projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Disable SSL_peek until it is fixed.
[openssl.git]
/
ssl
/
ssl.h
diff --git
a/ssl/ssl.h
b/ssl/ssl.h
index 040304b7744e62b95c968c3a3573e0306d394890..174be8f1080ad846743f9e6d712fe95c707fd0ad 100644
(file)
--- a/
ssl/ssl.h
+++ b/
ssl/ssl.h
@@
-59,12
+59,21
@@
#ifndef HEADER_SSL_H
#define HEADER_SSL_H
#ifndef HEADER_SSL_H
#define HEADER_SSL_H
+#ifndef NO_COMP
+#include <openssl/comp.h>
+#endif
+#ifndef NO_BIO
+#include <openssl/bio.h>
+#endif
+#ifndef NO_X509
+#include <openssl/x509.h>
+#endif
+#include <openssl/safestack.h>
+
#ifdef __cplusplus
extern "C" {
#endif
#ifdef __cplusplus
extern "C" {
#endif
-#include <openssl/safestack.h>
-
/* SSLeay version number for ASN.1 encoding of the session information */
/* Version 0 - initial version
* Version 1 - added the optional peer certificate
/* SSLeay version number for ASN.1 encoding of the session information */
/* Version 0 - initial version
* Version 1 - added the optional peer certificate
@@
-134,17
+143,16
@@
extern "C" {
/* 'DEFAULT' at the start of the cipher list insert the following string
* in addition to this being the default cipher string */
/* 'DEFAULT' at the start of the cipher list insert the following string
* in addition to this being the default cipher string */
-#ifndef NO_RSA
#define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH"
#define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH"
-#else
-#define SSL_ALLOW_ADH
-#define SSL_DEFAULT_CIPHER_LIST "ALL:ADH+3DES:ADH+RC4:ADH+DES:@STRENGTH"
-#endif
/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
#define SSL_SENT_SHUTDOWN 1
#define SSL_RECEIVED_SHUTDOWN 2
/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
#define SSL_SENT_SHUTDOWN 1
#define SSL_RECEIVED_SHUTDOWN 2
+#ifdef __cplusplus
+}
+#endif
+
#include <openssl/crypto.h>
#include <openssl/lhash.h>
#include <openssl/buffer.h>
#include <openssl/crypto.h>
#include <openssl/lhash.h>
#include <openssl/buffer.h>
@@
-152,6
+160,10
@@
extern "C" {
#include <openssl/pem.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/x509.h>
+#ifdef __cplusplus
+extern "C" {
+#endif
+
#if (defined(NO_RSA) || defined(NO_MD5)) && !defined(NO_SSL2)
#define NO_SSL2
#endif
#if (defined(NO_RSA) || defined(NO_MD5)) && !defined(NO_SSL2)
#define NO_SSL2
#endif
@@
-323,6
+335,9
@@
typedef struct ssl_session_st
* the misconception that non-blocking SSL_write() behaves like
* non-blocking write(): */
#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
* the misconception that non-blocking SSL_write() behaves like
* non-blocking write(): */
#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
+/* Never bother the application with retries if the transport
+ * is blocking: */
+#define SSL_MODE_AUTO_RETRY 0x00000004L
/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
* they cannot be used to clear bits. */
/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
* they cannot be used to clear bits. */
@@
-348,15
+363,15
@@
typedef struct ssl_session_st
#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
typedef struct ssl_comp_st
#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
typedef struct ssl_comp_st
-{
- int id;
- char *name;
-#if
def HEADER_COMP_H
- COMP_METHOD *method;
+
{
+
int id;
+
char *name;
+#if
ndef NO_COMP
+
COMP_METHOD *method;
#else
#else
- char *method;
+
char *method;
#endif
#endif
-} SSL_COMP;
+
} SSL_COMP;
DECLARE_STACK_OF(SSL_COMP)
DECLARE_STACK_OF(SSL_COMP)
@@
-396,9
+411,8
@@
struct ssl_ctx_st
* SSL_SESSION_free() when it has finished using it. Otherwise,
* on 0, it means the callback has finished with it.
* If remove_session_cb is not null, it will be called when
* SSL_SESSION_free() when it has finished using it. Otherwise,
* on 0, it means the callback has finished with it.
* If remove_session_cb is not null, it will be called when
- * a session-id is removed from the cache. Again, a return
- * of 0 mens that SSLeay should not SSL_SESSION_free() since
- * the application is doing something with it. */
+ * a session-id is removed from the cache. After the call,
+ * OpenSSL will SSL_SESSION_free() it. */
int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess);
void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess);
SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess);
void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess);
SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
@@
-477,6
+491,7
@@
struct ssl_ctx_st
* defined, this will still get called. */
#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
* defined, this will still get called. */
#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
+ struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx);
#define SSL_CTX_sess_number(ctx) \
SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
#define SSL_CTX_sess_connect(ctx) \
#define SSL_CTX_sess_number(ctx) \
SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
#define SSL_CTX_sess_connect(ctx) \
@@
-538,10
+553,10
@@
struct ssl_st
* same. This is so data can be read and written to different
* handlers */
* same. This is so data can be read and written to different
* handlers */
-#if
def HEADER_BIO_H
+#if
ndef NO_BIO
BIO *rbio; /* used by SSL_read */
BIO *wbio; /* used by SSL_write */
BIO *rbio; /* used by SSL_read */
BIO *wbio; /* used by SSL_write */
- BIO *bbio; /* used during session-id reuse to concat
i
nate
+ BIO *bbio; /* used during session-id reuse to concat
e
nate
* messages */
#else
char *rbio; /* used by SSL_read */
* messages */
#else
char *rbio; /* used by SSL_read */
@@
-602,7
+617,7
@@
struct ssl_st
EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
const EVP_MD *read_hash; /* used for mac generation */
EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
const EVP_MD *read_hash; /* used for mac generation */
-#if
def HEADER_COMP_H
+#if
ndef NO_COMP
COMP_CTX *expand; /* uncompress */
#else
char *expand;
COMP_CTX *expand; /* uncompress */
#else
char *expand;
@@
-610,7
+625,7
@@
struct ssl_st
EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
const EVP_MD *write_hash; /* used for mac generation */
EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
const EVP_MD *write_hash; /* used for mac generation */
-#if
def HEADER_COMP_H
+#if
ndef NO_COMP
COMP_CTX *compress; /* compression */
#else
char *compress;
COMP_CTX *compress; /* compression */
#else
char *compress;
@@
-660,11
+675,19
@@
struct ssl_st
* SSLv3/TLS rollback check */
};
* SSLv3/TLS rollback check */
};
+#ifdef __cplusplus
+}
+#endif
+
#include <openssl/ssl2.h>
#include <openssl/ssl3.h>
#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
#include <openssl/ssl23.h>
#include <openssl/ssl2.h>
#include <openssl/ssl3.h>
#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
#include <openssl/ssl23.h>
+#ifdef __cplusplus
+extern "C" {
+#endif
+
/* compatibility */
#define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg))
#define SSL_get_app_data(s) (SSL_get_ex_data(s,0))
/* compatibility */
#define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg))
#define SSL_get_app_data(s) (SSL_get_ex_data(s,0))
@@
-808,6
+831,7
@@
size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count);
#define SSL_ERROR_SYSCALL 5 /* look at error stack/return value/errno */
#define SSL_ERROR_ZERO_RETURN 6
#define SSL_ERROR_WANT_CONNECT 7
#define SSL_ERROR_SYSCALL 5 /* look at error stack/return value/errno */
#define SSL_ERROR_ZERO_RETURN 6
#define SSL_ERROR_WANT_CONNECT 7
+#define SSL_ERROR_WANT_ACCEPT 8
#define SSL_CTRL_NEED_TMP_RSA 1
#define SSL_CTRL_SET_TMP_RSA 2
#define SSL_CTRL_NEED_TMP_RSA 1
#define SSL_CTRL_SET_TMP_RSA 2
@@
-888,7
+912,7
@@
size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count);
#define SSL_add_dir_cert_subjects_to_stack SSL_add_dir_cert_sub_to_stack
#endif
#define SSL_add_dir_cert_subjects_to_stack SSL_add_dir_cert_sub_to_stack
#endif
-#if
def HEADER_BIO_H
+#if
ndef NO_BIO
BIO_METHOD *BIO_f_ssl(void);
BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
BIO_METHOD *BIO_f_ssl(void);
BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
@@
-925,7
+949,7
@@
int SSL_set_fd(SSL *s, int fd);
int SSL_set_rfd(SSL *s, int fd);
int SSL_set_wfd(SSL *s, int fd);
#endif
int SSL_set_rfd(SSL *s, int fd);
int SSL_set_wfd(SSL *s, int fd);
#endif
-#if
def HEADER_BIO_H
+#if
ndef NO_BIO
void SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio);
BIO * SSL_get_rbio(SSL *s);
BIO * SSL_get_wbio(SSL *s);
void SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio);
BIO * SSL_get_rbio(SSL *s);
BIO * SSL_get_wbio(SSL *s);
@@
-980,7
+1004,7
@@
int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b);
#ifndef NO_FP_API
int SSL_SESSION_print_fp(FILE *fp,SSL_SESSION *ses);
#endif
#ifndef NO_FP_API
int SSL_SESSION_print_fp(FILE *fp,SSL_SESSION *ses);
#endif
-#if
def HEADER_BIO_H
+#if
ndef NO_BIO
int SSL_SESSION_print(BIO *fp,SSL_SESSION *ses);
#endif
void SSL_SESSION_free(SSL_SESSION *ses);
int SSL_SESSION_print(BIO *fp,SSL_SESSION *ses);
#endif
void SSL_SESSION_free(SSL_SESSION *ses);
@@
-1042,7
+1066,9
@@
int SSL_read(SSL *ssl,char *buf,int num);
int SSL_peek(SSL *ssl,char *buf,int num);
int SSL_write(SSL *ssl,const char *buf,int num);
long SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg);
int SSL_peek(SSL *ssl,char *buf,int num);
int SSL_write(SSL *ssl,const char *buf,int num);
long SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg);
+long SSL_callback_ctrl(SSL *, int, void (*)());
long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, char *parg);
long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, char *parg);
+long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)());
int SSL_get_error(SSL *s,int ret_code);
const char *SSL_get_version(SSL *s);
int SSL_get_error(SSL *s,int ret_code);
const char *SSL_get_version(SSL *s);
@@
-1153,7
+1179,7
@@
int SSL_get_ex_data_X509_STORE_CTX_idx(void );
#define SSL_CTX_get_read_ahead(ctx) \
SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
#define SSL_CTX_set_read_ahead(ctx,m) \
#define SSL_CTX_get_read_ahead(ctx) \
SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
#define SSL_CTX_set_read_ahead(ctx,m) \
- SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,
0
,NULL)
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,
m
,NULL)
/* NB: the keylength is only applicable when is_export is true */
#ifndef NO_RSA
/* NB: the keylength is only applicable when is_export is true */
#ifndef NO_RSA
@@
-1174,7
+1200,7
@@
void SSL_set_tmp_dh_callback(SSL *ssl,
int keylength));
#endif
int keylength));
#endif
-#if
def HEADER_COMP_H
+#if
ndef NO_COMP
int SSL_COMP_add_compression_method(int id,COMP_METHOD *cm);
#else
int SSL_COMP_add_compression_method(int id,char *cm);
int SSL_COMP_add_compression_method(int id,COMP_METHOD *cm);
#else
int SSL_COMP_add_compression_method(int id,char *cm);
@@
-1213,10
+1239,12
@@
int SSL_COMP_add_compression_method(int id,char *cm);
#define SSL_F_SSL2_ACCEPT 122
#define SSL_F_SSL2_CONNECT 123
#define SSL_F_SSL2_ENC_INIT 124
#define SSL_F_SSL2_ACCEPT 122
#define SSL_F_SSL2_CONNECT 123
#define SSL_F_SSL2_ENC_INIT 124
+#define SSL_F_SSL2_PEEK 234
#define SSL_F_SSL2_READ 125
#define SSL_F_SSL2_SET_CERTIFICATE 126
#define SSL_F_SSL2_WRITE 127
#define SSL_F_SSL3_ACCEPT 128
#define SSL_F_SSL2_READ 125
#define SSL_F_SSL2_SET_CERTIFICATE 126
#define SSL_F_SSL2_WRITE 127
#define SSL_F_SSL3_ACCEPT 128
+#define SSL_F_SSL3_CALLBACK_CTRL 233
#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
#define SSL_F_SSL3_CLIENT_HELLO 131
#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
#define SSL_F_SSL3_CLIENT_HELLO 131
@@
-1237,6
+1265,7
@@
int SSL_COMP_add_compression_method(int id,char *cm);
#define SSL_F_SSL3_GET_SERVER_DONE 145
#define SSL_F_SSL3_GET_SERVER_HELLO 146
#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
#define SSL_F_SSL3_GET_SERVER_DONE 145
#define SSL_F_SSL3_GET_SERVER_HELLO 146
#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
+#define SSL_F_SSL3_PEEK 235
#define SSL_F_SSL3_READ_BYTES 148
#define SSL_F_SSL3_READ_N 149
#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150
#define SSL_F_SSL3_READ_BYTES 148
#define SSL_F_SSL3_READ_N 149
#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150
@@
-1263,6
+1292,7
@@
int SSL_COMP_add_compression_method(int id,char *cm);
#define SSL_F_SSL_CLEAR 164
#define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165
#define SSL_F_SSL_CREATE_CIPHER_LIST 166
#define SSL_F_SSL_CLEAR 164
#define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165
#define SSL_F_SSL_CREATE_CIPHER_LIST 166
+#define SSL_F_SSL_CTRL 232
#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
#define SSL_F_SSL_CTX_NEW 169
#define SSL_F_SSL_CTX_SET_PURPOSE 226
#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
#define SSL_F_SSL_CTX_NEW 169
#define SSL_F_SSL_CTX_SET_PURPOSE 226
@@
-1374,9
+1404,11
@@
int SSL_COMP_add_compression_method(int id,char *cm);
#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
#define SSL_R_DIGEST_CHECK_FAILED 149
#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
#define SSL_R_DIGEST_CHECK_FAILED 149
#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
+#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 1092
#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
#define SSL_R_EXTRA_DATA_IN_MESSAGE 153
#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
#define SSL_R_EXTRA_DATA_IN_MESSAGE 153
+#define SSL_R_FIXME 1101
#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
#define SSL_R_HTTPS_PROXY_REQUEST 155
#define SSL_R_HTTP_REQUEST 156
#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
#define SSL_R_HTTPS_PROXY_REQUEST 155
#define SSL_R_HTTP_REQUEST 156
@@
-1385,6
+1417,13
@@
int SSL_COMP_add_compression_method(int id,char *cm);
#define SSL_R_INVALID_COMMAND 280
#define SSL_R_INVALID_PURPOSE 278
#define SSL_R_INVALID_TRUST 279
#define SSL_R_INVALID_COMMAND 280
#define SSL_R_INVALID_PURPOSE 278
#define SSL_R_INVALID_TRUST 279
+#define SSL_R_KRB5_C_CC_PRINC 1094
+#define SSL_R_KRB5_C_GET_CRED 1095
+#define SSL_R_KRB5_C_INIT 1096
+#define SSL_R_KRB5_C_MK_REQ 1097
+#define SSL_R_KRB5_S_BAD_TICKET 1098
+#define SSL_R_KRB5_S_INIT 1099
+#define SSL_R_KRB5_S_RD_REQ 1100
#define SSL_R_LENGTH_MISMATCH 159
#define SSL_R_LENGTH_TOO_SHORT 160
#define SSL_R_LIBRARY_BUG 274
#define SSL_R_LENGTH_MISMATCH 159
#define SSL_R_LENGTH_TOO_SHORT 160
#define SSL_R_LIBRARY_BUG 274
@@
-1443,6
+1482,7
@@
int SSL_COMP_add_compression_method(int id,char *cm);
#define SSL_R_READ_WRONG_PACKET_TYPE 212
#define SSL_R_RECORD_LENGTH_MISMATCH 213
#define SSL_R_RECORD_TOO_LARGE 214
#define SSL_R_READ_WRONG_PACKET_TYPE 212
#define SSL_R_RECORD_LENGTH_MISMATCH 213
#define SSL_R_RECORD_TOO_LARGE 214
+#define SSL_R_RECORD_TOO_SMALL 1093
#define SSL_R_REQUIRED_CIPHER_MISSING 215
#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
#define SSL_R_REQUIRED_CIPHER_MISSING 215
#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217