First cut of renegotiation extension.

author: Ben Laurie <ben@openssl.org> 2009-11-08 14:51:54 +0000
committer: Ben Laurie <ben@openssl.org> 2009-11-08 14:51:54 +0000
commit: c2b78c31d631f45cd43c2d04c5ae490b8e9f21ab (patch)
tree: 1afd09479b364bf9787bc4c55f065360092b97b0 /ssl/ssl3.h
parent: a1dc0336dd482d0ce0e81d7847365de399899d5f (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index 4b1e2e9834..b44498c394 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -440,6 +440,12 @@ typedef struct ssl3_state_st
 		int cert_request;
 		} tmp;
 
+        /* Connection binding to prevent renegotiation attacks */
+        unsigned char previous_client_finished[EVP_MAX_MD_SIZE];
+        unsigned char previous_client_finished_len;
+        unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
+        unsigned char previous_server_finished_len;
+        int send_connection_binding; /* TODOEKR */
 	} SSL3_STATE;
author	Ben Laurie <ben@openssl.org>	2009-11-08 14:51:54 +0000
committer	Ben Laurie <ben@openssl.org>	2009-11-08 14:51:54 +0000
commit	c2b78c31d631f45cd43c2d04c5ae490b8e9f21ab (patch)
tree	1afd09479b364bf9787bc4c55f065360092b97b0 /ssl/ssl3.h
parent	a1dc0336dd482d0ce0e81d7847365de399899d5f (diff)