diff options
Diffstat (limited to 'deps/openssl/openssl/ssl/statem/statem.h')
-rw-r--r-- | deps/openssl/openssl/ssl/statem/statem.h | 51 |
1 files changed, 46 insertions, 5 deletions
diff --git a/deps/openssl/openssl/ssl/statem/statem.h b/deps/openssl/openssl/ssl/statem/statem.h index c669ee9e78..144d930fc7 100644 --- a/deps/openssl/openssl/ssl/statem/statem.h +++ b/deps/openssl/openssl/ssl/statem/statem.h @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -27,7 +27,9 @@ typedef enum { /* We're working on phase A */ WORK_MORE_A, /* We're working on phase B */ - WORK_MORE_B + WORK_MORE_B, + /* We're working on phase C */ + WORK_MORE_C } WORK_STATE; /* Write transition return codes */ @@ -46,8 +48,6 @@ typedef enum { MSG_FLOW_UNINITED, /* A permanent error with this connection */ MSG_FLOW_ERROR, - /* We are about to renegotiate */ - MSG_FLOW_RENEGOTIATE, /* We are reading messages */ MSG_FLOW_READING, /* We are writing messages */ @@ -71,6 +71,22 @@ typedef enum { WRITE_STATE_POST_WORK } WRITE_STATE; +typedef enum { + /* The enc_write_ctx can be used normally */ + ENC_WRITE_STATE_VALID, + /* The enc_write_ctx cannot be used */ + ENC_WRITE_STATE_INVALID, + /* Write alerts in plaintext, but otherwise use the enc_write_ctx */ + ENC_WRITE_STATE_WRITE_PLAIN_ALERTS +} ENC_WRITE_STATES; + +typedef enum { + /* The enc_read_ctx can be used normally */ + ENC_READ_STATE_VALID, + /* We may receive encrypted or plaintext alerts */ + ENC_READ_STATE_ALLOW_PLAIN_ALERTS +} ENC_READ_STATES; + /***************************************************************************** * * * This structure should be considered "opaque" to anything outside of the * @@ -86,13 +102,22 @@ struct ossl_statem_st { READ_STATE read_state; WORK_STATE read_state_work; OSSL_HANDSHAKE_STATE hand_state; + /* The handshake state requested by an API call (e.g. HelloRequest) */ + OSSL_HANDSHAKE_STATE request_state; int in_init; int read_state_first_init; /* true when we are actually in SSL_accept() or SSL_connect() */ int in_handshake; + /* + * True when are processing a "real" handshake that needs cleaning up (not + * just a HelloRequest or similar). + */ + int cleanuphand; /* Should we skip the CertificateVerify message? */ unsigned int no_cert_verify; int use_timer; + ENC_WRITE_STATES enc_write_state; + ENC_READ_STATES enc_read_state; }; typedef struct ossl_statem_st OSSL_STATEM; @@ -107,10 +132,26 @@ __owur int ossl_statem_accept(SSL *s); __owur int ossl_statem_connect(SSL *s); void ossl_statem_clear(SSL *s); void ossl_statem_set_renegotiate(SSL *s); -void ossl_statem_set_error(SSL *s); +void ossl_statem_fatal(SSL *s, int al, int func, int reason, const char *file, + int line); +# define SSL_AD_NO_ALERT -1 +# ifndef OPENSSL_NO_ERR +# define SSLfatal(s, al, f, r) ossl_statem_fatal((s), (al), (f), (r), \ + OPENSSL_FILE, OPENSSL_LINE) +# else +# define SSLfatal(s, al, f, r) ossl_statem_fatal((s), (al), (f), (r), NULL, 0) +# endif + int ossl_statem_in_error(const SSL *s); void ossl_statem_set_in_init(SSL *s, int init); int ossl_statem_get_in_handshake(SSL *s); void ossl_statem_set_in_handshake(SSL *s, int inhand); +__owur int ossl_statem_skip_early_data(SSL *s); +void ossl_statem_check_finish_init(SSL *s, int send); void ossl_statem_set_hello_verify_done(SSL *s); __owur int ossl_statem_app_data_allowed(SSL *s); +__owur int ossl_statem_export_allowed(SSL *s); +__owur int ossl_statem_export_early_allowed(SSL *s); + +/* Flush the write BIO */ +int statem_flush(SSL *s); |