projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Abort handshake if signature algorithm used not supported by peer.
[oweals/openssl.git]
/
ssl
/
tls1.h
diff --git
a/ssl/tls1.h
b/ssl/tls1.h
index dd1b4fb22d83ac43d44c5bbea77e0cec0fd7ba7c..4d087e0a2bd14b00dc87c25e29e63825374d9829 100644
(file)
--- a/
ssl/tls1.h
+++ b/
ssl/tls1.h
@@
-267,6
+267,9
@@
extern "C" {
#define TLSEXT_signature_dsa 2
#define TLSEXT_signature_ecdsa 3
#define TLSEXT_signature_dsa 2
#define TLSEXT_signature_ecdsa 3
+/* Total number of different signature algorithms */
+#define TLSEXT_signature_num 4
+
#define TLSEXT_hash_none 0
#define TLSEXT_hash_md5 1
#define TLSEXT_hash_sha1 2
#define TLSEXT_hash_none 0
#define TLSEXT_hash_md5 1
#define TLSEXT_hash_sha1 2
@@
-274,6
+277,11
@@
extern "C" {
#define TLSEXT_hash_sha256 4
#define TLSEXT_hash_sha384 5
#define TLSEXT_hash_sha512 6
#define TLSEXT_hash_sha256 4
#define TLSEXT_hash_sha384 5
#define TLSEXT_hash_sha512 6
+
+/* Total number of different digest algorithms */
+
+#define TLSEXT_hash_num 7
+
/* Flag set for unrecognised algorithms */
#define TLSEXT_nid_unknown 0x1000000
/* Flag set for unrecognised algorithms */
#define TLSEXT_nid_unknown 0x1000000
@@
-306,6
+314,12
@@
int SSL_get_sigalgs(SSL *s, int idx,
int *psign, int *phash, int *psignandhash,
unsigned char *rsig, unsigned char *rhash);
int *psign, int *phash, int *psignandhash,
unsigned char *rsig, unsigned char *rhash);
+int SSL_get_shared_sigalgs(SSL *s, int idx,
+ int *psign, int *phash, int *psignandhash,
+ unsigned char *rsig, unsigned char *rhash);
+
+int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);
+
#define SSL_set_tlsext_host_name(s,name) \
SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
#define SSL_set_tlsext_host_name(s,name) \
SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)