Support ALPN.

[openssl.git] / ssl / ssl3.h

diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index 77622ebbfb498f2aacd31650e75afbc147c8bcde..05317005dec9a36405ad869d806d3ac06c14be98 100644 (file)
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -324,6 +324,23 @@ extern "C" {
 #define SSL3_RT_APPLICATION_DATA       23
 #define TLS1_RT_HEARTBEAT              24
 
+/* Pseudo content types to indicate additional parameters */
+#define TLS1_RT_CRYPTO                 0x1000
+#define TLS1_RT_CRYPTO_PREMASTER       (TLS1_RT_CRYPTO | 0x1)
+#define TLS1_RT_CRYPTO_CLIENT_RANDOM   (TLS1_RT_CRYPTO | 0x2)
+#define TLS1_RT_CRYPTO_SERVER_RANDOM   (TLS1_RT_CRYPTO | 0x3)
+#define TLS1_RT_CRYPTO_MASTER          (TLS1_RT_CRYPTO | 0x4)
+
+#define TLS1_RT_CRYPTO_READ            0x0000
+#define TLS1_RT_CRYPTO_WRITE           0x0100
+#define TLS1_RT_CRYPTO_MAC             (TLS1_RT_CRYPTO | 0x5)
+#define TLS1_RT_CRYPTO_KEY             (TLS1_RT_CRYPTO | 0x6)
+#define TLS1_RT_CRYPTO_IV              (TLS1_RT_CRYPTO | 0x7)
+#define TLS1_RT_CRYPTO_FIXED_IV                (TLS1_RT_CRYPTO | 0x8)
+
+/* Pseudo content type for SSL/TLS header info */
+#define SSL3_RT_HEADER                 0x100
+
 #define SSL3_AL_WARNING                        1
 #define SSL3_AL_FATAL                  2
 
@@ -554,7 +571,26 @@ typedef struct ssl3_state_st
         * server echoed our server_authz extension and therefore must send us
         * a supplemental data handshake message. */
        char tlsext_authz_server_promised;
-#endif
+
+       /* tlsext_custom_types contains an array of TLS Extension types which 
+        * were advertised by the client in its ClientHello, which were not 
+        * otherwise handled by OpenSSL, and which the server has registered
+        * a custom_srv_ext_record to handle.
+        * The array does not contain any duplicates, and is in the same order
+        * as the types were received in the client hello. */
+       unsigned short *tlsext_custom_types;
+       size_t tlsext_custom_types_count; /* how many tlsext_custom_types */
+
+       /* ALPN information
+        * (we are in the process of transitioning from NPN to ALPN.) */
+
+       /* In a server these point to the selected ALPN protocol after the
+        * ClientHello has been processed. In a client these contain the
+        * protocol that the server selected once the ServerHello has been
+        * processed. */
+       unsigned char *alpn_selected;
+       unsigned alpn_selected_len;
+#endif /* OPENSSL_NO_TLSEXT */
        } SSL3_STATE;
 
 #endif
@@ -596,8 +632,10 @@ typedef struct ssl3_state_st
 #define SSL3_ST_CW_CERT_VRFY_B         (0x191|SSL_ST_CONNECT)
 #define SSL3_ST_CW_CHANGE_A            (0x1A0|SSL_ST_CONNECT)
 #define SSL3_ST_CW_CHANGE_B            (0x1A1|SSL_ST_CONNECT)
+#ifndef OPENSSL_NO_NEXTPROTONEG
 #define SSL3_ST_CW_NEXT_PROTO_A                (0x200|SSL_ST_CONNECT)
 #define SSL3_ST_CW_NEXT_PROTO_B                (0x201|SSL_ST_CONNECT)
+#endif
 #define SSL3_ST_CW_FINISHED_A          (0x1B0|SSL_ST_CONNECT)
 #define SSL3_ST_CW_FINISHED_B          (0x1B1|SSL_ST_CONNECT)
 /* read from server */
@@ -647,8 +685,10 @@ typedef struct ssl3_state_st
 #define SSL3_ST_SR_CERT_VRFY_B         (0x1A1|SSL_ST_ACCEPT)
 #define SSL3_ST_SR_CHANGE_A            (0x1B0|SSL_ST_ACCEPT)
 #define SSL3_ST_SR_CHANGE_B            (0x1B1|SSL_ST_ACCEPT)
+#ifndef OPENSSL_NO_NEXTPROTONEG
 #define SSL3_ST_SR_NEXT_PROTO_A                (0x210|SSL_ST_ACCEPT)
 #define SSL3_ST_SR_NEXT_PROTO_B                (0x211|SSL_ST_ACCEPT)
+#endif
 #define SSL3_ST_SR_FINISHED_A          (0x1C0|SSL_ST_ACCEPT)
 #define SSL3_ST_SR_FINISHED_B          (0x1C1|SSL_ST_ACCEPT)
 /* write to client */
@@ -676,7 +716,9 @@ typedef struct ssl3_state_st
 #define SSL3_MT_FINISHED                       20
 #define SSL3_MT_CERTIFICATE_STATUS             22
 #define SSL3_MT_SUPPLEMENTAL_DATA              23
+#ifndef OPENSSL_NO_NEXTPROTONEG
 #define SSL3_MT_NEXT_PROTO                     67
+#endif
 #define DTLS1_MT_HELLO_VERIFY_REQUEST    3