From 74096890ba076de838c858f6beeda778480ef824 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Wed, 11 May 2011 12:56:38 +0000
Subject: Initial "opaque SSL" framework. If an application defines
 OPENSSL_NO_SSL_INTERN all ssl related structures are opaque and internals
 cannot be directly accessed. Many applications will need some modification to
 support this and most likely some additional functions added to OpenSSL.

The advantage of this option is that any application supporting it will still
be binary compatible if SSL structures change.

(backport from HEAD).
---
 ssl/ssl3.h | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'ssl/ssl3.h')

diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index 8bfa58806e..ae299cf1a8 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -339,6 +339,8 @@ extern "C" {
 #define SSL3_AD_CERTIFICATE_UNKNOWN	46
 #define SSL3_AD_ILLEGAL_PARAMETER	47	/* fatal */
 
+#ifndef OPENSSL_NO_SSL_INTERN
+
 typedef struct ssl3_record_st
 	{
 /*r */	int type;               /* type of record */
@@ -360,6 +362,8 @@ typedef struct ssl3_buffer_st
 	int left;               /* how many bytes left */
 	} SSL3_BUFFER;
 
+#endif
+
 #define SSL3_CT_RSA_SIGN			1
 #define SSL3_CT_DSS_SIGN			2
 #define SSL3_CT_RSA_FIXED_DH			3
@@ -380,6 +384,8 @@ typedef struct ssl3_buffer_st
 #define TLS1_FLAGS_TLS_PADDING_BUG		0x0008
 #define TLS1_FLAGS_SKIP_CERT_VERIFY		0x0010
 
+#ifndef OPENSSL_NO_SSL_INTERN
+
 typedef struct ssl3_state_st
 	{
 	long flags;
@@ -514,6 +520,7 @@ typedef struct ssl3_state_st
         int send_connection_binding; /* TODOEKR */
 	} SSL3_STATE;
 
+#endif
 
 /* SSLv3 */
 /*client */
-- 
cgit v1.2.3