From c2b78c31d631f45cd43c2d04c5ae490b8e9f21ab Mon Sep 17 00:00:00 2001
From: Ben Laurie <ben@openssl.org>
Date: Sun, 8 Nov 2009 14:51:54 +0000
Subject: First cut of renegotiation extension.

---
 ssl/ssl3.h | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'ssl/ssl3.h')

diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index 4b1e2e9834..b44498c394 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -440,6 +440,12 @@ typedef struct ssl3_state_st
 		int cert_request;
 		} tmp;
 
+        /* Connection binding to prevent renegotiation attacks */
+        unsigned char previous_client_finished[EVP_MAX_MD_SIZE];
+        unsigned char previous_client_finished_len;
+        unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
+        unsigned char previous_server_finished_len;
+        int send_connection_binding; /* TODOEKR */
 	} SSL3_STATE;
 
 
-- 
cgit v1.2.3