DANE support structures, constructructors and accessors

Also tweak some of the code in demos/bio, to enable interactive testing of BIO_s_accept's use of SSL_dup. Changed the sconnect client to authenticate the server, which now exercises the new SSL_set1_host() function. Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Viktor Dukhovni <openssl-users@dukhovni.org> 2015-12-29 13:28:28 -0500
committer: Viktor Dukhovni <openssl-users@dukhovni.org> 2016-01-05 19:31:49 -0500
commit: 919ba009429b3617e975933f37a23be996a33b8d (patch)
tree: ffe91f4f27fd4d8b3d3401f1e860212f15c8b993 /ssl/ssl_locl.h
parent: e29c73c93b88a4b7f492c7c8c7343223e7548612 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 7e07297f2f..fee7fa6f15 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -169,6 +169,7 @@
 #include "record/record.h"
 #include "statem/statem.h"
 #include "packet_locl.h"
+#include "internal/dane.h"
 
 # ifdef OPENSSL_BUILD_SHLIBSSL
 #  undef OPENSSL_EXTERN
@@ -925,6 +926,9 @@ struct ssl_ctx_st {
     unsigned char *alpn_client_proto_list;
     unsigned alpn_client_proto_list_len;
 
+    /* Shared DANE context */
+    struct dane_ctx_st dane;
+
     /* SRTP profiles we are willing to do from RFC 5764 */
     STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
     /*
@@ -1007,6 +1011,10 @@ struct ssl_st {
     void *msg_callback_arg;
     int hit;                    /* reusing a previous session */
     X509_VERIFY_PARAM *param;
+
+    /* Per connection DANE state */
+    struct dane_st dane;
+
     /* crypto */
     STACK_OF(SSL_CIPHER) *cipher_list;
     STACK_OF(SSL_CIPHER) *cipher_list_by_id;
author	Viktor Dukhovni <openssl-users@dukhovni.org>	2015-12-29 13:28:28 -0500
committer	Viktor Dukhovni <openssl-users@dukhovni.org>	2016-01-05 19:31:49 -0500
commit	919ba009429b3617e975933f37a23be996a33b8d (patch)
tree	ffe91f4f27fd4d8b3d3401f1e860212f15c8b993 /ssl/ssl_locl.h
parent	e29c73c93b88a4b7f492c7c8c7343223e7548612 (diff)