SSL export fixes (from Adam Langley).

author: Ben Laurie <ben@openssl.org> 2011-12-13 14:25:11 +0000
committer: Ben Laurie <ben@openssl.org> 2011-12-13 14:25:11 +0000
commit: e87afb15187b7bb3d5ad8dda0538412b75201c95 (patch)
tree: 4f9ad64a4d29060a143511c27adde121f2b22ff4 /ssl/tls1.h
parent: 7b467c6b81bc23022470bbfa2771875c86ebaf6a (diff)
1 files changed, 10 insertions, 2 deletions
diff --git a/ssl/tls1.h b/ssl/tls1.h
index f121e04271..a3a4d5d57f 100644
--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@@ -262,8 +262,16 @@ extern "C" {
 
 const char *SSL_get_servername(const SSL *s, const int type);
 int SSL_get_servername_type(const SSL *s);
-int SSL_export_keying_material(SSL *s, unsigned char *out, int olen, 
-        char *label, int llen, unsigned char *p, int plen, int use_context);
+/* SSL_export_keying_material exports a value derived from the master secret,
+ * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
+ * optional context. (Since a zero length context is allowed, the |use_context|
+ * flag controls whether a context is included.)
+ *
+ * It returns 1 on success and zero otherwise.
+ */
+int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+	const char *label, size_t llen, const unsigned char *p, size_t plen,
+	int use_context);
 
 #define SSL_set_tlsext_host_name(s,name) \
 SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
author	Ben Laurie <ben@openssl.org>	2011-12-13 14:25:11 +0000
committer	Ben Laurie <ben@openssl.org>	2011-12-13 14:25:11 +0000
commit	e87afb15187b7bb3d5ad8dda0538412b75201c95 (patch)
tree	4f9ad64a4d29060a143511c27adde121f2b22ff4 /ssl/tls1.h
parent	7b467c6b81bc23022470bbfa2771875c86ebaf6a (diff)