Add support for legacy PEM format private keys in EVP_PKEY_ASN1_METHOD.

[openssl.git] / ssl / ssl.h

diff --git a/ssl/ssl.h b/ssl/ssl.h
index 4d26c70210fb39f749df48c7db5406cf1d250663..7e2a8c170f11a805d518a597fb66a119a19cbd8c 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -430,18 +430,20 @@ typedef struct ssl_method_st
  * SSL_SESSION_ID ::= SEQUENCE {
  *     version                 INTEGER,        -- structure version number
  *     SSLversion              INTEGER,        -- SSL version number
- *     Cipher                  OCTET_STRING,   -- the 3 byte cipher ID
- *     Session_ID              OCTET_STRING,   -- the Session ID
- *     Master_key              OCTET_STRING,   -- the master key
- *     KRB5_principal          OCTET_STRING    -- optional Kerberos principal
- *     Key_Arg [ 0 ] IMPLICIT  OCTET_STRING,   -- the optional Key argument
+ *     Cipher                  OCTET STRING,   -- the 3 byte cipher ID
+ *     Session_ID              OCTET STRING,   -- the Session ID
+ *     Master_key              OCTET STRING,   -- the master key
+ *     KRB5_principal          OCTET STRING    -- optional Kerberos principal
+ *     Key_Arg [ 0 ] IMPLICIT  OCTET STRING,   -- the optional Key argument
  *     Time [ 1 ] EXPLICIT     INTEGER,        -- optional Start Time
  *     Timeout [ 2 ] EXPLICIT  INTEGER,        -- optional Timeout ins seconds
  *     Peer [ 3 ] EXPLICIT     X509,           -- optional Peer Certificate
- *     Session_ID_context [ 4 ] EXPLICIT OCTET_STRING,   -- the Session ID context
+ *     Session_ID_context [ 4 ] EXPLICIT OCTET STRING,   -- the Session ID context
  *     Verify_result [ 5 ] EXPLICIT INTEGER,   -- X509_V_... code for `Peer'
- *     PSK_identity_hint [ 6 ] EXPLICIT OCTET_STRING, -- PSK identity hint
- *      PSK_identity [ 7 ] EXPLICIT OCTET_STRING -- PSK identity
+ *     HostName [ 6 ] EXPLICY OCTET STRING,      -- optional HostName from servername TLS extension 
+ *     ECPointFormatList [ 7 ] OCTET STRING,     -- optional EC point format list from TLS extension
+ *     PSK_identity_hint [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
+ *     PSK_identity [ 9 ] EXPLICIT OCTET STRING -- optional PSK identity
  *     }
  * Look in ssl/ssl_asn1.c for more details
  * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
@@ -508,8 +510,8 @@ typedef struct ssl_session_st
 #ifndef OPENSSL_NO_TLSEXT
        char *tlsext_hostname;
 #ifndef OPENSSL_NO_EC
-       int tlsext_ecpointformatlist_length;
-       char * tlsext_ecpointformatlist;
+       size_t tlsext_ecpointformatlist_length;
+       unsigned char *tlsext_ecpointformatlist; /* peer's list */
 #endif /* OPENSSL_NO_EC */
 #endif
        } SSL_SESSION;
@@ -1062,8 +1064,8 @@ struct ssl_st
                                  2 : don't call servername callback, no ack in server hello
                               */
 #ifndef OPENSSL_NO_EC
-       int tlsext_ecpointformatlist_length;
-       char * tlsext_ecpointformatlist;
+       size_t tlsext_ecpointformatlist_length;
+       unsigned char *tlsext_ecpointformatlist; /* our list */
 #endif /* OPENSSL_NO_EC */
        SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
 #define session_ctx initial_ctx
@@ -1287,7 +1289,6 @@ size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
 #define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB      53
 #define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG     54
 #define SSL_CTRL_SET_TLSEXT_HOSTNAME           55
-#define SSL_CTRL_SET_TLSEXT_ECPOINTFORMATLIST  56
 #endif
 
 #define SSL_session_reused(ssl) \
@@ -1763,8 +1764,10 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL3_SETUP_KEY_BLOCK                      157
 #define SSL_F_SSL3_WRITE_BYTES                          158
 #define SSL_F_SSL3_WRITE_PENDING                        159
+#define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT                277
 #define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK        215
 #define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK       216
+#define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT                278
 #define SSL_F_SSL_BAD_METHOD                            160
 #define SSL_F_SSL_BYTES_TO_CIPHER_LIST                  161
 #define SSL_F_SSL_CERT_DUP                              221