Dual DTLS version methods.

[openssl.git] / ssl / ssl3.h

diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index e41f2888713d865fa1606daca752e2df88ba3c3c..d8ed725d2d7971d0938b1063701407474457560a 100644 (file)
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -251,6 +251,8 @@ extern "C" {
 #define SSL3_SESSION_ID_SIZE                   32
 #define SSL3_RT_HEADER_LENGTH                  5
 
+#define SSL3_HM_HEADER_LENGTH                  4
+
 #ifndef SSL3_ALIGN_PAYLOAD
  /* Some will argue that this increases memory footprint, but it's
   * not actually true. Point is that malloc has to return at least
@@ -366,16 +368,16 @@ typedef struct ssl3_record_st
        {
 /*r */ int type;               /* type of record */
 /*rw*/ unsigned int length;    /* How many bytes available */
+/*rw*/ unsigned int orig_len;  /* How many bytes were available before padding
+                                  was removed? This is used to implement the
+                                  MAC check in constant time for CBC records.
+                                */
 /*r */ unsigned int off;       /* read/write offset into 'buf' */
 /*rw*/ unsigned char *data;    /* pointer to the record data */
 /*rw*/ unsigned char *input;   /* where the decode bytes are */
 /*r */ unsigned char *comp;    /* only used with decompression - malloc()ed */
 /*r */  unsigned long epoch;    /* epoch number, needed by DTLS1 */
 /*r */  unsigned char seq_num[8]; /* sequence number, needed by DTLS1 */
-/*rw*/ unsigned int orig_len;  /* How many bytes were available before padding
-                                  was removed? This is used to implement the
-                                  MAC check in constant time for CBC records.
-                                */
        } SSL3_RECORD;
 
 typedef struct ssl3_buffer_st