#define SSL3_SESSION_ID_SIZE 32
#define SSL3_RT_HEADER_LENGTH 5
+#define SSL3_HM_HEADER_LENGTH 4
+
#ifndef SSL3_ALIGN_PAYLOAD
/* Some will argue that this increases memory footprint, but it's
* not actually true. Point is that malloc has to return at least
#define SSL3_RT_APPLICATION_DATA 23
#define TLS1_RT_HEARTBEAT 24
+/* Pseudo content types to indicate additional parameters */
+#define TLS1_RT_CRYPTO 0x1000
+#define TLS1_RT_CRYPTO_PREMASTER (TLS1_RT_CRYPTO | 0x1)
+#define TLS1_RT_CRYPTO_CLIENT_RANDOM (TLS1_RT_CRYPTO | 0x2)
+#define TLS1_RT_CRYPTO_SERVER_RANDOM (TLS1_RT_CRYPTO | 0x3)
+#define TLS1_RT_CRYPTO_MASTER (TLS1_RT_CRYPTO | 0x4)
+
+#define TLS1_RT_CRYPTO_READ 0x0000
+#define TLS1_RT_CRYPTO_WRITE 0x0100
+#define TLS1_RT_CRYPTO_MAC (TLS1_RT_CRYPTO | 0x5)
+#define TLS1_RT_CRYPTO_KEY (TLS1_RT_CRYPTO | 0x6)
+#define TLS1_RT_CRYPTO_IV (TLS1_RT_CRYPTO | 0x7)
+#define TLS1_RT_CRYPTO_FIXED_IV (TLS1_RT_CRYPTO | 0x8)
+
+/* Pseudo content type for SSL/TLS header info */
+#define SSL3_RT_HEADER 0x100
+
#define SSL3_AL_WARNING 1
#define SSL3_AL_FATAL 2
{
/*r */ int type; /* type of record */
/*rw*/ unsigned int length; /* How many bytes available */
+/*rw*/ unsigned int orig_len; /* How many bytes were available before padding
+ was removed? This is used to implement the
+ MAC check in constant time for CBC records.
+ */
/*r */ unsigned int off; /* read/write offset into 'buf' */
/*rw*/ unsigned char *data; /* pointer to the record data */
/*rw*/ unsigned char *input; /* where the decode bytes are */
int send_connection_binding; /* TODOEKR */
#ifndef OPENSSL_NO_NEXTPROTONEG
- /* Set if we saw the Next Protocol Negotiation extension from
- our peer. */
+ /* Set if we saw the Next Protocol Negotiation extension from our peer. */
int next_proto_neg_seen;
#endif