~ubuntu-branches/ubuntu/dapper/psi/dapper

« back to all changes in this revision

Viewing changes to src/openssl/ssl.h

Committer: Bazaar Package Importer
Author(s): Jan Niehusmann
Date: 2002-04-19 02:28:44 UTC
Revision ID: james.westby@ubuntu.com-20020419022844-za7xgai5qyfd9xv6

Tags: upstream-0.8.5

Import upstream version 0.8.5

files added:

COPYING

INSTALL

README

iconsets

iconsets/cosmic

iconsets/cosmic/add.png

iconsets/cosmic/away.png

iconsets/cosmic/changeacc.png

iconsets/cosmic/chat.png

iconsets/cosmic/desc

iconsets/cosmic/dnd.png

iconsets/cosmic/groupclose.png

iconsets/cosmic/groupempty.png

iconsets/cosmic/groupopen.png

iconsets/cosmic/headline.png

iconsets/cosmic/history.png

iconsets/cosmic/info.png

iconsets/cosmic/message.png

iconsets/cosmic/offline.png

iconsets/cosmic/online.png

iconsets/cosmic/remove.png

iconsets/cosmic/send.png

iconsets/cosmic/system.png

iconsets/cosmic/url.png

iconsets/cosmic/xa.png

iconsets/gabber

iconsets/gabber/away.png

iconsets/gabber/chat.png

iconsets/gabber/desc

iconsets/gabber/dnd.png

iconsets/gabber/message.png

iconsets/gabber/offline.png

iconsets/gabber/online.png

iconsets/gabber/xa.png

iconsets/icq2

iconsets/icq2/away.png

iconsets/icq2/chat.png

iconsets/icq2/desc

iconsets/icq2/dnd.png

iconsets/icq2/message.png

iconsets/icq2/offline.png

iconsets/icq2/online.png

iconsets/icq2/send.png

iconsets/icq2/xa.png

iconsets/licq

iconsets/licq/add.png

iconsets/licq/away.png

iconsets/licq/chat.png

iconsets/licq/desc

iconsets/licq/dnd.png

iconsets/licq/message.png

iconsets/licq/offline.png

iconsets/licq/online.png

iconsets/licq/send.png

iconsets/licq/xa.png

iconsets/lightbulb

iconsets/lightbulb/away.png

iconsets/lightbulb/chat.png

iconsets/lightbulb/desc

iconsets/lightbulb/dnd.png

iconsets/lightbulb/groupclose.png

iconsets/lightbulb/groupempty.png

iconsets/lightbulb/groupopen.png

iconsets/lightbulb/message.png

iconsets/lightbulb/offline.png

iconsets/lightbulb/online.png

iconsets/lightbulb/system.png

iconsets/lightbulb/xa.png

iconsets/mike

iconsets/mike/away.png

iconsets/mike/chat.png

iconsets/mike/desc

iconsets/mike/dnd.png

iconsets/mike/message.png

iconsets/mike/offline.png

iconsets/mike/online.png

iconsets/mike/send.png

iconsets/mike/xa.png

iconsets/smiley

iconsets/smiley/away.png

iconsets/smiley/chat.png

iconsets/smiley/desc

iconsets/smiley/dnd.png

iconsets/smiley/message.png

iconsets/smiley/offline.png

iconsets/smiley/online.png

iconsets/smiley/send.png

iconsets/smiley/xa.png

iconsets/stellar

iconsets/stellar/add.png

iconsets/stellar/away.png

iconsets/stellar/changeacc.png

iconsets/stellar/chat.png

iconsets/stellar/desc

iconsets/stellar/dnd.png

iconsets/stellar/groupclose.png

iconsets/stellar/groupempty.png

iconsets/stellar/groupopen.png

iconsets/stellar/headline.png

iconsets/stellar/history.png

iconsets/stellar/info.png

iconsets/stellar/message.png

iconsets/stellar/offline.png

iconsets/stellar/online.png

iconsets/stellar/remove.png

iconsets/stellar/send.png

iconsets/stellar/system.png

iconsets/stellar/url.png

iconsets/stellar/xa.png

image

image/account.png

image/aim_away.png

image/aim_dnd.png

image/aim_offline.png

image/aim_online.png

image/aim_xa.png

image/chatclear.png

image/chatsend.png

image/ft_back.png

image/ft_file.png

image/ft_folder.png

image/icon_16.png

image/icon_32.png

image/icon_48.png

image/icon_mac.png

image/icq_away.png

image/icq_dnd.png

image/icq_offline.png

image/icq_online.png

image/icq_xa.png

image/msn_away.png

image/msn_dnd.png

image/msn_offline.png

image/msn_online.png

image/msn_xa.png

image/psilogo.png

image/psimain.png

image/psiwmdock1.png

image/ssl_no.png

image/ssl_yes.png

image/trans_away.png

image/trans_dnd.png

image/trans_offline.png

image/trans_online.png

image/trans_xa.png

image/yahoo_away.png

image/yahoo_dnd.png

image/yahoo_offline.png

image/yahoo_online.png

image/yahoo_xa.png

install.sh

sound

sound/chat1.wav

sound/chat2.wav

sound/offline.wav

sound/online.wav

sound/send.wav

src/accountdlg.cpp

src/accountdlg.h

src/adduserdlg.cpp

src/adduserdlg.h

src/anim.cpp

src/anim.h

src/browsedb.cpp

src/browsedb.h

src/busywidget.cpp

src/busywidget.h

src/chatdlg.cpp

src/chatdlg.h

src/common.cpp

src/common.h

src/contactview.cpp

src/contactview.h

src/eventdlg.cpp

src/eventdlg.h

src/filetrans.cpp

src/filetrans.h

src/historydlg.cpp

src/historydlg.h

src/idle.cpp

src/idle.h

src/info.cpp

src/info.h

src/infodlg.cpp

src/infodlg.h

src/jabber.cpp

src/jabber.h

src/jabcommon.cpp

src/jabcommon.h

src/jabcon.cpp

src/jabcon.h

src/jabio.cpp

src/jabio.h

src/jabsess.cpp

src/jabsess.h

src/jabstream.cpp

src/jabstream.h

src/jabtasks.cpp

src/jabtasks.h

src/logwindow.cpp

src/logwindow.h

src/main.cpp

src/main.h

src/mainwin.cpp

src/mainwin.h

src/message.cpp

src/message.h

src/msgmle.cpp

src/msgmle.h

src/offermaindlg.cpp

src/offermaindlg.h

src/openssl

src/openssl/README

src/openssl/asn1.h

src/openssl/asn1_mac.h

src/openssl/bio.h

src/openssl/blowfish.h

src/openssl/bn.h

src/openssl/buffer.h

src/openssl/cast.h

src/openssl/comp.h

src/openssl/conf.h

src/openssl/conf_api.h

src/openssl/crypto.h

src/openssl/des.h

src/openssl/dh.h

src/openssl/dsa.h

src/openssl/dso.h

src/openssl/e_os.h

src/openssl/e_os2.h

src/openssl/ebcdic.h

src/openssl/engine.h

src/openssl/err.h

src/openssl/evp.h

src/openssl/fix.sh

src/openssl/hmac.h

src/openssl/lhash.h

src/openssl/md2.h

src/openssl/md4.h

src/openssl/md5.h

src/openssl/mdc2.h

src/openssl/obj_mac.h

src/openssl/objects.h

src/openssl/opensslconf.h

src/openssl/opensslv.h

src/openssl/pem.h

src/openssl/pem2.h

src/openssl/pkcs12.h

src/openssl/pkcs7.h

src/openssl/rand.h

src/openssl/rc2.h

src/openssl/rc4.h

src/openssl/ripemd.h

src/openssl/rsa.h

src/openssl/safestack.h

src/openssl/sha.h

src/openssl/ssl.h

src/openssl/ssl2.h

src/openssl/ssl23.h

src/openssl/ssl3.h

src/openssl/stack.h

src/openssl/symhacks.h

src/openssl/tls1.h

src/openssl/tmdiff.h

src/openssl/txt_db.h

src/openssl/x509.h

src/openssl/x509_vfy.h

src/openssl/x509v3.h

src/optionsdlg.cpp

src/optionsdlg.h

src/profiledlg.cpp

src/profiledlg.h

src/profiles.cpp

src/profiles.h

src/psi.pro

src/searchdlg.cpp

src/searchdlg.h

src/servicesdlg.cpp

src/servicesdlg.h

src/showtextdlg.cpp

src/showtextdlg.h

src/sslfilter.cpp

src/sslfilter.h

src/statusdlg.cpp

src/statusdlg.h

src/trayicon.cpp

src/trayicon.h

src/trayicon_mac.cpp

src/trayicon_win.cpp

src/trayicon_x11.cpp

src/ui_accountmanage.ui

src/ui_accountmodify.ui

src/ui_adduser.ui

src/ui_info.ui

src/ui_offermain.ui

src/ui_options.ui

src/ui_profilemanage.ui

src/ui_profilenew.ui

src/ui_profileopen.ui

src/ui_search.ui

src/ui_services.ui

src/uniquewindow.cpp

src/uniquewindow.h

src/userlist.cpp

src/userlist.h

src/varlist.cpp

src/varlist.h

src/win32

src/win32/app16.ico

src/win32/app32.ico

src/win32/app48.ico

src/win32/idleui.cpp

src/win32/idleui.def

src/win32/idleui.dll

src/win32/idleui.h

src/win32/idleui.lib

src/win32/psi_win32.rc

src/win32/readme.txt

Show diffs side-by-side

added added

removed removed

src/openssl/ssl.h

/* ssl/ssl.h */

* This package is an SSL implementation written

* by Eric Young (eay@cryptsoft.com).

* The implementation was written so as to conform with Netscapes SSL.

* This library is free for commercial and non-commercial use as long as

* the following conditions are aheared to. The following conditions

* apply to all code found in this distribution, be it the RC4, RSA,

* lhash, DES, etc., code; not just the SSL code. The SSL documentation

* included with this distribution is covered by the same copyright terms

* except that the holder is Tim Hudson (tjh@cryptsoft.com).

* Copyright remains Eric Young's, and as such any Copyright notices in

* the code are not to be removed.

* If this package is used in a product, Eric Young should be given attribution

* as the author of the parts of the library used.

* This can be in the form of a textual message at program startup or

* in documentation (online or textual) provided with the package.

* Redistribution and use in source and binary forms, with or without

* modification, are permitted provided that the following conditions

* are met:

* 1. Redistributions of source code must retain the copyright

* notice, this list of conditions and the following disclaimer.

* 2. Redistributions in binary form must reproduce the above copyright

* notice, this list of conditions and the following disclaimer in the

* documentation and/or other materials provided with the distribution.

* 3. All advertising materials mentioning features or use of this software

* must display the following acknowledgement:

* "This product includes cryptographic software written by

* Eric Young (eay@cryptsoft.com)"

* The word 'cryptographic' can be left out if the rouines from the library

* being used are not cryptographic related :-).

* 4. If you include any Windows specific code (or a derivative thereof) from

* the apps directory (application code) you must include an acknowledgement:

* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

* SUCH DAMAGE.

* The licence and distribution terms for any publically available version or

* derivative of this code cannot be changed. i.e. this code cannot simply be

* copied and put under another distribution licence

* [including the GNU Public Licence.]

#ifndef HEADER_SSL_H

#define HEADER_SSL_H

#ifndef NO_COMP

#include "comp.h"

#endif

#ifndef NO_BIO

#include "bio.h"

#endif

#ifndef NO_X509

#include "x509.h"

#endif

#include "safestack.h"

#ifdef __cplusplus

extern "C" {

#endif

/* SSLeay version number for ASN.1 encoding of the session information */

/* Version 0 - initial version

* Version 1 - added the optional peer certificate

#define SSL_SESSION_ASN1_VERSION 0x0001

/* text strings for the ciphers */

#define SSL_TXT_NULL_WITH_MD5 SSL2_TXT_NULL_WITH_MD5

#define SSL_TXT_RC4_128_WITH_MD5 SSL2_TXT_RC4_128_WITH_MD5

#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5

#define SSL_TXT_RC2_128_CBC_WITH_MD5 SSL2_TXT_RC2_128_CBC_WITH_MD5

#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5

#define SSL_TXT_IDEA_128_CBC_WITH_MD5 SSL2_TXT_IDEA_128_CBC_WITH_MD5

#define SSL_TXT_DES_64_CBC_WITH_MD5 SSL2_TXT_DES_64_CBC_WITH_MD5

#define SSL_TXT_DES_64_CBC_WITH_SHA SSL2_TXT_DES_64_CBC_WITH_SHA

#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5

#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA

#define SSL_MAX_SSL_SESSION_ID_LENGTH 32

#define SSL_MAX_SID_CTX_LENGTH 32

#define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8)

#define SSL_MAX_KEY_ARG_LENGTH 8

100

#define SSL_MAX_MASTER_KEY_LENGTH 48

101

102

/* These are used to specify which ciphers to use and not to use */

103

#define SSL_TXT_LOW "LOW"

104

#define SSL_TXT_MEDIUM "MEDIUM"

105

#define SSL_TXT_HIGH "HIGH"

106

#define SSL_TXT_kFZA "kFZA"

107

#define SSL_TXT_aFZA "aFZA"

108

#define SSL_TXT_eFZA "eFZA"

109

#define SSL_TXT_FZA "FZA"

110

111

#define SSL_TXT_aNULL "aNULL"

112

#define SSL_TXT_eNULL "eNULL"

113

#define SSL_TXT_NULL "NULL"

114

115

#define SSL_TXT_kRSA "kRSA"

116

#define SSL_TXT_kDHr "kDHr"

117

#define SSL_TXT_kDHd "kDHd"

118

#define SSL_TXT_kEDH "kEDH"

119

#define SSL_TXT_aRSA "aRSA"

120

#define SSL_TXT_aDSS "aDSS"

121

#define SSL_TXT_aDH "aDH"

122

#define SSL_TXT_DSS "DSS"

123

#define SSL_TXT_DH "DH"

124

#define SSL_TXT_EDH "EDH"

125

#define SSL_TXT_ADH "ADH"

126

#define SSL_TXT_RSA "RSA"

127

#define SSL_TXT_DES "DES"

128

#define SSL_TXT_3DES "3DES"

129

#define SSL_TXT_RC4 "RC4"

130

#define SSL_TXT_RC2 "RC2"

131

#define SSL_TXT_IDEA "IDEA"

132

#define SSL_TXT_MD5 "MD5"

133

#define SSL_TXT_SHA1 "SHA1"

134

#define SSL_TXT_SHA "SHA"

135

#define SSL_TXT_EXP "EXP"

136

#define SSL_TXT_EXPORT "EXPORT"

137

#define SSL_TXT_EXP40 "EXPORT40"

138

#define SSL_TXT_EXP56 "EXPORT56"

139

#define SSL_TXT_SSLV2 "SSLv2"

140

#define SSL_TXT_SSLV3 "SSLv3"

141

#define SSL_TXT_TLSV1 "TLSv1"

142

#define SSL_TXT_ALL "ALL"

143

144

/* 'DEFAULT' at the start of the cipher list insert the following string

145

* in addition to this being the default cipher string */

146

#define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH"

147

148

/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */

149

#define SSL_SENT_SHUTDOWN 1

150

#define SSL_RECEIVED_SHUTDOWN 2

151

152

#ifdef __cplusplus

153

}

154

#endif

155

156

#include "crypto.h"

157

#include "lhash.h"

158

#include "buffer.h"

159

#include "bio.h"

160

#include "pem.h"

161

#include "x509.h"

162

163

#ifdef __cplusplus

164

extern "C" {

165

#endif

166

167

#if (defined(NO_RSA) || defined(NO_MD5)) && !defined(NO_SSL2)

168

#define NO_SSL2

169

#endif

170

171

#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1

172

#define SSL_FILETYPE_PEM X509_FILETYPE_PEM

173

174

/* This is needed to stop compilers complaining about the

175

* 'struct ssl_st *' function parameters used to prototype callbacks

176

* in SSL_CTX. */

177

typedef struct ssl_st *ssl_crock_st;

178

179

/* used to hold info on the particular ciphers used */

180

typedef struct ssl_cipher_st

181

{

182

int valid;

183

const char *name; /* text name */

184

unsigned long id; /* id, 4 bytes, first is version */

185

unsigned long algorithms; /* what ciphers are used */

186

unsigned long algo_strength; /* strength and export flags */

187

unsigned long algorithm2; /* Extra flags */

188

int strength_bits; /* Number of bits really used */

189

int alg_bits; /* Number of bits for algorithm */

190

unsigned long mask; /* used for matching */

191

unsigned long mask_strength; /* also used for matching */

192

} SSL_CIPHER;

193

194

DECLARE_STACK_OF(SSL_CIPHER)

195

196

typedef struct ssl_st SSL;

197

typedef struct ssl_ctx_st SSL_CTX;

198

199

/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */

200

typedef struct ssl_method_st

201

{

202

int version;

203

int (*ssl_new)(SSL *s);

204

void (*ssl_clear)(SSL *s);

205

void (*ssl_free)(SSL *s);

206

int (*ssl_accept)(SSL *s);

207

int (*ssl_connect)(SSL *s);

208

int (*ssl_read)(SSL *s,void *buf,int len);

209

int (*ssl_peek)(SSL *s,void *buf,int len);

210

int (*ssl_write)(SSL *s,const void *buf,int len);

211

int (*ssl_shutdown)(SSL *s);

212

int (*ssl_renegotiate)(SSL *s);

213

int (*ssl_renegotiate_check)(SSL *s);

214

long (*ssl_ctrl)(SSL *s,int cmd,long larg,char *parg);

215

long (*ssl_ctx_ctrl)(SSL_CTX *ctx,int cmd,long larg,char *parg);

216

SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);

217

int (*put_cipher_by_char)(const SSL_CIPHER *cipher,unsigned char *ptr);

218

int (*ssl_pending)(SSL *s);

219

int (*num_ciphers)(void);

220

SSL_CIPHER *(*get_cipher)(unsigned ncipher);

221

struct ssl_method_st *(*get_ssl_method)(int version);

222

long (*get_timeout)(void);

223

struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */

224

int (*ssl_version)();

225

long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)());

226

long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)());

227

} SSL_METHOD;

228

229

/* Lets make this into an ASN.1 type structure as follows

230

* SSL_SESSION_ID ::= SEQUENCE {

231

* version INTEGER, -- structure version number

232

* SSLversion INTEGER, -- SSL version number

233

* Cipher OCTET_STRING, -- the 3 byte cipher ID

234

* Session_ID OCTET_STRING, -- the Session ID

235

* Master_key OCTET_STRING, -- the master key

236

* Key_Arg [ 0 ] IMPLICIT OCTET_STRING, -- the optional Key argument

237

* Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time

238

* Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds

239

* Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate

240

* Session_ID_context [ 4 ] EXPLICIT OCTET_STRING, -- the Session ID context

241

* Verify_result [ 5 ] EXPLICIT INTEGER -- X509_V_... code for `Peer'

242

* Compression [6] IMPLICIT ASN1_OBJECT -- compression OID XXXXX

243

* }

244

* Look in ssl/ssl_asn1.c for more details

245

* I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).

246

247

typedef struct ssl_session_st

248

{

249

int ssl_version; /* what ssl version session info is

250

* being kept in here? */

251

252

/* only really used in SSLv2 */

253

unsigned int key_arg_length;

254

unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH];

255

int master_key_length;

256

unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];

257

/* session_id - valid? */

258

unsigned int session_id_length;

259

unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];

260

/* this is used to determine whether the session is being reused in

261

* the appropriate context. It is up to the application to set this,

262

* via SSL_new */

263

unsigned int sid_ctx_length;

264

unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];

265

266

int not_resumable;

267

268

/* The cert is the certificate used to establish this connection */

269

struct sess_cert_st /* SESS_CERT */ *sess_cert;

270

271

/* This is the cert for the other end.

272

* On clients, it will be the same as sess_cert->peer_key->x509

273

* (the latter is not enough as sess_cert is not retained

274

* in the external representation of sessions, see ssl_asn1.c). */

275

X509 *peer;

276

/* when app_verify_callback accepts a session where the peer's certificate

277

* is not ok, we must remember the error for session reuse: */

278

long verify_result; /* only for servers */

279

280

int references;

281

long timeout;

282

long time;

283

284

int compress_meth; /* Need to lookup the method */

285

286

SSL_CIPHER *cipher;

287

unsigned long cipher_id; /* when ASN.1 loaded, this

288

* needs to be used to load

289

* the 'cipher' structure */

290

291

STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */

292

293

CRYPTO_EX_DATA ex_data; /* application specific data */

294

295

/* These are used to make removal of session-ids more

296

* efficient and to implement a maximum cache size. */

297

struct ssl_session_st *prev,*next;

298

} SSL_SESSION;

299

300

#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L

301

#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L

302

#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L

303

#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L

304

#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L

305

#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L

306

#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L

307

#define SSL_OP_TLS_D5_BUG 0x00000100L

308

#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L

309

#define SSL_OP_TLS_ROLLBACK_BUG 0x00000400L

310

311

/* If set, always create a new key when using tmp_dh parameters */

312

#define SSL_OP_SINGLE_DH_USE 0x00100000L

313

/* Set to also use the tmp_rsa key when doing RSA operations. */

314

#define SSL_OP_EPHEMERAL_RSA 0x00200000L

315

316

/* The next flag deliberately changes the ciphertest, this is a check

317

* for the PKCS#1 attack */

318

#define SSL_OP_PKCS1_CHECK_1 0x08000000L

319

#define SSL_OP_PKCS1_CHECK_2 0x10000000L

320

#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L

321

/* SSL_OP_NON_EXPORT_FIRST looks utterly broken .. */

322

#define SSL_OP_NON_EXPORT_FIRST 0x40000000L

323

#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x80000000L

324

#define SSL_OP_ALL 0x000FFFFFL

325

326

#define SSL_OP_NO_SSLv2 0x01000000L

327

#define SSL_OP_NO_SSLv3 0x02000000L

328

#define SSL_OP_NO_TLSv1 0x04000000L

329

330

/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success

331

* when just a single record has been written): */

332

#define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L

333

/* Make it possible to retry SSL_write() with changed buffer location

334

* (buffer contents must stay the same!); this is not the default to avoid

335

* the misconception that non-blocking SSL_write() behaves like

336

* non-blocking write(): */

337

#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L

338

/* Never bother the application with retries if the transport

339

* is blocking: */

340

#define SSL_MODE_AUTO_RETRY 0x00000004L

341

342

/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,

343

* they cannot be used to clear bits. */

344

345

#define SSL_CTX_set_options(ctx,op) \

346

SSL_CTX_ctrl(ctx,SSL_CTRL_OPTIONS,op,NULL)

347

#define SSL_CTX_get_options(ctx) \

348

SSL_CTX_ctrl(ctx,SSL_CTRL_OPTIONS,0,NULL)

349

#define SSL_set_options(ssl,op) \

350

SSL_ctrl(ssl,SSL_CTRL_OPTIONS,op,NULL)

351

#define SSL_get_options(ssl) \

352

SSL_ctrl(ssl,SSL_CTRL_OPTIONS,0,NULL)

353

354

#define SSL_CTX_set_mode(ctx,op) \

355

SSL_CTX_ctrl(ctx,SSL_CTRL_MODE,op,NULL)

356

#define SSL_CTX_get_mode(ctx) \

357

SSL_CTX_ctrl(ctx,SSL_CTRL_MODE,0,NULL)

358

#define SSL_set_mode(ssl,op) \

359

SSL_ctrl(ssl,SSL_CTRL_MODE,op,NULL)

360

#define SSL_get_mode(ssl) \

361

SSL_ctrl(ssl,SSL_CTRL_MODE,0,NULL)

362

363

#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)

364

365

typedef struct ssl_comp_st

366

{

367

int id;

368

char *name;

369

#ifndef NO_COMP

370

COMP_METHOD *method;

371

#else

372

char *method;

373

#endif

374

} SSL_COMP;

375

376

DECLARE_STACK_OF(SSL_COMP)

377

378

struct ssl_ctx_st

379

{

380

SSL_METHOD *method;

381

unsigned long options;

382

unsigned long mode;

383

384

STACK_OF(SSL_CIPHER) *cipher_list;

385

/* same as above but sorted for lookup */

386

STACK_OF(SSL_CIPHER) *cipher_list_by_id;

387

388

struct x509_store_st /* X509_STORE */ *cert_store;

389

struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSIONs */

390

/* Most session-ids that will be cached, default is

391

* SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */

392

unsigned long session_cache_size;

393

struct ssl_session_st *session_cache_head;

394

struct ssl_session_st *session_cache_tail;

395

396

/* This can have one of 2 values, ored together,

397

* SSL_SESS_CACHE_CLIENT,

398

* SSL_SESS_CACHE_SERVER,

399

* Default is SSL_SESSION_CACHE_SERVER, which means only

400

* SSL_accept which cache SSL_SESSIONS. */

401

int session_cache_mode;

402

403

/* If timeout is not 0, it is the default timeout value set

404

* when SSL_new() is called. This has been put in to make

405

* life easier to set things up */

406

long session_timeout;

407

408

/* If this callback is not null, it will be called each

409

* time a session id is added to the cache. If this function

410

* returns 1, it means that the callback will do a

411

* SSL_SESSION_free() when it has finished using it. Otherwise,

412

* on 0, it means the callback has finished with it.

413

* If remove_session_cb is not null, it will be called when

414

* a session-id is removed from the cache. After the call,

415

* OpenSSL will SSL_SESSION_free() it. */

416

int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess);

417

void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess);

418

SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,

419

unsigned char *data,int len,int *copy);

420

struct

421

{

422

int sess_connect; /* SSL new conn - started */

423

int sess_connect_renegotiate;/* SSL reneg - requested */

424

int sess_connect_good; /* SSL new conne/reneg - finished */

425

int sess_accept; /* SSL new accept - started */

426

int sess_accept_renegotiate;/* SSL reneg - requested */

427

int sess_accept_good; /* SSL accept/reneg - finished */

428

int sess_miss; /* session lookup misses */

429

int sess_timeout; /* reuse attempt on timeouted session */

430

int sess_cache_full; /* session removed due to full cache */

431

int sess_hit; /* session reuse actually done */

432

int sess_cb_hit; /* session-id that was not

433

* in the cache was

434

* passed back via the callback. This

435

* indicates that the application is

436

* supplying session-id's from other

437

* processes - spooky :-) */

438

} stats;

439

440

int references;

441

442

/**/ void (*info_callback)();

443

444

/* if defined, these override the X509_verify_cert() calls */

445

/**/ int (*app_verify_callback)();

446

/**/ char *app_verify_arg; /* never used; should be void * */

447

448

/* default values to use in SSL structures */

449

/**/ struct cert_st /* CERT */ *cert;

450

/**/ int read_ahead;

451

/**/ int verify_mode;

452

/**/ int verify_depth;

453

/**/ unsigned int sid_ctx_length;

454

/**/ unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];

455

/**/ int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx);

456

457

int purpose; /* Purpose setting */

458

int trust; /* Trust setting */

459

460

/* Default password callback. */

461

/**/ pem_password_cb *default_passwd_callback;

462

463

/* Default password callback user data. */

464

/**/ void *default_passwd_callback_userdata;

465

466

/* get client cert callback */

467

/**/ int (*client_cert_cb)(/* SSL *ssl, X509 **x509, EVP_PKEY **pkey */);

468

469

/* what we put in client cert requests */

470

STACK_OF(X509_NAME) *client_CA;

471

472

/**/ int quiet_shutdown;

473

474

CRYPTO_EX_DATA ex_data;

475

476

const EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */

477

const EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */

478

const EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */

479

480

STACK_OF(X509) *extra_certs;

481

STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */

482

};

483

484

#define SSL_SESS_CACHE_OFF 0x0000

485

#define SSL_SESS_CACHE_CLIENT 0x0001

486

#define SSL_SESS_CACHE_SERVER 0x0002

487

#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)

488

#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080

489

/* This one, when set, makes the server session-id lookup not look

490

* in the cache. If there is an application get_session callback

491

* defined, this will still get called. */

492

#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100

493

494

struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx);

495

#define SSL_CTX_sess_number(ctx) \

496

SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)

497

#define SSL_CTX_sess_connect(ctx) \

498

SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)

499

#define SSL_CTX_sess_connect_good(ctx) \

500

SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)

501

#define SSL_CTX_sess_connect_renegotiate(ctx) \

502

SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)

503

#define SSL_CTX_sess_accept(ctx) \

504

SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)

505

#define SSL_CTX_sess_accept_renegotiate(ctx) \

506

SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)

507

#define SSL_CTX_sess_accept_good(ctx) \

508

SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)

509

#define SSL_CTX_sess_hits(ctx) \

510

SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)

511

#define SSL_CTX_sess_cb_hits(ctx) \

512

SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)

513

#define SSL_CTX_sess_misses(ctx) \

514

SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)

515

#define SSL_CTX_sess_timeouts(ctx) \

516

SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)

517

#define SSL_CTX_sess_cache_full(ctx) \

518

SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)

519

520

#define SSL_CTX_sess_set_new_cb(ctx,cb) ((ctx)->new_session_cb=(cb))

521

#define SSL_CTX_sess_get_new_cb(ctx) ((ctx)->new_session_cb)

522

#define SSL_CTX_sess_set_remove_cb(ctx,cb) ((ctx)->remove_session_cb=(cb))

523

#define SSL_CTX_sess_get_remove_cb(ctx) ((ctx)->remove_session_cb)

524

#define SSL_CTX_sess_set_get_cb(ctx,cb) ((ctx)->get_session_cb=(cb))

525

#define SSL_CTX_sess_get_get_cb(ctx) ((ctx)->get_session_cb)

526

#define SSL_CTX_set_info_callback(ctx,cb) ((ctx)->info_callback=(cb))

527

#define SSL_CTX_get_info_callback(ctx) ((ctx)->info_callback)

528

#define SSL_CTX_set_client_cert_cb(ctx,cb) ((ctx)->client_cert_cb=(cb))

529

#define SSL_CTX_get_client_cert_cb(ctx) ((ctx)->client_cert_cb)

530

531

#define SSL_NOTHING 1

532

#define SSL_WRITING 2

533

#define SSL_READING 3

534

#define SSL_X509_LOOKUP 4

535

536

/* These will only be used when doing non-blocking IO */

537

#define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)

538

#define SSL_want_read(s) (SSL_want(s) == SSL_READING)

539

#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)

540

#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)

541

542

struct ssl_st

543

{

544

/* protocol version

545

* (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION)

546

547

int version;

548

int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */

549

550

SSL_METHOD *method; /* SSLv3 */

551

552

/* There are 2 BIO's even though they are normally both the

553

* same. This is so data can be read and written to different

554

* handlers */

555

556

#ifndef NO_BIO

557

BIO *rbio; /* used by SSL_read */

558

BIO *wbio; /* used by SSL_write */

559

BIO *bbio; /* used during session-id reuse to concatenate

560

* messages */

561

#else

562

char *rbio; /* used by SSL_read */

563

char *wbio; /* used by SSL_write */

564

char *bbio;

565

#endif

566

/* This holds a variable that indicates what we were doing

567

* when a 0 or -1 is returned. This is needed for

568

* non-blocking IO so we know what request needs re-doing when

569

* in SSL_accept or SSL_connect */

570

int rwstate;

571

572

/* true when we are actually in SSL_accept() or SSL_connect() */

573

int in_handshake;

574

int (*handshake_func)();

575

576

/* Imagine that here's a boolean member "init" that is

577

* switched as soon as SSL_set_{accept/connect}_state

578

* is called for the first time, so that "state" and

579

* "handshake_func" are properly initialized. But as

580

* handshake_func is == 0 until then, we use this

581

* test instead of an "init" member.

582

583

584

int server; /* are we the server side? - mostly used by SSL_clear*/

585

586

int new_session;/* 1 if we are to use a new session */

587

int quiet_shutdown;/* don't send shutdown packets */

588

int shutdown; /* we have shut things down, 0x01 sent, 0x02

589

* for received */

590

int state; /* where we are */

591

int rstate; /* where we are when reading */

592

593

BUF_MEM *init_buf; /* buffer used during init */

594

int init_num; /* amount read/written */

595

int init_off; /* amount read/written */

596

597

/* used internally to point at a raw packet */

598

unsigned char *packet;

599

unsigned int packet_length;

600

601

struct ssl2_state_st *s2; /* SSLv2 variables */

602

struct ssl3_state_st *s3; /* SSLv3 variables */

603

604

int read_ahead; /* Read as many input bytes as possible

605

* (for non-blocking reads) */

606

int hit; /* reusing a previous session */

607

608

int purpose; /* Purpose setting */

609

int trust; /* Trust setting */

610

611

/* crypto */

612

STACK_OF(SSL_CIPHER) *cipher_list;

613

STACK_OF(SSL_CIPHER) *cipher_list_by_id;

614

615

/* These are the ones being used, the ones in SSL_SESSION are

616

* the ones to be 'copied' into these ones */

617

618

EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */

619

const EVP_MD *read_hash; /* used for mac generation */

620

#ifndef NO_COMP

621

COMP_CTX *expand; /* uncompress */

622

#else

623

char *expand;

624

#endif

625

626

EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */

627

const EVP_MD *write_hash; /* used for mac generation */

628

#ifndef NO_COMP

629

COMP_CTX *compress; /* compression */

630

#else

631

char *compress;

632

#endif

633

634

/* session info */

635

636

/* client cert? */

637

/* This is used to hold the server certificate used */

638

struct cert_st /* CERT */ *cert;

639

640

/* the session_id_context is used to ensure sessions are only reused

641

* in the appropriate context */

642

unsigned int sid_ctx_length;

643

unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];

644

645

/* This can also be in the session once a session is established */

646

SSL_SESSION *session;

647

648

/* Used in SSL2 and SSL3 */

649

int verify_mode; /* 0 don't care about verify failure.

650

* 1 fail if verify fails */

651

int verify_depth;

652

int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */

653

void (*info_callback)(); /* optional informational callback */

654

655

int error; /* error bytes to be written */

656

int error_code; /* actual code */

657

658

SSL_CTX *ctx;

659

/* set this flag to 1 and a sleep(1) is put into all SSL_read()

660

* and SSL_write() calls, good for nbio debuging :-) */

661

int debug;

662

663

/* extra application data */

664

long verify_result;

665

CRYPTO_EX_DATA ex_data;

666

667

/* for server side, keep the list of CA_dn we can use */

668

STACK_OF(X509_NAME) *client_CA;

669

670

int references;

671

unsigned long options; /* protocol behaviour */

672

unsigned long mode; /* API behaviour */

673

int first_packet;

674

int client_version; /* what was passed, used for

675

* SSLv3/TLS rollback check */

676

};

677

678

#ifdef __cplusplus

679

}

680

#endif

681

682

#include "ssl2.h"

683

#include "ssl3.h"

684

#include "tls1.h" /* This is mostly sslv3 with a few tweaks */

685

#include "ssl23.h"

686

687

#ifdef __cplusplus

688

extern "C" {

689

#endif

690

691

/* compatibility */

692

#define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg))

693

#define SSL_get_app_data(s) (SSL_get_ex_data(s,0))

694

#define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0,(char *)a))

695

#define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s,0))

696

#define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0))

697

#define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0,(char *)arg))

698

699

/* The following are the possible values for ssl->state are are

700

* used to indicate where we are up to in the SSL connection establishment.

701

* The macros that follow are about the only things you should need to use

702

* and even then, only when using non-blocking IO.

703

* It can also be useful to work out where you were when the connection

704

* failed */

705

706

#define SSL_ST_CONNECT 0x1000

707

#define SSL_ST_ACCEPT 0x2000

708

#define SSL_ST_MASK 0x0FFF

709

#define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT)

710

#define SSL_ST_BEFORE 0x4000

711

#define SSL_ST_OK 0x03

712

#define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)

713

714

#define SSL_CB_LOOP 0x01

715

#define SSL_CB_EXIT 0x02

716

#define SSL_CB_READ 0x04

717

#define SSL_CB_WRITE 0x08

718

#define SSL_CB_ALERT 0x4000 /* used in callback */

719

#define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)

720

#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)

721

#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)

722

#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)

723

#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)

724

#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)

725

#define SSL_CB_HANDSHAKE_START 0x10

726

#define SSL_CB_HANDSHAKE_DONE 0x20

727

728

/* Is the SSL_connection established? */

729

#define SSL_get_state(a) SSL_state(a)

730

#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)

731

#define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT)

732

#define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE)

733

#define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT)

734

#define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT)

735

736

/* The following 2 states are kept in ssl->rstate when reads fail,

737

* you should not need these */

738

#define SSL_ST_READ_HEADER 0xF0

739

#define SSL_ST_READ_BODY 0xF1

740

#define SSL_ST_READ_DONE 0xF2

741

742

/* Obtain latest Finished message

743

* -- that we sent (SSL_get_finished)

744

* -- that we expected from peer (SSL_get_peer_finished).

745

* Returns length (0 == no Finished so far), copies up to 'count' bytes. */

746

size_t SSL_get_finished(SSL *s, void *buf, size_t count);

747

size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count);

748

749

/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options

750

* are 'ored' with SSL_VERIFY_PEER if they are desired */

751

#define SSL_VERIFY_NONE 0x00

752

#define SSL_VERIFY_PEER 0x01

753

#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02

754

#define SSL_VERIFY_CLIENT_ONCE 0x04

755

756

#define OpenSSL_add_ssl_algorithms() SSL_library_init()

757

#define SSLeay_add_ssl_algorithms() SSL_library_init()

758

759

/* this is for backward compatibility */

760

#if 0 /* NEW_SSLEAY */

761

#define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c)

762

#define SSL_set_pref_cipher(c,n) SSL_set_cipher_list(c,n)

763

#define SSL_add_session(a,b) SSL_CTX_add_session((a),(b))

764

#define SSL_remove_session(a,b) SSL_CTX_remove_session((a),(b))

765

#define SSL_flush_sessions(a,b) SSL_CTX_flush_sessions((a),(b))

766

#endif

767

/* More backward compatibility */

768

#define SSL_get_cipher(s) \

769

SSL_CIPHER_get_name(SSL_get_current_cipher(s))

770

#define SSL_get_cipher_bits(s,np) \

771

SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)

772

#define SSL_get_cipher_version(s) \

773

SSL_CIPHER_get_version(SSL_get_current_cipher(s))

774

#define SSL_get_cipher_name(s) \

775

SSL_CIPHER_get_name(SSL_get_current_cipher(s))

776

#define SSL_get_time(a) SSL_SESSION_get_time(a)

777

#define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b))

778

#define SSL_get_timeout(a) SSL_SESSION_get_timeout(a)

779

#define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b))

780

781

#if 1 /*SSLEAY_MACROS*/

782

#define d2i_SSL_SESSION_bio(bp,s_id) (SSL_SESSION *)ASN1_d2i_bio( \

783

(char *(*)())SSL_SESSION_new,(char *(*)())d2i_SSL_SESSION, \

784

(bp),(unsigned char **)(s_id))

785

#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio(i2d_SSL_SESSION, \

786

bp,(unsigned char *)s_id)

787

#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \

788

(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)

789

#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \

790

(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u)

791

#define PEM_write_SSL_SESSION(fp,x) \

792

PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \

793

PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)

794

#define PEM_write_bio_SSL_SESSION(bp,x) \

795

PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \

796

PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL)

797

#endif

798

799

#define SSL_AD_REASON_OFFSET 1000

800

/* These alert types are for SSLv3 and TLSv1 */

801

#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY

802

#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */

803

#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */

804

#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED

805

#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW

806

#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE/* fatal */

807

#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE/* fatal */

808

#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */

809

#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE

810

#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE

811

#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED

812

#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED

813

#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN

814

#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */

815

#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */

816

#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */

817

#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */

818

#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR

819

#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION/* fatal */

820

#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */

821

#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY/* fatal */

822

#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */

823

#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED

824

#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION

825

826

#define SSL_ERROR_NONE 0

827

#define SSL_ERROR_SSL 1

828

#define SSL_ERROR_WANT_READ 2

829

#define SSL_ERROR_WANT_WRITE 3

830

#define SSL_ERROR_WANT_X509_LOOKUP 4

831

#define SSL_ERROR_SYSCALL 5 /* look at error stack/return value/errno */

832

#define SSL_ERROR_ZERO_RETURN 6

833

#define SSL_ERROR_WANT_CONNECT 7

834

835

#define SSL_CTRL_NEED_TMP_RSA 1

836

#define SSL_CTRL_SET_TMP_RSA 2

837

#define SSL_CTRL_SET_TMP_DH 3

838

#define SSL_CTRL_SET_TMP_RSA_CB 4

839

#define SSL_CTRL_SET_TMP_DH_CB 5

840

/* Add these ones */

841

#define SSL_CTRL_GET_SESSION_REUSED 6

842

#define SSL_CTRL_GET_CLIENT_CERT_REQUEST 7

843

#define SSL_CTRL_GET_NUM_RENEGOTIATIONS 8

844

#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 9

845

#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 10

846

#define SSL_CTRL_GET_FLAGS 11

847

#define SSL_CTRL_EXTRA_CHAIN_CERT 12

848

849

/* Stats */

850

#define SSL_CTRL_SESS_NUMBER 20

851

#define SSL_CTRL_SESS_CONNECT 21

852

#define SSL_CTRL_SESS_CONNECT_GOOD 22

853

#define SSL_CTRL_SESS_CONNECT_RENEGOTIATE 23

854

#define SSL_CTRL_SESS_ACCEPT 24

855

#define SSL_CTRL_SESS_ACCEPT_GOOD 25

856

#define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE 26

857

#define SSL_CTRL_SESS_HIT 27

858

#define SSL_CTRL_SESS_CB_HIT 28

859

#define SSL_CTRL_SESS_MISSES 29

860

#define SSL_CTRL_SESS_TIMEOUTS 30

861

#define SSL_CTRL_SESS_CACHE_FULL 31

862

#define SSL_CTRL_OPTIONS 32

863

#define SSL_CTRL_MODE 33

864

865

#define SSL_CTRL_GET_READ_AHEAD 40

866

#define SSL_CTRL_SET_READ_AHEAD 41

867

#define SSL_CTRL_SET_SESS_CACHE_SIZE 42

868

#define SSL_CTRL_GET_SESS_CACHE_SIZE 43

869

#define SSL_CTRL_SET_SESS_CACHE_MODE 44

870

#define SSL_CTRL_GET_SESS_CACHE_MODE 45

871

872

#define SSL_session_reused(ssl) \

873

SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)

874

#define SSL_num_renegotiations(ssl) \

875

SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)

876

#define SSL_clear_num_renegotiations(ssl) \

877

SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)

878

#define SSL_total_renegotiations(ssl) \

879

SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)

880

881

#define SSL_CTX_need_tmp_RSA(ctx) \

882

SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)

883

#define SSL_CTX_set_tmp_rsa(ctx,rsa) \

884

SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)

885

#define SSL_CTX_set_tmp_dh(ctx,dh) \

886

SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)

887

888

#define SSL_need_tmp_RSA(ssl) \

889

SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)

890

#define SSL_set_tmp_rsa(ssl,rsa) \

891

SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)

892

#define SSL_set_tmp_dh(ssl,dh) \

893

SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)

894

895

#define SSL_CTX_add_extra_chain_cert(ctx,x509) \

896

SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)

897

898

/* VMS uses only 31 characters for symbols. */

899

#ifdef VMS

900

#undef SSL_CTX_set_cert_verify_callback

901

#define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb

902

#undef SSL_CTX_use_certificate_chain_file

903

#define SSL_CTX_use_certificate_chain_file SSL_CTX_use_cert_chain_file

904

#undef SSL_CTX_set_default_verify_paths

905

#define SSL_CTX_set_default_verify_paths SSL_CTX_set_def_verify_paths

906

#undef SSL_get_ex_data_X509_STORE_CTX_idx

907

#define SSL_get_ex_data_X509_STORE_CTX_idx SSL_get_ex_data_X509_STOR_CTX_i

908

#undef SSL_add_file_cert_subjects_to_stack

909

#define SSL_add_file_cert_subjects_to_stack SSL_add_file_cert_sub_to_stack

910

#undef SSL_add_dir_cert_subjects_to_stack

911

#define SSL_add_dir_cert_subjects_to_stack SSL_add_dir_cert_sub_to_stack

912

#endif

913

914

#ifndef NO_BIO

915

BIO_METHOD *BIO_f_ssl(void);

916

BIO *BIO_new_ssl(SSL_CTX *ctx,int client);

917

BIO *BIO_new_ssl_connect(SSL_CTX *ctx);

918

BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);

919

int BIO_ssl_copy_session_id(BIO *to,BIO *from);

920

void BIO_ssl_shutdown(BIO *ssl_bio);

921

922

#endif

923

924

int SSL_CTX_set_cipher_list(SSL_CTX *,const char *str);

925

SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);

926

void SSL_CTX_free(SSL_CTX *);

927

long SSL_CTX_set_timeout(SSL_CTX *ctx,long t);

928

long SSL_CTX_get_timeout(SSL_CTX *ctx);

929

X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *);

930

void SSL_CTX_set_cert_store(SSL_CTX *,X509_STORE *);

931

int SSL_want(SSL *s);

932

int SSL_clear(SSL *s);

933

934

void SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm);

935

936

SSL_CIPHER *SSL_get_current_cipher(SSL *s);

937

int SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits);

938

char * SSL_CIPHER_get_version(SSL_CIPHER *c);

939

const char * SSL_CIPHER_get_name(SSL_CIPHER *c);

940

941

int SSL_get_fd(SSL *s);

942

const char * SSL_get_cipher_list(SSL *s,int n);

943

char * SSL_get_shared_ciphers(SSL *s, char *buf, int len);

944

int SSL_get_read_ahead(SSL * s);

945

int SSL_pending(SSL *s);

946

#ifndef NO_SOCK

947

int SSL_set_fd(SSL *s, int fd);

948

int SSL_set_rfd(SSL *s, int fd);

949

int SSL_set_wfd(SSL *s, int fd);

950

#endif

951

#ifndef NO_BIO

952

void SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio);

953

BIO * SSL_get_rbio(SSL *s);

954

BIO * SSL_get_wbio(SSL *s);

955

#endif

956

int SSL_set_cipher_list(SSL *s, const char *str);

957

void SSL_set_read_ahead(SSL *s, int yes);

958

int SSL_get_verify_mode(SSL *s);

959

int SSL_get_verify_depth(SSL *s);

960

int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *);

961

void SSL_set_verify(SSL *s, int mode,

962

int (*callback)(int ok,X509_STORE_CTX *ctx));

963

void SSL_set_verify_depth(SSL *s, int depth);

964

#ifndef NO_RSA

965

int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);

966

#endif

967

int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);

968

int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);

969

int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len);

970

int SSL_use_certificate(SSL *ssl, X509 *x);

971

int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);

972

973

#ifndef NO_STDIO

974

int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);

975

int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);

976

int SSL_use_certificate_file(SSL *ssl, const char *file, int type);

977

int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);

978

int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);

979

int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);

980

int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* PEM type */

981

STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);

982

int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,

983

const char *file);

984

int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,

985

const char *dir);

986

#endif

987

988

void ERR_load_SSL_strings(void );

989

void SSL_load_error_strings(void );

990

char * SSL_state_string(SSL *s);

991

char * SSL_rstate_string(SSL *s);

992

char * SSL_state_string_long(SSL *s);

993

char * SSL_rstate_string_long(SSL *s);

994

long SSL_SESSION_get_time(SSL_SESSION *s);

995

long SSL_SESSION_set_time(SSL_SESSION *s, long t);

996

long SSL_SESSION_get_timeout(SSL_SESSION *s);

997

long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);

998

void SSL_copy_session_id(SSL *to,SSL *from);

999

1000

SSL_SESSION *SSL_SESSION_new(void);

1001

unsigned long SSL_SESSION_hash(SSL_SESSION *a);

1002

int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b);

1003

#ifndef NO_FP_API

1004

int SSL_SESSION_print_fp(FILE *fp,SSL_SESSION *ses);

1005

#endif

1006

#ifndef NO_BIO

1007

int SSL_SESSION_print(BIO *fp,SSL_SESSION *ses);

1008

#endif

1009

void SSL_SESSION_free(SSL_SESSION *ses);

1010

int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp);

1011

int SSL_set_session(SSL *to, SSL_SESSION *session);

1012

int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);

1013

int SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c);

1014

SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,unsigned char **pp,long length);

1015

1016

#ifdef HEADER_X509_H

1017

X509 * SSL_get_peer_certificate(SSL *s);

1018

#endif

1019

1020

STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s);

1021

1022

#ifdef VMS

1023

#define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud

1024

#endif

1025

1026

int SSL_CTX_get_verify_mode(SSL_CTX *ctx);

1027

int SSL_CTX_get_verify_depth(SSL_CTX *ctx);

1028

int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *);

1029

void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,

1030

int (*callback)(int, X509_STORE_CTX *));

1031

void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth);

1032

void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(),char *arg);

1033

#ifndef NO_RSA

1034

int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);

1035

#endif

1036

int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);

1037

int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);

1038

int SSL_CTX_use_PrivateKey_ASN1(int pk,SSL_CTX *ctx,

1039

unsigned char *d, long len);

1040

int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);

1041

int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);

1042

1043

void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);

1044

void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);

1045

1046

int SSL_CTX_check_private_key(SSL_CTX *ctx);

1047

int SSL_check_private_key(SSL *ctx);

1048

1049

int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,

1050

unsigned int sid_ctx_len);

1051

1052

SSL * SSL_new(SSL_CTX *ctx);

1053

int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,

1054

unsigned int sid_ctx_len);

1055

1056

int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);

1057

int SSL_set_purpose(SSL *s, int purpose);

1058

int SSL_CTX_set_trust(SSL_CTX *s, int trust);

1059

int SSL_set_trust(SSL *s, int trust);

1060

1061

void SSL_free(SSL *ssl);

1062

int SSL_accept(SSL *ssl);

1063

int SSL_connect(SSL *ssl);

1064

int SSL_read(SSL *ssl,void *buf,int num);

1065

int SSL_peek(SSL *ssl,void *buf,int num);

1066

int SSL_write(SSL *ssl,const void *buf,int num);

1067

long SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg);

1068

long SSL_callback_ctrl(SSL *, int, void (*)());

1069

long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, char *parg);

1070

long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)());

1071

1072

int SSL_get_error(SSL *s,int ret_code);

1073

const char *SSL_get_version(SSL *s);

1074

1075

/* This sets the 'default' SSL version that SSL_new() will create */

1076

int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth);

1077

1078

SSL_METHOD *SSLv2_method(void); /* SSLv2 */

1079

SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */

1080

SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */

1081

1082

SSL_METHOD *SSLv3_method(void); /* SSLv3 */

1083

SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */

1084

SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */

1085

1086

SSL_METHOD *SSLv23_method(void); /* SSLv3 but can rollback to v2 */

1087

SSL_METHOD *SSLv23_server_method(void); /* SSLv3 but can rollback to v2 */

1088

SSL_METHOD *SSLv23_client_method(void); /* SSLv3 but can rollback to v2 */

1089

1090

SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */

1091

SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */

1092

SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */

1093

1094

STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s);

1095

1096

int SSL_do_handshake(SSL *s);

1097

int SSL_renegotiate(SSL *s);

1098

int SSL_shutdown(SSL *s);

1099

1100

SSL_METHOD *SSL_get_ssl_method(SSL *s);

1101

int SSL_set_ssl_method(SSL *s,SSL_METHOD *method);

1102

char *SSL_alert_type_string_long(int value);

1103

char *SSL_alert_type_string(int value);

1104

char *SSL_alert_desc_string_long(int value);

1105

char *SSL_alert_desc_string(int value);

1106

1107

void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);

1108

void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);

1109

STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s);

1110

STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *s);

1111

int SSL_add_client_CA(SSL *ssl,X509 *x);

1112

int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x);

1113

1114

void SSL_set_connect_state(SSL *s);

1115

void SSL_set_accept_state(SSL *s);

1116

1117

long SSL_get_default_timeout(SSL *s);

1118

1119

int SSL_library_init(void );

1120

1121

char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size);

1122

STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);

1123

1124

SSL *SSL_dup(SSL *ssl);

1125

1126

X509 *SSL_get_certificate(SSL *ssl);

1127

/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);

1128

1129

void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);

1130

int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx);

1131

void SSL_set_quiet_shutdown(SSL *ssl,int mode);

1132

int SSL_get_quiet_shutdown(SSL *ssl);

1133

void SSL_set_shutdown(SSL *ssl,int mode);

1134

int SSL_get_shutdown(SSL *ssl);

1135

int SSL_version(SSL *ssl);

1136

int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);

1137

int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,

1138

const char *CApath);

1139

#define SSL_get0_session SSL_get_session /* just peek at pointer */

1140

SSL_SESSION *SSL_get_session(SSL *ssl);

1141

SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */

1142

SSL_CTX *SSL_get_SSL_CTX(SSL *ssl);

1143

void SSL_set_info_callback(SSL *ssl,void (*cb)());

1144

void (*SSL_get_info_callback(SSL *ssl))();

1145

int SSL_state(SSL *ssl);

1146

1147

void SSL_set_verify_result(SSL *ssl,long v);

1148

long SSL_get_verify_result(SSL *ssl);

1149

1150

int SSL_set_ex_data(SSL *ssl,int idx,void *data);

1151

void *SSL_get_ex_data(SSL *ssl,int idx);

1152

int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,

1153

CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);

1154

1155

int SSL_SESSION_set_ex_data(SSL_SESSION *ss,int idx,void *data);

1156

void *SSL_SESSION_get_ex_data(SSL_SESSION *ss,int idx);

1157

int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,

1158

CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);

1159

1160

int SSL_CTX_set_ex_data(SSL_CTX *ssl,int idx,void *data);

1161

void *SSL_CTX_get_ex_data(SSL_CTX *ssl,int idx);

1162

int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,

1163

CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);

1164

1165

int SSL_get_ex_data_X509_STORE_CTX_idx(void );

1166

1167

#define SSL_CTX_sess_set_cache_size(ctx,t) \

1168

SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)

1169

#define SSL_CTX_sess_get_cache_size(ctx) \

1170

SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)

1171

#define SSL_CTX_set_session_cache_mode(ctx,m) \

1172

SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)

1173

#define SSL_CTX_get_session_cache_mode(ctx) \

1174

SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)

1175

1176

#define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)

1177

#define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)

1178

#define SSL_CTX_get_read_ahead(ctx) \

1179

SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)

1180

#define SSL_CTX_set_read_ahead(ctx,m) \

1181

SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)

1182

1183

/* NB: the keylength is only applicable when is_export is true */

1184

#ifndef NO_RSA

1185

void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,

1186

RSA *(*cb)(SSL *ssl,int is_export,

1187

int keylength));

1188

1189

void SSL_set_tmp_rsa_callback(SSL *ssl,

1190

RSA *(*cb)(SSL *ssl,int is_export,

1191

int keylength));

1192

#endif

1193

#ifndef NO_DH

1194

void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,

1195

DH *(*dh)(SSL *ssl,int is_export,

1196

int keylength));

1197

void SSL_set_tmp_dh_callback(SSL *ssl,

1198

DH *(*dh)(SSL *ssl,int is_export,

1199

int keylength));

1200

#endif

1201

1202

#ifndef NO_COMP

1203

int SSL_COMP_add_compression_method(int id,COMP_METHOD *cm);

1204

#else

1205

int SSL_COMP_add_compression_method(int id,char *cm);

1206

#endif

1207

1208

/* BEGIN ERROR CODES */

1209

/* The following lines are auto generated by the script mkerr.pl. Any changes

1210

* made after this point may be overwritten when the script is next run.

1211

1212

void ERR_load_SSL_strings(void);

1213

1214

/* Error codes for the SSL functions. */

1215

1216

/* Function codes. */

1217

#define SSL_F_CLIENT_CERTIFICATE 100

1218

#define SSL_F_CLIENT_HELLO 101

1219

#define SSL_F_CLIENT_MASTER_KEY 102

1220

#define SSL_F_D2I_SSL_SESSION 103

1221

#define SSL_F_DO_SSL3_WRITE 104

1222

#define SSL_F_GET_CLIENT_FINISHED 105

1223

#define SSL_F_GET_CLIENT_HELLO 106

1224

#define SSL_F_GET_CLIENT_MASTER_KEY 107

1225

#define SSL_F_GET_SERVER_FINISHED 108

1226

#define SSL_F_GET_SERVER_HELLO 109

1227

#define SSL_F_GET_SERVER_VERIFY 110

1228

#define SSL_F_I2D_SSL_SESSION 111

1229

#define SSL_F_READ_N 112

1230

#define SSL_F_REQUEST_CERTIFICATE 113

1231

#define SSL_F_SERVER_HELLO 114

1232

#define SSL_F_SSL23_ACCEPT 115

1233

#define SSL_F_SSL23_CLIENT_HELLO 116

1234

#define SSL_F_SSL23_CONNECT 117

1235

#define SSL_F_SSL23_GET_CLIENT_HELLO 118

1236

#define SSL_F_SSL23_GET_SERVER_HELLO 119

1237

#define SSL_F_SSL23_PEEK 237

1238

#define SSL_F_SSL23_READ 120

1239

#define SSL_F_SSL23_WRITE 121

1240

#define SSL_F_SSL2_ACCEPT 122

1241

#define SSL_F_SSL2_CONNECT 123

1242

#define SSL_F_SSL2_ENC_INIT 124

1243

#define SSL_F_SSL2_PEEK 234

1244

#define SSL_F_SSL2_READ 125

1245

#define SSL_F_SSL2_READ_INTERNAL 236

1246

#define SSL_F_SSL2_SET_CERTIFICATE 126

1247

#define SSL_F_SSL2_WRITE 127

1248

#define SSL_F_SSL3_ACCEPT 128

1249

#define SSL_F_SSL3_CALLBACK_CTRL 233

1250

#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129

1251

#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130

1252

#define SSL_F_SSL3_CLIENT_HELLO 131

1253

#define SSL_F_SSL3_CONNECT 132

1254

#define SSL_F_SSL3_CTRL 213

1255

#define SSL_F_SSL3_CTX_CTRL 133

1256

#define SSL_F_SSL3_ENC 134

1257

#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135

1258

#define SSL_F_SSL3_GET_CERT_VERIFY 136

1259

#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137

1260

#define SSL_F_SSL3_GET_CLIENT_HELLO 138

1261

#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139

1262

#define SSL_F_SSL3_GET_FINISHED 140

1263

#define SSL_F_SSL3_GET_KEY_EXCHANGE 141

1264

#define SSL_F_SSL3_GET_MESSAGE 142

1265

#define SSL_F_SSL3_GET_RECORD 143

1266

#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144

1267

#define SSL_F_SSL3_GET_SERVER_DONE 145

1268

#define SSL_F_SSL3_GET_SERVER_HELLO 146

1269

#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147

1270

#define SSL_F_SSL3_PEEK 235

1271

#define SSL_F_SSL3_READ_BYTES 148

1272

#define SSL_F_SSL3_READ_N 149

1273

#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150

1274

#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151

1275

#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152

1276

#define SSL_F_SSL3_SEND_CLIENT_VERIFY 153

1277

#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154

1278

#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155

1279

#define SSL_F_SSL3_SETUP_BUFFERS 156

1280

#define SSL_F_SSL3_SETUP_KEY_BLOCK 157

1281

#define SSL_F_SSL3_WRITE_BYTES 158

1282

#define SSL_F_SSL3_WRITE_PENDING 159

1283

#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215

1284

#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216

1285

#define SSL_F_SSL_BAD_METHOD 160

1286

#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161

1287

#define SSL_F_SSL_CERT_DUP 221

1288

#define SSL_F_SSL_CERT_INST 222

1289

#define SSL_F_SSL_CERT_INSTANTIATE 214

1290

#define SSL_F_SSL_CERT_NEW 162

1291

#define SSL_F_SSL_CHECK_PRIVATE_KEY 163

1292

#define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230

1293

#define SSL_F_SSL_CIPHER_STRENGTH_SORT 231

1294

#define SSL_F_SSL_CLEAR 164

1295

#define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165

1296

#define SSL_F_SSL_CREATE_CIPHER_LIST 166

1297

#define SSL_F_SSL_CTRL 232

1298

#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168

1299

#define SSL_F_SSL_CTX_NEW 169

1300

#define SSL_F_SSL_CTX_SET_PURPOSE 226

1301

#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219

1302

#define SSL_F_SSL_CTX_SET_SSL_VERSION 170

1303

#define SSL_F_SSL_CTX_SET_TRUST 229

1304

#define SSL_F_SSL_CTX_USE_CERTIFICATE 171

1305

#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172

1306

#define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220

1307

#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173

1308

#define SSL_F_SSL_CTX_USE_PRIVATEKEY 174

1309

#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175

1310

#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176

1311

#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177

1312

#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178

1313

#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179

1314

#define SSL_F_SSL_DO_HANDSHAKE 180

1315

#define SSL_F_SSL_GET_NEW_SESSION 181

1316

#define SSL_F_SSL_GET_PREV_SESSION 217

1317

#define SSL_F_SSL_GET_SERVER_SEND_CERT 182

1318

#define SSL_F_SSL_GET_SIGN_PKEY 183

1319

#define SSL_F_SSL_INIT_WBIO_BUFFER 184

1320

#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185

1321

#define SSL_F_SSL_NEW 186

1322

#define SSL_F_SSL_READ 223

1323

#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187

1324

#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188

1325

#define SSL_F_SSL_SESSION_NEW 189

1326

#define SSL_F_SSL_SESSION_PRINT_FP 190

1327

#define SSL_F_SSL_SESS_CERT_NEW 225

1328

#define SSL_F_SSL_SET_CERT 191

1329

#define SSL_F_SSL_SET_FD 192

1330

#define SSL_F_SSL_SET_PKEY 193

1331

#define SSL_F_SSL_SET_PURPOSE 227

1332

#define SSL_F_SSL_SET_RFD 194

1333

#define SSL_F_SSL_SET_SESSION 195

1334

#define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218

1335

#define SSL_F_SSL_SET_TRUST 228

1336

#define SSL_F_SSL_SET_WFD 196

1337

#define SSL_F_SSL_SHUTDOWN 224

1338

#define SSL_F_SSL_UNDEFINED_FUNCTION 197

1339

#define SSL_F_SSL_USE_CERTIFICATE 198

1340

#define SSL_F_SSL_USE_CERTIFICATE_ASN1 199

1341

#define SSL_F_SSL_USE_CERTIFICATE_FILE 200

1342

#define SSL_F_SSL_USE_PRIVATEKEY 201

1343

#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202

1344

#define SSL_F_SSL_USE_PRIVATEKEY_FILE 203

1345

#define SSL_F_SSL_USE_RSAPRIVATEKEY 204

1346

#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205

1347

#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206

1348

#define SSL_F_SSL_VERIFY_CERT_CHAIN 207

1349

#define SSL_F_SSL_WRITE 208

1350

#define SSL_F_TLS1_CHANGE_CIPHER_STATE 209

1351

#define SSL_F_TLS1_ENC 210

1352

#define SSL_F_TLS1_SETUP_KEY_BLOCK 211

1353

#define SSL_F_WRITE_PENDING 212

1354

1355

/* Reason codes. */

1356

#define SSL_R_APP_DATA_IN_HANDSHAKE 100

1357

#define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272

1358

#define SSL_R_BAD_ALERT_RECORD 101

1359

#define SSL_R_BAD_AUTHENTICATION_TYPE 102

1360

#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103

1361

#define SSL_R_BAD_CHECKSUM 104

1362

#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106

1363

#define SSL_R_BAD_DECOMPRESSION 107

1364

#define SSL_R_BAD_DH_G_LENGTH 108

1365

#define SSL_R_BAD_DH_PUB_KEY_LENGTH 109

1366

#define SSL_R_BAD_DH_P_LENGTH 110

1367

#define SSL_R_BAD_DIGEST_LENGTH 111

1368

#define SSL_R_BAD_DSA_SIGNATURE 112

1369

#define SSL_R_BAD_HELLO_REQUEST 105

1370

#define SSL_R_BAD_LENGTH 271

1371

#define SSL_R_BAD_MAC_DECODE 113

1372

#define SSL_R_BAD_MESSAGE_TYPE 114

1373

#define SSL_R_BAD_PACKET_LENGTH 115

1374

#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116

1375

#define SSL_R_BAD_RESPONSE_ARGUMENT 117

1376

#define SSL_R_BAD_RSA_DECRYPT 118

1377

#define SSL_R_BAD_RSA_ENCRYPT 119

1378

#define SSL_R_BAD_RSA_E_LENGTH 120

1379

#define SSL_R_BAD_RSA_MODULUS_LENGTH 121

1380

#define SSL_R_BAD_RSA_SIGNATURE 122

1381

#define SSL_R_BAD_SIGNATURE 123

1382

#define SSL_R_BAD_SSL_FILETYPE 124

1383

#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125

1384

#define SSL_R_BAD_STATE 126

1385

#define SSL_R_BAD_WRITE_RETRY 127

1386

#define SSL_R_BIO_NOT_SET 128

1387

#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129

1388

#define SSL_R_BN_LIB 130

1389

#define SSL_R_CA_DN_LENGTH_MISMATCH 131

1390

#define SSL_R_CA_DN_TOO_LONG 132

1391

#define SSL_R_CCS_RECEIVED_EARLY 133

1392

#define SSL_R_CERTIFICATE_VERIFY_FAILED 134

1393

#define SSL_R_CERT_LENGTH_MISMATCH 135

1394

#define SSL_R_CHALLENGE_IS_DIFFERENT 136

1395

#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137

1396

#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138

1397

#define SSL_R_CIPHER_TABLE_SRC_ERROR 139

1398

#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140

1399

#define SSL_R_COMPRESSION_FAILURE 141

1400

#define SSL_R_COMPRESSION_LIBRARY_ERROR 142

1401

#define SSL_R_CONNECTION_ID_IS_DIFFERENT 143

1402

#define SSL_R_CONNECTION_TYPE_NOT_SET 144

1403

#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145

1404

#define SSL_R_DATA_LENGTH_TOO_LONG 146

1405

#define SSL_R_DECRYPTION_FAILED 147

1406

#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148

1407

#define SSL_R_DIGEST_CHECK_FAILED 149

1408

#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150

1409

#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 1092

1410

#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151

1411

#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152

1412

#define SSL_R_EXTRA_DATA_IN_MESSAGE 153

1413

#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154

1414

#define SSL_R_HTTPS_PROXY_REQUEST 155

1415

#define SSL_R_HTTP_REQUEST 156

1416

#define SSL_R_INTERNAL_ERROR 157

1417

#define SSL_R_INVALID_CHALLENGE_LENGTH 158

1418

#define SSL_R_INVALID_COMMAND 280

1419

#define SSL_R_INVALID_PURPOSE 278

1420

#define SSL_R_INVALID_TRUST 279

1421

#define SSL_R_LENGTH_MISMATCH 159

1422

#define SSL_R_LENGTH_TOO_SHORT 160

1423

#define SSL_R_LIBRARY_BUG 274

1424

#define SSL_R_LIBRARY_HAS_NO_CIPHERS 161

1425

#define SSL_R_MISSING_DH_DSA_CERT 162

1426

#define SSL_R_MISSING_DH_KEY 163

1427

#define SSL_R_MISSING_DH_RSA_CERT 164

1428

#define SSL_R_MISSING_DSA_SIGNING_CERT 165

1429

#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166

1430

#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167

1431

#define SSL_R_MISSING_RSA_CERTIFICATE 168

1432

#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169

1433

#define SSL_R_MISSING_RSA_SIGNING_CERT 170

1434

#define SSL_R_MISSING_TMP_DH_KEY 171

1435

#define SSL_R_MISSING_TMP_RSA_KEY 172

1436

#define SSL_R_MISSING_TMP_RSA_PKEY 173

1437

#define SSL_R_MISSING_VERIFY_MESSAGE 174

1438

#define SSL_R_NON_SSLV2_INITIAL_PACKET 175

1439

#define SSL_R_NO_CERTIFICATES_RETURNED 176

1440

#define SSL_R_NO_CERTIFICATE_ASSIGNED 177

1441

#define SSL_R_NO_CERTIFICATE_RETURNED 178

1442

#define SSL_R_NO_CERTIFICATE_SET 179

1443

#define SSL_R_NO_CERTIFICATE_SPECIFIED 180

1444

#define SSL_R_NO_CIPHERS_AVAILABLE 181

1445

#define SSL_R_NO_CIPHERS_PASSED 182

1446

#define SSL_R_NO_CIPHERS_SPECIFIED 183

1447

#define SSL_R_NO_CIPHER_LIST 184

1448

#define SSL_R_NO_CIPHER_MATCH 185

1449

#define SSL_R_NO_CLIENT_CERT_RECEIVED 186

1450

#define SSL_R_NO_COMPRESSION_SPECIFIED 187

1451

#define SSL_R_NO_METHOD_SPECIFIED 188

1452

#define SSL_R_NO_PRIVATEKEY 189

1453

#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190

1454

#define SSL_R_NO_PROTOCOLS_AVAILABLE 191

1455

#define SSL_R_NO_PUBLICKEY 192

1456

#define SSL_R_NO_SHARED_CIPHER 193

1457

#define SSL_R_NO_VERIFY_CALLBACK 194

1458

#define SSL_R_NULL_SSL_CTX 195

1459

#define SSL_R_NULL_SSL_METHOD_PASSED 196

1460

#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197

1461

#define SSL_R_PACKET_LENGTH_TOO_LONG 198

1462

#define SSL_R_PATH_TOO_LONG 270

1463

#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199

1464

#define SSL_R_PEER_ERROR 200

1465

#define SSL_R_PEER_ERROR_CERTIFICATE 201

1466

#define SSL_R_PEER_ERROR_NO_CERTIFICATE 202

1467

#define SSL_R_PEER_ERROR_NO_CIPHER 203

1468

#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 204

1469

#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205

1470

#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206

1471

#define SSL_R_PROTOCOL_IS_SHUTDOWN 207

1472

#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208

1473

#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209

1474

#define SSL_R_PUBLIC_KEY_NOT_RSA 210

1475

#define SSL_R_READ_BIO_NOT_SET 211

1476

#define SSL_R_READ_WRONG_PACKET_TYPE 212

1477

#define SSL_R_RECORD_LENGTH_MISMATCH 213

1478

#define SSL_R_RECORD_TOO_LARGE 214

1479

#define SSL_R_RECORD_TOO_SMALL 1093

1480

#define SSL_R_REQUIRED_CIPHER_MISSING 215

1481

#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216

1482

#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217

1483

#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218

1484

#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277

1485

#define SSL_R_SHORT_READ 219

1486

#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220

1487

#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221

1488

#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222

1489

#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042

1490

#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020

1491

#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045

1492

#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044

1493

#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046

1494

#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030

1495

#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040

1496

#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047

1497

#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041

1498

#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 223

1499

#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 224

1500

#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 225

1501

#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 226

1502

#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010

1503

#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 227

1504

#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043

1505

#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228

1506

#define SSL_R_SSL_HANDSHAKE_FAILURE 229

1507

#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230

1508

#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273

1509

#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231

1510

#define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049

1511

#define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050

1512

#define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021

1513

#define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051

1514

#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060

1515

#define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071

1516

#define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080

1517

#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100

1518

#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070

1519

#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022

1520

#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048

1521

#define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090

1522

#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232

1523

#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233

1524

#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234

1525

#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235

1526

#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236

1527

#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 237

1528

#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238

1529

#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239

1530

#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240

1531

#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 241

1532

#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242

1533

#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243

1534

#define SSL_R_UNEXPECTED_MESSAGE 244

1535

#define SSL_R_UNEXPECTED_RECORD 245

1536

#define SSL_R_UNINITIALIZED 276

1537

#define SSL_R_UNKNOWN_ALERT_TYPE 246

1538

#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247

1539

#define SSL_R_UNKNOWN_CIPHER_RETURNED 248

1540

#define SSL_R_UNKNOWN_CIPHER_TYPE 249

1541

#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250

1542

#define SSL_R_UNKNOWN_PKEY_TYPE 251

1543

#define SSL_R_UNKNOWN_PROTOCOL 252

1544

#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253

1545

#define SSL_R_UNKNOWN_SSL_VERSION 254

1546

#define SSL_R_UNKNOWN_STATE 255

1547

#define SSL_R_UNSUPPORTED_CIPHER 256

1548

#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257

1549

#define SSL_R_UNSUPPORTED_OPTION 1091

1550

#define SSL_R_UNSUPPORTED_PROTOCOL 258

1551

#define SSL_R_UNSUPPORTED_SSL_VERSION 259

1552

#define SSL_R_WRITE_BIO_NOT_SET 260

1553

#define SSL_R_WRONG_CIPHER_RETURNED 261

1554

#define SSL_R_WRONG_MESSAGE_TYPE 262

1555

#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263

1556

#define SSL_R_WRONG_SIGNATURE_LENGTH 264

1557

#define SSL_R_WRONG_SIGNATURE_SIZE 265

1558

#define SSL_R_WRONG_SSL_VERSION 266

1559

#define SSL_R_WRONG_VERSION_NUMBER 267

1560

#define SSL_R_X509_LIB 268

1561

#define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269

1562

1563

#ifdef __cplusplus

1564

}

1565

#endif

1566

#endif

Older »