summaryrefslogtreecommitdiff
path: root/deps/openssl/openssl/ssl/statem/statem.h
diff options
context:
space:
mode:
Diffstat (limited to 'deps/openssl/openssl/ssl/statem/statem.h')
-rw-r--r--deps/openssl/openssl/ssl/statem/statem.h51
1 files changed, 46 insertions, 5 deletions
diff --git a/deps/openssl/openssl/ssl/statem/statem.h b/deps/openssl/openssl/ssl/statem/statem.h
index c669ee9e78..144d930fc7 100644
--- a/deps/openssl/openssl/ssl/statem/statem.h
+++ b/deps/openssl/openssl/ssl/statem/statem.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -27,7 +27,9 @@ typedef enum {
/* We're working on phase A */
WORK_MORE_A,
/* We're working on phase B */
- WORK_MORE_B
+ WORK_MORE_B,
+ /* We're working on phase C */
+ WORK_MORE_C
} WORK_STATE;
/* Write transition return codes */
@@ -46,8 +48,6 @@ typedef enum {
MSG_FLOW_UNINITED,
/* A permanent error with this connection */
MSG_FLOW_ERROR,
- /* We are about to renegotiate */
- MSG_FLOW_RENEGOTIATE,
/* We are reading messages */
MSG_FLOW_READING,
/* We are writing messages */
@@ -71,6 +71,22 @@ typedef enum {
WRITE_STATE_POST_WORK
} WRITE_STATE;
+typedef enum {
+ /* The enc_write_ctx can be used normally */
+ ENC_WRITE_STATE_VALID,
+ /* The enc_write_ctx cannot be used */
+ ENC_WRITE_STATE_INVALID,
+ /* Write alerts in plaintext, but otherwise use the enc_write_ctx */
+ ENC_WRITE_STATE_WRITE_PLAIN_ALERTS
+} ENC_WRITE_STATES;
+
+typedef enum {
+ /* The enc_read_ctx can be used normally */
+ ENC_READ_STATE_VALID,
+ /* We may receive encrypted or plaintext alerts */
+ ENC_READ_STATE_ALLOW_PLAIN_ALERTS
+} ENC_READ_STATES;
+
/*****************************************************************************
* *
* This structure should be considered "opaque" to anything outside of the *
@@ -86,13 +102,22 @@ struct ossl_statem_st {
READ_STATE read_state;
WORK_STATE read_state_work;
OSSL_HANDSHAKE_STATE hand_state;
+ /* The handshake state requested by an API call (e.g. HelloRequest) */
+ OSSL_HANDSHAKE_STATE request_state;
int in_init;
int read_state_first_init;
/* true when we are actually in SSL_accept() or SSL_connect() */
int in_handshake;
+ /*
+ * True when are processing a "real" handshake that needs cleaning up (not
+ * just a HelloRequest or similar).
+ */
+ int cleanuphand;
/* Should we skip the CertificateVerify message? */
unsigned int no_cert_verify;
int use_timer;
+ ENC_WRITE_STATES enc_write_state;
+ ENC_READ_STATES enc_read_state;
};
typedef struct ossl_statem_st OSSL_STATEM;
@@ -107,10 +132,26 @@ __owur int ossl_statem_accept(SSL *s);
__owur int ossl_statem_connect(SSL *s);
void ossl_statem_clear(SSL *s);
void ossl_statem_set_renegotiate(SSL *s);
-void ossl_statem_set_error(SSL *s);
+void ossl_statem_fatal(SSL *s, int al, int func, int reason, const char *file,
+ int line);
+# define SSL_AD_NO_ALERT -1
+# ifndef OPENSSL_NO_ERR
+# define SSLfatal(s, al, f, r) ossl_statem_fatal((s), (al), (f), (r), \
+ OPENSSL_FILE, OPENSSL_LINE)
+# else
+# define SSLfatal(s, al, f, r) ossl_statem_fatal((s), (al), (f), (r), NULL, 0)
+# endif
+
int ossl_statem_in_error(const SSL *s);
void ossl_statem_set_in_init(SSL *s, int init);
int ossl_statem_get_in_handshake(SSL *s);
void ossl_statem_set_in_handshake(SSL *s, int inhand);
+__owur int ossl_statem_skip_early_data(SSL *s);
+void ossl_statem_check_finish_init(SSL *s, int send);
void ossl_statem_set_hello_verify_done(SSL *s);
__owur int ossl_statem_app_data_allowed(SSL *s);
+__owur int ossl_statem_export_allowed(SSL *s);
+__owur int ossl_statem_export_early_allowed(SSL *s);
+
+/* Flush the write BIO */
+int statem_flush(SSL *s);