Use client version when deciding which cipher suites to disable.

[openssl.git] / ssl / ssl.h

diff --git a/ssl/ssl.h b/ssl/ssl.h
index 58086250e2639881ea44577abe83a374b9115e7d..0aa675efce37a89f57513040499afd3ae45cb0b4 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1720,6 +1720,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
 #define SSL_CTRL_GET_PEER_SIGNATURE_NID                108
 #define SSL_CTRL_GET_SERVER_TMP_KEY            109
 #define SSL_CTRL_GET_RAW_CIPHERLIST            110
+#define SSL_CTRL_GET_EC_POINT_FORMATS          111
 
 #define DTLSv1_get_timeout(ssl, arg) \
        SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
@@ -1853,6 +1854,9 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
 #define SSL_get0_raw_cipherlist(s, plst) \
        SSL_ctrl(s,SSL_CTRL_GET_RAW_CIPHERLIST,0,plst)
 
+#define SSL_get0_ec_point_formats(s, plst) \
+       SSL_ctrl(s,SSL_CTRL_GET_EC_POINT_FORMATS,0,plst)
+
 #ifndef OPENSSL_NO_BIO
 BIO_METHOD *BIO_f_ssl(void);
 BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
@@ -2305,6 +2309,7 @@ void ERR_load_SSL_strings(void);
 /* Function codes. */
 #define SSL_F_AUTHZ_FIND_DATA                           330
 #define SSL_F_AUTHZ_VALIDATE                            323
+#define SSL_F_CHECK_SUITEB_CIPHER_LIST                  335
 #define SSL_F_CLIENT_CERTIFICATE                        100
 #define SSL_F_CLIENT_FINISHED                           167
 #define SSL_F_CLIENT_HELLO                              101
@@ -2441,7 +2446,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL_CIPHER_STRENGTH_SORT                  231
 #define SSL_F_SSL_CLEAR                                         164
 #define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD           165
-#define SSL_F_SSL_CONF_CTX_CMD                          334
+#define SSL_F_SSL_CONF_CMD                              334
 #define SSL_F_SSL_CREATE_CIPHER_LIST                    166
 #define SSL_F_SSL_CTRL                                  232
 #define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY                         168