diff options
Diffstat (limited to 'ssl/tls1.h')
-rw-r--r-- | ssl/tls1.h | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/ssl/tls1.h b/ssl/tls1.h index e7eaa835db..4c8a5daa56 100644 --- a/ssl/tls1.h +++ b/ssl/tls1.h @@ -97,6 +97,53 @@ extern "C" { #define TLS1_AD_USER_CANCELLED 90 #define TLS1_AD_NO_RENEGOTIATION 100 +#ifndef OPENSSL_NO_TLSEXT +#define TLS1_AD_UNRECOGNIZED_NAME 122 + +#define TLSEXT_TYPE_server_name 0 +#define TLSEXT_TYPE_max_fragment_length 1 +#define TLSEXT_TYPE_client_certificate_url 2 +#define TLSEXT_TYPE_trusted_ca_keys 3 +#define TLSEXT_TYPE_truncated_hmac 4 +#define TLSEXT_TYPE_status_request 5 +#define TLSEXT_TYPE_srp 6 + +#define TLSEXT_TYPE_SERVER_host 0 + +#define SSL_CTX_set_tlsext_hostname(ctx,name) \ +SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_TYPE_SERVER_host,(char *)name) +#define SSL_set_tlsext_hostname(s,name) \ +SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_TYPE_SERVER_host,(char *)name) + +#define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \ +SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb) +#define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \ +SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg) + + +const char *SSL_get_servername(const SSL *s, const int type) ; +int SSL_get_servername_type(const SSL *s) ; + +#if 0 + #define SSL_get_tlsext_hostname(s,psn) \ + SSL_ctrl(s,SSL_CTRL_GET_TLSEXT_HOSTNAME,TLSEXT_TYPE_SERVER_host, (void *)psn) +#else + #define SSL_get_tlsext_hostname(s,psn) \ + (*psn = SSL_get_servername(s, TLSEXT_TYPE_SERVER_host),*psn != NULL) +#endif + #define SSL_set_tlsext_servername_done(s,t) \ + SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_SERVERNAME_DONE,t, NULL) + +void SSL_set_ctx(SSL *s, SSL_CTX *ctx) ; + +#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53 +#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54 +#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55 +#define SSL_CTRL_GET_TLSEXT_HOSTNAME 56 +#define SSL_CTRL_SET_TLSEXT_SERVERNAME_DONE 57 + +#endif + /* Additional TLS ciphersuites from expired Internet Draft * draft-ietf-tls-56-bit-ciphersuites-01.txt * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see |