Use separate arrays for certificate verify and for finished hashes.

[openssl.git] / ssl / ssl_locl.h

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index fc2a5a1797a2c7c38b481d520a7ead2045ddaedf..b8f43c20e0ecd5240eb98d00d6599b444386804b 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -63,11 +63,7 @@
 #include <string.h>
 #include <errno.h>
 
-#ifndef FLAT_INC
-# include "../e_os.h"
-#else
-# include "e_os.h"
-#endif
+#include "openssl/e_os.h"
 
 #include <openssl/buffer.h>
 #include <openssl/comp.h>
@@ -268,11 +264,11 @@ typedef struct cert_st
        unsigned long export_mask;
 #ifndef NO_RSA
        RSA *rsa_tmp;
-       RSA *(*rsa_tmp_cb)(SSL *ssl,int export,int keysize);
+       RSA *(*rsa_tmp_cb)(SSL *ssl,int is_export,int keysize);
 #endif
 #ifndef NO_DH
        DH *dh_tmp;
-       DH *(*dh_tmp_cb)(SSL *ssl,int export,int keysize);
+       DH *(*dh_tmp_cb)(SSL *ssl,int is_export,int keysize);
 #endif
 
        CERT_PKEY pkeys[SSL_PKEY_NUM];
@@ -326,19 +322,19 @@ typedef struct sess_cert_st
  * an opaque strucute :-) */
 typedef struct ssl3_enc_method
        {
-       int (*enc)();
-       int (*mac)();
-       int (*setup_key_block)();
-       int (*generate_master_secret)();
-       int (*change_cipher_state)();
-       int (*final_finish_mac)();
+       int (*enc)(SSL *, int);
+       int (*mac)(SSL *, unsigned char *, int);
+       int (*setup_key_block)(SSL *);
+       int (*generate_master_secret)(SSL *, unsigned char *, unsigned char *, int);
+       int (*change_cipher_state)(SSL *, int);
+       int (*final_finish_mac)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char *, int, unsigned char *);
        int finish_mac_length;
-       int (*cert_verify_mac)();
-       unsigned char client_finished[20];
-       int client_finished_len;
-       unsigned char server_finished[20];
-       int server_finished_len;
-       int (*alert_value)();
+       int (*cert_verify_mac)(SSL *, EVP_MD_CTX *, unsigned char *);
+       const char *client_finished_label;
+       int client_finished_label_len;
+       const char *server_finished_label;
+       int server_finished_label_len;
+       int (*alert_value)(int);
        } SSL3_ENC_METHOD;
 
 /* Used for holding the relevant compression methods loaded into SSL_CTX */
@@ -437,7 +433,7 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out,
        unsigned char *p, int len);
 int ssl3_get_req_cert_type(SSL *s,unsigned char *p);
 long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
-int ssl3_send_finished(SSL *s, int a, int b, unsigned char *sender,int slen);
+int ssl3_send_finished(SSL *s, int a, int b, const char *sender,int slen);
 int ssl3_num_ciphers(void);
 SSL_CIPHER *ssl3_get_cipher(unsigned int u);
 int ssl3_renegotiate(SSL *ssl); 
@@ -446,8 +442,8 @@ int ssl3_dispatch_alert(SSL *s);
 int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len);
 int ssl3_part_read(SSL *s, int i);
 int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
-int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1,EVP_MD_CTX *ctx2,
-       unsigned char *sender, int slen,unsigned char *p);
+int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2,
+       const char *sender, int slen,unsigned char *p);
 int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
 void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
 int ssl3_enc(SSL *s, int send_data);
@@ -487,7 +483,7 @@ int tls1_change_cipher_state(SSL *s, int which);
 int tls1_setup_key_block(SSL *s);
 int tls1_enc(SSL *s, int snd);
 int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
-       unsigned char *str, int slen, unsigned char *p);
+       const char *str, int slen, unsigned char *p);
 int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
 int tls1_mac(SSL *ssl, unsigned char *md, int snd);
 int tls1_generate_master_secret(SSL *s, unsigned char *out,