */
 
-#endif	/* OPENSSL_NO_TLSEXT */
+#endif /* !OPENSSL_NO_TLSEXT */
 	} SSL3_STATE;
 
 #endif
@@ -637,11 +645,11 @@ typedef struct ssl3_state_st
 #ifndef OPENSSL_NO_NEXTPROTONEG
 #define SSL3_ST_CW_NEXT_PROTO_A		(0x200|SSL_ST_CONNECT)
 #define SSL3_ST_CW_NEXT_PROTO_B		(0x201|SSL_ST_CONNECT)
+#endif
 #ifndef OPENSSL_NO_TLSEXT
 #define SSL3_ST_CW_SUPPLEMENTAL_DATA_A		(0x222|SSL_ST_CONNECT)
 #define SSL3_ST_CW_SUPPLEMENTAL_DATA_B		(0x223|SSL_ST_CONNECT)
 #endif
-#endif
 #define SSL3_ST_CW_FINISHED_A		(0x1B0|SSL_ST_CONNECT)
 #define SSL3_ST_CW_FINISHED_B		(0x1B1|SSL_ST_CONNECT)
 /* read from server */