projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Metrowerks for Motorola tune-up.
[openssl.git]
/
ssl
/
ssl.h
diff --git
a/ssl/ssl.h
b/ssl/ssl.h
index 424b195f5ce31ac30d0872b92e3390f6d74ca80f..96c5a93aecacb62968ee5160f528e7337a12d957 100644
(file)
--- a/
ssl/ssl.h
+++ b/
ssl/ssl.h
@@
-215,7
+215,8
@@
typedef struct ssl_method_st
* Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds
* Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate
* Session_ID_context [ 4 ] EXPLICIT OCTET_STRING, -- the Session ID context
* Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds
* Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate
* Session_ID_context [ 4 ] EXPLICIT OCTET_STRING, -- the Session ID context
- * Compression [5] IMPLICIT ASN1_OBJECT -- compression OID XXXXX
+ * Verify_result [ 5 ] EXPLICIT INTEGER -- X509_V_... code for `Peer'
+ * Compression [6] IMPLICIT ASN1_OBJECT -- compression OID XXXXX
* }
* Look in ssl/ssl_asn1.c for more details
* I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
* }
* Look in ssl/ssl_asn1.c for more details
* I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
@@
-249,6
+250,9
@@
typedef struct ssl_session_st
* (the latter is not enough as sess_cert is not retained
* in the external representation of sessions, see ssl_asn1.c). */
X509 *peer;
* (the latter is not enough as sess_cert is not retained
* in the external representation of sessions, see ssl_asn1.c). */
X509 *peer;
+ /* when app_verify_callback accepts a session where the peer's certificate
+ * is not ok, we must remember the error for session reuse: */
+ long verify_result; /* only for servers */
int references;
long timeout;
int references;
long timeout;
@@
-358,7
+362,7
@@
struct ssl_ctx_st
struct x509_store_st /* X509_STORE */ *cert_store;
struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSION's */
/* Most session-ids that will be cached, default is
struct x509_store_st /* X509_STORE */ *cert_store;
struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSION's */
/* Most session-ids that will be cached, default is
- * SSL_SESSION_CACHE_SIZE_DEFAULT. 0 is unlimited. */
+ * SSL_SESSION_CACHE_
MAX_
SIZE_DEFAULT. 0 is unlimited. */
unsigned long session_cache_size;
struct ssl_session_st *session_cache_head;
struct ssl_session_st *session_cache_tail;
unsigned long session_cache_size;
struct ssl_session_st *session_cache_head;
struct ssl_session_st *session_cache_tail;
@@
-425,6
+429,9
@@
struct ssl_ctx_st
/**/ unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
/**/ int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx);
/**/ unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
/**/ int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx);
+ int purpose; /* Purpose setting */
+ int trust; /* Trust setting */
+
/* Default password callback. */
/**/ pem_password_cb *default_passwd_callback;
/* Default password callback. */
/**/ pem_password_cb *default_passwd_callback;
@@
-571,6
+578,9
@@
struct ssl_st
int read_ahead; /* Read as many input bytes as possible */
int hit; /* reusing a previous session */
int read_ahead; /* Read as many input bytes as possible */
int hit; /* reusing a previous session */
+ int purpose; /* Purpose setting */
+ int trust; /* Trust setting */
+
/* crypto */
STACK_OF(SSL_CIPHER) *cipher_list;
STACK_OF(SSL_CIPHER) *cipher_list_by_id;
/* crypto */
STACK_OF(SSL_CIPHER) *cipher_list;
STACK_OF(SSL_CIPHER) *cipher_list_by_id;
@@
-999,6
+1009,12
@@
int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
SSL * SSL_new(SSL_CTX *ctx);
int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
unsigned int sid_ctx_len);
SSL * SSL_new(SSL_CTX *ctx);
int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
unsigned int sid_ctx_len);
+
+int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
+int SSL_set_purpose(SSL *s, int purpose);
+int SSL_CTX_set_trust(SSL_CTX *s, int trust);
+int SSL_set_trust(SSL *s, int trust);
+
void SSL_free(SSL *ssl);
int SSL_accept(SSL *ssl);
int SSL_connect(SSL *ssl);
void SSL_free(SSL *ssl);
int SSL_accept(SSL *ssl);
int SSL_connect(SSL *ssl);
@@
-1225,8
+1241,10
@@
int SSL_COMP_add_compression_method(int id,char *cm);
#define SSL_F_SSL_CREATE_CIPHER_LIST 166
#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
#define SSL_F_SSL_CTX_NEW 169
#define SSL_F_SSL_CREATE_CIPHER_LIST 166
#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
#define SSL_F_SSL_CTX_NEW 169
+#define SSL_F_SSL_CTX_SET_PURPOSE 226
#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
#define SSL_F_SSL_CTX_SET_SSL_VERSION 170
#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
#define SSL_F_SSL_CTX_SET_SSL_VERSION 170
+#define SSL_F_SSL_CTX_SET_TRUST 229
#define SSL_F_SSL_CTX_USE_CERTIFICATE 171
#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172
#define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220
#define SSL_F_SSL_CTX_USE_CERTIFICATE 171
#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172
#define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220
@@
-1254,9
+1272,11
@@
int SSL_COMP_add_compression_method(int id,char *cm);
#define SSL_F_SSL_SET_CERT 191
#define SSL_F_SSL_SET_FD 192
#define SSL_F_SSL_SET_PKEY 193
#define SSL_F_SSL_SET_CERT 191
#define SSL_F_SSL_SET_FD 192
#define SSL_F_SSL_SET_PKEY 193
+#define SSL_F_SSL_SET_PURPOSE 227
#define SSL_F_SSL_SET_RFD 194
#define SSL_F_SSL_SET_SESSION 195
#define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
#define SSL_F_SSL_SET_RFD 194
#define SSL_F_SSL_SET_SESSION 195
#define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
+#define SSL_F_SSL_SET_TRUST 228
#define SSL_F_SSL_SET_WFD 196
#define SSL_F_SSL_SHUTDOWN 224
#define SSL_F_SSL_UNDEFINED_FUNCTION 197
#define SSL_F_SSL_SET_WFD 196
#define SSL_F_SSL_SHUTDOWN 224
#define SSL_F_SSL_UNDEFINED_FUNCTION 197
@@
-1338,6
+1358,8
@@
int SSL_COMP_add_compression_method(int id,char *cm);
#define SSL_R_HTTP_REQUEST 156
#define SSL_R_INTERNAL_ERROR 157
#define SSL_R_INVALID_CHALLENGE_LENGTH 158
#define SSL_R_HTTP_REQUEST 156
#define SSL_R_INTERNAL_ERROR 157
#define SSL_R_INVALID_CHALLENGE_LENGTH 158
+#define SSL_R_INVALID_PURPOSE 278
+#define SSL_R_INVALID_TRUST 279
#define SSL_R_LENGTH_MISMATCH 159
#define SSL_R_LENGTH_TOO_SHORT 160
#define SSL_R_LIBRARY_BUG 274
#define SSL_R_LENGTH_MISMATCH 159
#define SSL_R_LENGTH_TOO_SHORT 160
#define SSL_R_LIBRARY_BUG 274