diff options
| author | Bodo Möller <bodo@openssl.org> | 2006-01-02 23:14:37 +0000 |
|---|---|---|
| committer | Bodo Möller <bodo@openssl.org> | 2006-01-02 23:14:37 +0000 |
| commit | ed3883d21bb4ddfc21ec9d154e14e84c85db164d (patch) | |
| tree | 90b41ebd80a9ddc73886c2f9d3ff427d48508f21 /ssl/ssl.h | |
| parent | ea558241e08c575cfea49732b19eaf14bae9e672 (diff) | |
Support TLS extensions (specifically, HostName)
Submitted by: Peter Sylvester
Diffstat (limited to 'ssl/ssl.h')
| -rw-r--r-- | ssl/ssl.h | 32 |
1 files changed, 32 insertions, 0 deletions
@@ -172,6 +172,11 @@ #include <openssl/e_os2.h> +#ifdef OPENSSL_NO_TLS1 +# ifndef OPENSSL_NO_TLSEXT +# define OPENSSL_NO_TLSEXT +# endif +#endif #ifndef OPENSSL_NO_COMP #include <openssl/comp.h> #endif @@ -439,6 +444,9 @@ typedef struct ssl_session_st unsigned int krb5_client_princ_len; unsigned char krb5_client_princ[SSL_MAX_KRB5_PRINCIPAL_LENGTH]; #endif /* OPENSSL_NO_KRB5 */ +#ifndef OPENSSL_NO_TLSEXT + char *tlsext_hostname; +#endif int not_resumable; @@ -755,6 +763,13 @@ struct ssl_ctx_st * padding and MAC overheads. */ unsigned int max_send_fragment; + +#ifndef OPENSSL_NO_TLSEXT + /* TLS extensions servername callback */ + int (*tlsext_servername_callback)(SSL*, int *, void *); + void *tlsext_servername_arg; +#endif + }; #define SSL_SESS_CACHE_OFF 0x0000 @@ -977,6 +992,14 @@ struct ssl_st int client_version; /* what was passed, used for * SSLv3/TLS rollback check */ unsigned int max_send_fragment; +#ifndef OPENSSL_NO_TLSEXT + char *tlsext_hostname; + int servername_done; /* no further mod of servername + 0 : call the servername extension callback. + 1 : prepare 2, allow last ack just after in server callback. + 2 : don't call servername callback, no ack in server hello + */ +#endif }; #ifdef __cplusplus @@ -1122,6 +1145,9 @@ size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count); #define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */ #define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED #define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION +#ifndef OPENSSL_NO_TLSEXT +#define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME +#endif #define SSL_ERROR_NONE 0 #define SSL_ERROR_SSL 1 @@ -1454,6 +1480,7 @@ int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, SSL_SESSION *SSL_get_session(const SSL *ssl); SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */ SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl); +SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx); void SSL_set_info_callback(SSL *ssl, void (*cb)(const SSL *ssl,int type,int val)); void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl,int type,int val); @@ -1777,6 +1804,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_CIPHER_CODE_WRONG_LENGTH 137 #define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138 #define SSL_R_CIPHER_TABLE_SRC_ERROR 139 +#define SSL_R_CLIENTHELLO_TLS_EXT 2003 #define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140 #define SSL_R_COMPRESSION_FAILURE 141 #define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 1120 @@ -1861,6 +1889,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_NULL_SSL_METHOD_PASSED 196 #define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197 #define SSL_R_PACKET_LENGTH_TOO_LONG 198 +#define SSL_R_PARSE_TLS_EXT 2004 #define SSL_R_PATH_TOO_LONG 270 #define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199 #define SSL_R_PEER_ERROR 200 @@ -1884,11 +1913,14 @@ void ERR_load_SSL_strings(void); #define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216 #define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217 #define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218 +#define SSL_R_SERVERHELLO_TLS_EXT 2005 #define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277 #define SSL_R_SHORT_READ 219 #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 #define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 #define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 1114 +#define SSL_R_SSL3_EXT_INVALID_SERVERNAME 2006 +#define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 2007 #define SSL_R_SSL3_SESSION_ID_TOO_LONG 1113 #define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 |