Fix from 0.9.7-stable.

[oweals/openssl.git] / ssl / ssl3.h
diff --git a/ssl/ssl3.h b/ssl/ssl3.h

index 28c4f7728f5caa167f89bd39bcf55c3cfa8ff5db..bacaff157e5be0f295cc029a1175738ecbe0d485 100644 (file)
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -123,6 +123,7 @@
  #include <openssl/buffer.h>
  #include <openssl/evp.h>
  #include <openssl/ssl.h>
+#include <openssl/pq_compat.h>
  
  #ifdef  __cplusplus
  extern "C" {
@@ -225,15 +226,15 @@ extern "C" {
  #define SSL3_TXT_KRB5_RC4_128_SHA              "KRB5-RC4-SHA"
  #define SSL3_TXT_KRB5_IDEA_128_CBC_SHA         "KRB5-IDEA-CBC-SHA"
  #define SSL3_TXT_KRB5_DES_64_CBC_MD5           "KRB5-DES-CBC-MD5"
-#define SSL3_TXT_KRB5_DES_192_CBC3_MD5         "KRB5-DES-CBC3-SHA"
+#define SSL3_TXT_KRB5_DES_192_CBC3_MD5         "KRB5-DES-CBC3-MD5"
  #define SSL3_TXT_KRB5_RC4_128_MD5              "KRB5-RC4-MD5"
-#define SSL3_TXT_KRB5_IDEA_128_CBC_MD5                 "KRB5-IDEA-CBC-SHA"
+#define SSL3_TXT_KRB5_IDEA_128_CBC_MD5                 "KRB5-IDEA-CBC-MD5"
  
  #define SSL3_TXT_KRB5_DES_40_CBC_SHA           "EXP-KRB5-DES-CBC-SHA"
  #define SSL3_TXT_KRB5_RC2_40_CBC_SHA           "EXP-KRB5-RC2-CBC-SHA"
  #define SSL3_TXT_KRB5_RC4_40_SHA               "EXP-KRB5-RC4-SHA"
  #define SSL3_TXT_KRB5_DES_40_CBC_MD5           "EXP-KRB5-DES-CBC-MD5"
-#define SSL3_TXT_KRB5_DES_40_CBC_MD5           "EXP-KRB5-DES-CBC-MD5"
+#define SSL3_TXT_KRB5_RC2_40_CBC_MD5           "EXP-KRB5-RC2-CBC-MD5"
  #define SSL3_TXT_KRB5_RC4_40_MD5               "EXP-KRB5-RC4-MD5"
  
  #define SSL3_SSL_SESSION_ID_LENGTH             32
@@ -253,7 +254,11 @@ extern "C" {
  #endif
  
  #define SSL3_RT_MAX_PLAIN_LENGTH               16384
+#ifdef OPENSSL_NO_COMP
+#define SSL3_RT_MAX_COMPRESSED_LENGTH  SSL3_RT_MAX_PLAIN_LENGTH
+#else
  #define SSL3_RT_MAX_COMPRESSED_LENGTH  (1024+SSL3_RT_MAX_PLAIN_LENGTH)
+#endif
  #define SSL3_RT_MAX_ENCRYPTED_LENGTH   (1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
  #define SSL3_RT_MAX_PACKET_SIZE                (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
  #define SSL3_RT_MAX_DATA_SIZE                  (1024*1024)
@@ -294,6 +299,8 @@ typedef struct ssl3_record_st
  /*rw*/ unsigned char *data;    /* pointer to the record data */
  /*rw*/ unsigned char *input;   /* where the decode bytes are */
  /*r */ unsigned char *comp;    /* only used with decompression - malloc()ed */
+/*r */  unsigned long epoch;    /* epoch number, needed by DTLS1 */
+/*r */  PQ_64BIT seq_num;       /* sequence number, needed by DTLS1 */
         } SSL3_RECORD;
  
  typedef struct ssl3_buffer_st
@@ -435,6 +442,7 @@ typedef struct ssl3_state_st
  
         } SSL3_STATE;
  
+
  /* SSLv3 */
  /*client */
  /* extra state */
@@ -445,6 +453,8 @@ typedef struct ssl3_state_st
  /* read from server */
  #define SSL3_ST_CR_SRVR_HELLO_A                (0x120|SSL_ST_CONNECT)
  #define SSL3_ST_CR_SRVR_HELLO_B                (0x121|SSL_ST_CONNECT)
+#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT)
+#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT)
  #define SSL3_ST_CR_CERT_A              (0x130|SSL_ST_CONNECT)
  #define SSL3_ST_CR_CERT_B              (0x131|SSL_ST_CONNECT)
  #define SSL3_ST_CR_KEY_EXCH_A          (0x140|SSL_ST_CONNECT)
@@ -481,6 +491,8 @@ typedef struct ssl3_state_st
  #define SSL3_ST_SR_CLNT_HELLO_B                (0x111|SSL_ST_ACCEPT)
  #define SSL3_ST_SR_CLNT_HELLO_C                (0x112|SSL_ST_ACCEPT)
  /* write to client */
+#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
+#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
  #define SSL3_ST_SW_HELLO_REQ_A         (0x120|SSL_ST_ACCEPT)
  #define SSL3_ST_SW_HELLO_REQ_B         (0x121|SSL_ST_ACCEPT)
  #define SSL3_ST_SW_HELLO_REQ_C         (0x122|SSL_ST_ACCEPT)
@@ -521,6 +533,8 @@ typedef struct ssl3_state_st
  #define SSL3_MT_CERTIFICATE_VERIFY             15
  #define SSL3_MT_CLIENT_KEY_EXCHANGE            16
  #define SSL3_MT_FINISHED                       20
+#define DTLS1_MT_HELLO_VERIFY_REQUEST    3
+
  
  #define SSL3_MT_CCS                            1