Improve PRNG robustness.

[openssl.git] / ssl / ssl.h

diff --git a/ssl/ssl.h b/ssl/ssl.h
index be2e3c72f419fe24a292735bbb77262f3e6f08bb..f7c91b80e08bd2ff1fd292f165416555ec4df534 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -59,12 +59,12 @@
 #ifndef HEADER_SSL_H 
 #define HEADER_SSL_H 
 
+#include <openssl/safestack.h>
+
 #ifdef  __cplusplus
 extern "C" {
 #endif
 
-#include <openssl/safestack.h>
-
 /* SSLeay version number for ASN.1 encoding of the session information */
 /* Version 0 - initial version
  * Version 1 - added the optional peer certificate
@@ -140,6 +140,10 @@ extern "C" {
 #define SSL_SENT_SHUTDOWN      1
 #define SSL_RECEIVED_SHUTDOWN  2
 
+#ifdef __cplusplus
+}
+#endif
+
 #include <openssl/crypto.h>
 #include <openssl/lhash.h>
 #include <openssl/buffer.h>
@@ -147,6 +151,10 @@ extern "C" {
 #include <openssl/pem.h>
 #include <openssl/x509.h>
 
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
 #if (defined(NO_RSA) || defined(NO_MD5)) && !defined(NO_SSL2)
 #define NO_SSL2
 #endif
@@ -391,9 +399,8 @@ struct ssl_ctx_st
         * SSL_SESSION_free() when it has finished using it.  Otherwise,
         * on 0, it means the callback has finished with it.
         * If remove_session_cb is not null, it will be called when
-        * a session-id is removed from the cache.  Again, a return
-        * of 0 mens that SSLeay should not SSL_SESSION_free() since
-        * the application is doing something with it. */
+        * a session-id is removed from the cache.  After the call,
+        * OpenSSL will SSL_SESSION_free() it. */
        int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess);
        void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess);
        SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
@@ -472,6 +479,7 @@ struct ssl_ctx_st
  * defined, this will still get called. */
 #define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP      0x0100
 
+  struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx);
 #define SSL_CTX_sess_number(ctx) \
        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
 #define SSL_CTX_sess_connect(ctx) \
@@ -655,11 +663,19 @@ struct ssl_st
                                 * SSLv3/TLS rollback check */
        };
 
+#ifdef __cplusplus
+}
+#endif
+
 #include <openssl/ssl2.h>
 #include <openssl/ssl3.h>
 #include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
 #include <openssl/ssl23.h>
 
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
 /* compatibility */
 #define SSL_set_app_data(s,arg)                (SSL_set_ex_data(s,0,(char *)arg))
 #define SSL_get_app_data(s)            (SSL_get_ex_data(s,0))
@@ -1214,6 +1230,7 @@ int SSL_COMP_add_compression_method(int id,char *cm);
 #define SSL_F_SSL2_SET_CERTIFICATE                      126
 #define SSL_F_SSL2_WRITE                                127
 #define SSL_F_SSL3_ACCEPT                               128
+#define SSL_F_SSL3_CALLBACK_CTRL                        233
 #define SSL_F_SSL3_CHANGE_CIPHER_STATE                  129
 #define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM             130
 #define SSL_F_SSL3_CLIENT_HELLO                                 131