Allow "DHE" and "kDHE" as synonyms of "EDH" and "kEDH" when specifiying ciphers

[openssl.git] / ssl / ssl.h

diff --git a/ssl/ssl.h b/ssl/ssl.h
index 4e405943b18753f31f51a79f44e2b3516859a154..3c49a38ab0eff91c7ff70a69ea33853712519dac 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -244,12 +244,14 @@ extern "C" {
 #define SSL_TXT_kDHr           "kDHr" 
 #define SSL_TXT_kDHd           "kDHd"
 #define SSL_TXT_kDH            "kDH"
-#define SSL_TXT_kEDH           "kEDH"
+#define SSL_TXT_kEDH           "kEDH" /* alias for kDHE */
+#define SSL_TXT_kDHE           "kDHE"
 #define SSL_TXT_kKRB5          "kKRB5"
 #define SSL_TXT_kECDHr         "kECDHr"
 #define SSL_TXT_kECDHe         "kECDHe"
 #define SSL_TXT_kECDH          "kECDH"
-#define SSL_TXT_kEECDH         "kEECDH"
+#define SSL_TXT_kEECDH         "kEECDH" /* alias for kECDHE */
+#define SSL_TXT_kECDHE         "kECDHE"
 #define SSL_TXT_kPSK            "kPSK"
 #define SSL_TXT_kGOST          "kGOST"
 #define SSL_TXT_kSRP           "kSRP"
@@ -267,11 +269,13 @@ extern "C" {
 
 #define        SSL_TXT_DSS             "DSS"
 #define SSL_TXT_DH             "DH"
-#define SSL_TXT_EDH            "EDH" /* same as "kEDH:-ADH" */
+#define SSL_TXT_DHE            "DHE" /* same as "kDHE:-ADH" */
+#define SSL_TXT_EDH            "EDH" /* alias for DHE */
 #define SSL_TXT_ADH            "ADH"
 #define SSL_TXT_RSA            "RSA"
 #define SSL_TXT_ECDH           "ECDH"
-#define SSL_TXT_EECDH          "EECDH" /* same as "kEECDH:-AECDH" */
+#define SSL_TXT_EECDH          "EECDH" /* alias for ECDHE" */
+#define SSL_TXT_ECDHE          "ECDHE" /* same as "kECDHE:-AECDH" */
 #define SSL_TXT_AECDH          "AECDH"
 #define SSL_TXT_ECDSA          "ECDSA"
 #define SSL_TXT_KRB5           "KRB5"
@@ -1278,9 +1282,11 @@ void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
                                    unsigned *len);
 #endif
 
+#ifndef OPENSSL_NO_TLSEXT
 int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
                          const unsigned char *in, unsigned int inlen,
                          const unsigned char *client, unsigned int client_len);
+#endif
 
 #define OPENSSL_NPN_UNSUPPORTED        0
 #define OPENSSL_NPN_NEGOTIATED 1
@@ -2259,6 +2265,9 @@ int SSL_set_trust(SSL *s, int trust);
 int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
 int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
 
+X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx);
+X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl);
+
 #ifndef OPENSSL_NO_SRP
 int SSL_CTX_set_srp_username(SSL_CTX *ctx,char *name);
 int SSL_CTX_set_srp_password(SSL_CTX *ctx,char *password);
@@ -2375,7 +2384,10 @@ STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
 SSL *SSL_dup(SSL *ssl);
 
 X509 *SSL_get_certificate(const SSL *ssl);
-/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
+/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(const SSL *ssl);
+
+X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);
+EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx);
 
 void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
 int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);