projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Process signature algorithms before deciding on certificate.
[openssl.git] / ssl / ssl_locl.h
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 6d8047c91cf72b8396c8d645de95d75eae558a5c..3973fafdc76d56677230ea110a45c84d75a7cb86 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -292,10 +292,12 @@
 #define SSL_kDHr               0x00000002L /* DH cert, RSA CA cert */
 #define SSL_kDHd               0x00000004L /* DH cert, DSA CA cert */
 #define SSL_kEDH               0x00000008L /* tmp DH key no DH cert */
+#define SSL_kDHE               SSL_kEDH /* forward-compatible synonym */
 #define SSL_kKRB5              0x00000010L /* Kerberos5 key exchange */
 #define SSL_kECDHr             0x00000020L /* ECDH cert, RSA CA cert */
 #define SSL_kECDHe             0x00000040L /* ECDH cert, ECDSA CA cert */
 #define SSL_kEECDH             0x00000080L /* ephemeral ECDH */
+#define SSL_kECDHE             SSL_kEECDH /* forward-compatible synonym */
 #define SSL_kPSK               0x00000100L /* PSK */
 #define SSL_kGOST       0x00000200L /* GOST key exchange */
 #define SSL_kSRP        0x00000400L /* SRP */
@@ -1310,6 +1312,7 @@ int tls1_shared_list(SSL *s,
 unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit, int *al);
 unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit, int *al);
 int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n);
+int tls1_set_server_sigalgs(SSL *s);
 int ssl_check_clienthello_tlsext_late(SSL *s);
 int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n);
 int ssl_prepare_clienthello_tlsext(SSL *s);
Unnamed repository; edit this file 'description' to name the repository.