diff options
author | Pauli <paul.dale@oracle.com> | 2020-01-24 10:41:38 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2020-01-29 19:49:23 +1000 |
commit | a76ce2862bc6ae2cf8a749c8747d371041fc42d1 (patch) | |
tree | 12e6a55ce92a10ffee3cc66b5b8b99b40638dacb /include | |
parent | dbde4726889a19af0a718fe9c5542f39c81acbd3 (diff) |
TLS: use EVP for HMAC throughout libssl.
Backwards compatibility with the old ticket key call back is maintained.
This will be removed when the low level HMAC APIs are finally removed.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10836)
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/ssl.h | 4 | ||||
-rw-r--r-- | include/openssl/tls1.h | 7 |
2 files changed, 9 insertions, 2 deletions
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 3b52f86412..c1b6b8e5dc 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1269,7 +1269,9 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) # define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69 # define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70 # define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71 -# define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72 +# ifndef OPENSSL_NO_DEPRECATED_3_0 +# define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72 +# endif # define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75 # define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76 # define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77 diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h index 9a1683e0fd..9181e0d2c1 100644 --- a/include/openssl/tls1.h +++ b/include/openssl/tls1.h @@ -327,9 +327,14 @@ __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain) # define SSL_CTX_get_tlsext_status_type(ssl) \ SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,0,NULL) -# define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \ +# ifndef OPENSSL_NO_DEPRECATED_3_0 +# define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,\ (void (*)(void))cb) +# endif +int SSL_CTX_set_tlsext_ticket_key_evp_cb + (SSL_CTX *ctx, int (*fp)(SSL *, unsigned char *, unsigned char *, + EVP_CIPHER_CTX *, EVP_MAC_CTX *, int)); /* PSK ciphersuites from 4279 */ # define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A |