projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add support for automatic ECDH temporary key parameter selection. When
[openssl.git] / ssl / ssl_locl.h
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index ad5dc7104937299fee9678faff006b8e863356c4..32f1a6108a3b4c6f341d903006670a52bce126fe 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -502,6 +502,8 @@ typedef struct cert_st
        EC_KEY *ecdh_tmp;
        /* Callback for generating ephemeral ECDH keys */
        EC_KEY *(*ecdh_tmp_cb)(SSL *ssl,int is_export,int keysize);
+       /* Select ECDH parameters automatically */
+       int ecdh_tmp_auto;
 #endif
 
        CERT_PKEY pkeys[SSL_PKEY_NUM];
@@ -988,6 +990,7 @@ void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
 void dtls1_reset_seq_numbers(SSL *s, int rw);
 long dtls1_default_timeout(void);
 struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft);
+int dtls1_check_timeout_num(SSL *s);
 int dtls1_handle_timeout(SSL *s);
 const SSL_CIPHER *dtls1_get_cipher(unsigned int u);
 void dtls1_start_timer(SSL *s);
@@ -1101,9 +1104,20 @@ SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
 #ifndef OPENSSL_NO_EC
 int tls1_ec_curve_id2nid(int curve_id);
 int tls1_ec_nid2curve_id(int nid);
+int tls1_shared_curve(SSL *s, int nmatch);
+int tls1_set_curves(unsigned char **pext, size_t *pextlen,
+                       int *curves, size_t ncurves);
+int tls1_set_curves_list(unsigned char **pext, size_t *pextlen, 
+                               const char *str);
+int tls1_check_ec_server_key(SSL *s);
+int tls1_check_ec_tmp_key(SSL *s);
 #endif /* OPENSSL_NO_EC */
 
 #ifndef OPENSSL_NO_TLSEXT
+int tls1_shared_list(SSL *s,
+                       const unsigned char *l1, size_t l1len,
+                       const unsigned char *l2, size_t l2len,
+                       int nmatch);
 unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit); 
 unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit); 
 int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al);
Unnamed repository; edit this file 'description' to name the repository.