diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 49a6ee21..263b2728 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -4115,171 +4115,6 @@ struct ssl_ctx_st { int freelist_max_len; }; -typedef struct ssl_handshake_st SSL_HANDSHAKE; - -struct ssl_st { - /* method is the method table corresponding to the current protocol (DTLS or - * TLS). */ - const SSL_PROTOCOL_METHOD *method; - - /* version is the protocol version. */ - int version; - - /* max_version is the maximum acceptable protocol version. Note this version - * is normalized in DTLS. */ - uint16_t max_version; - - /* min_version is the minimum acceptable protocol version. Note this version - * is normalized in DTLS. */ - uint16_t min_version; - - uint16_t max_send_fragment; - - /* There are 2 BIO's even though they are normally both the same. This is so - * data can be read and written to different handlers */ - - BIO *rbio; /* used by SSL_read */ - BIO *wbio; /* used by SSL_write */ - - int (*handshake_func)(SSL_HANDSHAKE *hs); - - BUF_MEM *init_buf; /* buffer used during init */ - - /* init_msg is a pointer to the current handshake message body. */ - const uint8_t *init_msg; - /* init_num is the length of the current handshake message body. */ - uint32_t init_num; - - struct ssl3_state_st *s3; /* SSLv3 variables */ - struct dtls1_state_st *d1; /* DTLSv1 variables */ - - /* callback that allows applications to peek at protocol messages */ - void (*msg_callback)(int write_p, int version, int content_type, - const void *buf, size_t len, SSL *ssl, void *arg); - void *msg_callback_arg; - - X509_VERIFY_PARAM *param; - - /* crypto */ - struct ssl_cipher_preference_list_st *cipher_list; - - /* session info */ - - /* client cert? */ - /* This is used to hold the server certificate used */ - struct cert_st /* CERT */ *cert; - - /* This holds a variable that indicates what we were doing when a 0 or -1 is - * returned. This is needed for non-blocking IO so we know what request - * needs re-doing when in SSL_accept or SSL_connect */ - int rwstate; - - /* initial_timeout_duration_ms is the default DTLS timeout duration in - * milliseconds. It's used to initialize the timer any time it's restarted. */ - unsigned initial_timeout_duration_ms; - - /* the session_id_context is used to ensure sessions are only reused - * in the appropriate context */ - uint8_t sid_ctx_length; - uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH]; - - /* session is the configured session to be offered by the client. This session - * is immutable. */ - SSL_SESSION *session; - - int (*verify_callback)(int ok, - X509_STORE_CTX *ctx); /* fail if callback returns 0 */ - - void (*info_callback)(const SSL *ssl, int type, int value); - - /* Server-only: psk_identity_hint is the identity hint to send in - * PSK-based key exchanges. */ - char *psk_identity_hint; - - unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, - char *identity, - unsigned int max_identity_len, - uint8_t *psk, unsigned int max_psk_len); - unsigned int (*psk_server_callback)(SSL *ssl, const char *identity, - uint8_t *psk, unsigned int max_psk_len); - - SSL_CTX *ctx; - - /* extra application data */ - CRYPTO_EX_DATA ex_data; - - /* for server side, keep the list of CA_dn we can use */ - STACK_OF(X509_NAME) *client_CA; - - uint32_t options; /* protocol behaviour */ - uint32_t mode; /* API behaviour */ - uint32_t max_cert_list; - char *tlsext_hostname; - size_t supported_group_list_len; - uint16_t *supported_group_list; /* our list */ - - SSL_CTX *initial_ctx; /* initial ctx, used to store sessions */ - - /* srtp_profiles is the list of configured SRTP protection profiles for - * DTLS-SRTP. */ - STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; - - /* srtp_profile is the selected SRTP protection profile for - * DTLS-SRTP. */ - const SRTP_PROTECTION_PROFILE *srtp_profile; - - /* The client's Channel ID private key. */ - EVP_PKEY *tlsext_channel_id_private; - - /* For a client, this contains the list of supported protocols in wire - * format. */ - uint8_t *alpn_client_proto_list; - unsigned alpn_client_proto_list_len; - - /* renegotiate_mode controls how peer renegotiation attempts are handled. */ - enum ssl_renegotiate_mode_t renegotiate_mode; - - /* verify_mode is a bitmask of |SSL_VERIFY_*| values. */ - uint8_t verify_mode; - - /* server is true iff the this SSL* is the server half. Note: before the SSL* - * is initialized by either SSL_set_accept_state or SSL_set_connect_state, - * the side is not determined. In this state, server is always false. */ - unsigned server:1; - - /* quiet_shutdown is true if the connection should not send a close_notify on - * shutdown. */ - unsigned quiet_shutdown:1; - - /* Enable signed certificate time stamps. Currently client only. */ - unsigned signed_cert_timestamps_enabled:1; - - /* ocsp_stapling_enabled is only used by client connections and indicates - * whether OCSP stapling will be requested. */ - unsigned ocsp_stapling_enabled:1; - - /* tlsext_channel_id_enabled is copied from the |SSL_CTX|. For a server, - * means that we'll accept Channel IDs from clients. For a client, means that - * we'll advertise support. */ - unsigned tlsext_channel_id_enabled:1; - - /* retain_only_sha256_of_client_certs is true if we should compute the SHA256 - * hash of the peer's certificate and then discard it to save memory and - * session space. Only effective on the server side. */ - unsigned retain_only_sha256_of_client_certs:1; - - /* session_timeout is the default lifetime in seconds of the session - * created in this connection at TLS 1.2 and earlier. */ - long session_timeout; - - /* session_psk_dhe_timeout is the default lifetime in seconds of sessions - * created in this connection at TLS 1.3. */ - long session_psk_dhe_timeout; - - /* OCSP response to be sent to the client, if requested. */ - CRYPTO_BUFFER *ocsp_response; -}; - /* Nodejs compatibility section (hidden). * diff --git a/ssl/internal.h b/ssl/internal.h index 544259c0..a90294e2 100644 --- a/ssl/internal.h +++ b/ssl/internal.h @@ -502,6 +502,8 @@ int ssl_public_key_verify( /* Custom extensions */ +typedef struct ssl_handshake_st SSL_HANDSHAKE; + /* ssl_custom_extension (a.k.a. SSL_CUSTOM_EXTENSION) is a structure that * contains information about custom-extension callbacks. */ struct ssl_custom_extension { @@ -1683,6 +1685,169 @@ typedef struct dtls1_state_st { unsigned timeout_duration_ms; } DTLS1_STATE; +struct ssl_st { + /* method is the method table corresponding to the current protocol (DTLS or + * TLS). */ + const SSL_PROTOCOL_METHOD *method; + + /* version is the protocol version. */ + int version; + + /* max_version is the maximum acceptable protocol version. Note this version + * is normalized in DTLS. */ + uint16_t max_version; + + /* min_version is the minimum acceptable protocol version. Note this version + * is normalized in DTLS. */ + uint16_t min_version; + + uint16_t max_send_fragment; + + /* There are 2 BIO's even though they are normally both the same. This is so + * data can be read and written to different handlers */ + + BIO *rbio; /* used by SSL_read */ + BIO *wbio; /* used by SSL_write */ + + int (*handshake_func)(SSL_HANDSHAKE *hs); + + BUF_MEM *init_buf; /* buffer used during init */ + + /* init_msg is a pointer to the current handshake message body. */ + const uint8_t *init_msg; + /* init_num is the length of the current handshake message body. */ + uint32_t init_num; + + struct ssl3_state_st *s3; /* SSLv3 variables */ + struct dtls1_state_st *d1; /* DTLSv1 variables */ + + /* callback that allows applications to peek at protocol messages */ + void (*msg_callback)(int write_p, int version, int content_type, + const void *buf, size_t len, SSL *ssl, void *arg); + void *msg_callback_arg; + + X509_VERIFY_PARAM *param; + + /* crypto */ + struct ssl_cipher_preference_list_st *cipher_list; + + /* session info */ + + /* client cert? */ + /* This is used to hold the server certificate used */ + struct cert_st /* CERT */ *cert; + + /* This holds a variable that indicates what we were doing when a 0 or -1 is + * returned. This is needed for non-blocking IO so we know what request + * needs re-doing when in SSL_accept or SSL_connect */ + int rwstate; + + /* initial_timeout_duration_ms is the default DTLS timeout duration in + * milliseconds. It's used to initialize the timer any time it's restarted. */ + unsigned initial_timeout_duration_ms; + + /* the session_id_context is used to ensure sessions are only reused + * in the appropriate context */ + uint8_t sid_ctx_length; + uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH]; + + /* session is the configured session to be offered by the client. This session + * is immutable. */ + SSL_SESSION *session; + + int (*verify_callback)(int ok, + X509_STORE_CTX *ctx); /* fail if callback returns 0 */ + + void (*info_callback)(const SSL *ssl, int type, int value); + + /* Server-only: psk_identity_hint is the identity hint to send in + * PSK-based key exchanges. */ + char *psk_identity_hint; + + unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, + char *identity, + unsigned int max_identity_len, + uint8_t *psk, unsigned int max_psk_len); + unsigned int (*psk_server_callback)(SSL *ssl, const char *identity, + uint8_t *psk, unsigned int max_psk_len); + + SSL_CTX *ctx; + + /* extra application data */ + CRYPTO_EX_DATA ex_data; + + /* for server side, keep the list of CA_dn we can use */ + STACK_OF(X509_NAME) *client_CA; + + uint32_t options; /* protocol behaviour */ + uint32_t mode; /* API behaviour */ + uint32_t max_cert_list; + char *tlsext_hostname; + size_t supported_group_list_len; + uint16_t *supported_group_list; /* our list */ + + SSL_CTX *initial_ctx; /* initial ctx, used to store sessions */ + + /* srtp_profiles is the list of configured SRTP protection profiles for + * DTLS-SRTP. */ + STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; + + /* srtp_profile is the selected SRTP protection profile for + * DTLS-SRTP. */ + const SRTP_PROTECTION_PROFILE *srtp_profile; + + /* The client's Channel ID private key. */ + EVP_PKEY *tlsext_channel_id_private; + + /* For a client, this contains the list of supported protocols in wire + * format. */ + uint8_t *alpn_client_proto_list; + unsigned alpn_client_proto_list_len; + + /* renegotiate_mode controls how peer renegotiation attempts are handled. */ + enum ssl_renegotiate_mode_t renegotiate_mode; + + /* verify_mode is a bitmask of |SSL_VERIFY_*| values. */ + uint8_t verify_mode; + + /* server is true iff the this SSL* is the server half. Note: before the SSL* + * is initialized by either SSL_set_accept_state or SSL_set_connect_state, + * the side is not determined. In this state, server is always false. */ + unsigned server:1; + + /* quiet_shutdown is true if the connection should not send a close_notify on + * shutdown. */ + unsigned quiet_shutdown:1; + + /* Enable signed certificate time stamps. Currently client only. */ + unsigned signed_cert_timestamps_enabled:1; + + /* ocsp_stapling_enabled is only used by client connections and indicates + * whether OCSP stapling will be requested. */ + unsigned ocsp_stapling_enabled:1; + + /* tlsext_channel_id_enabled is copied from the |SSL_CTX|. For a server, + * means that we'll accept Channel IDs from clients. For a client, means that + * we'll advertise support. */ + unsigned tlsext_channel_id_enabled:1; + + /* retain_only_sha256_of_client_certs is true if we should compute the SHA256 + * hash of the peer's certificate and then discard it to save memory and + * session space. Only effective on the server side. */ + unsigned retain_only_sha256_of_client_certs:1; + + /* session_timeout is the default lifetime in seconds of the session + * created in this connection at TLS 1.2 and earlier. */ + long session_timeout; + + /* session_psk_dhe_timeout is the default lifetime in seconds of sessions + * created in this connection at TLS 1.3. */ + long session_psk_dhe_timeout; + + /* OCSP response to be sent to the client, if requested. */ + CRYPTO_BUFFER *ocsp_response; +}; + extern const SSL3_ENC_METHOD TLSv1_enc_data; extern const SSL3_ENC_METHOD SSLv3_enc_data;