]> git.saurik.com Git - apple/security.git/blobdiff - OSX/libsecurity_ssl/lib/sslContext.h
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-59306.61.1.tar.gz
[apple/security.git] / OSX / libsecurity_ssl / lib / sslContext.h
diff --git a/OSX/libsecurity_ssl/lib/sslContext.h b/OSX/libsecurity_ssl/lib/sslContext.h
index 590efcb3acbd565c4e6c026efe9fc539da90346c..84486c2c3305d4bfb1e7acd11d4fa282746ff9fa 100644 (file)
--- a/OSX/libsecurity_ssl/lib/sslContext.h
+++ b/OSX/libsecurity_ssl/lib/sslContext.h
@@ -76,8 +76,8 @@ typedef enum
     SSL_HdskStateReady,                 /* Handshake is done */
     SSL_HdskStateGracefulClose,
     SSL_HdskStateErrorClose,
-    SSL_HdskStateNoNotifyClose,                        /* server disconnected with no
-                                         *   notify msg */
+    SSL_HdskStateNoNotifyClose,                        /* Server disconnected with no notify msg */
+    SSL_HdskStateOutOfBandError,        /* The caller encountered an error with out-of-band message processing */
 } SSLHandshakeState;
 
 #define SSLChangeHdskState(ctx, newState) { ctx->state=newState; }
@@ -96,6 +96,7 @@ struct SSLContext
     int writeCipher_ready;
 
     SSLHandshakeState   state;
+    OSStatus outOfBandError;
 
        /* 
         * Prior to successful protocol negotiation, negProtocolVersion
@@ -208,6 +209,12 @@ struct SSLContext
     Boolean             signalCertRequest;
     Boolean             signalClientAuth;
     Boolean             breakOnClientHello;
+    Boolean             allowServerIdentityChange;
+    Boolean             allowRenegotiation;
+    Boolean             enableSessionTickets;
+
+    /* cached configuration buffer */
+    SSLBuffer           contextConfigurationBuffer;
 
     /* List of peer-specified supported_signature_algorithms */
        unsigned                                         numPeerSigAlgs;
@@ -255,14 +262,10 @@ OSStatus SSLUpdateNegotiatedClientAuthType(SSLContextRef ctx);
 
 Boolean sslIsSessionActive(const SSLContext *ctx);
 
-static inline bool sslVersionIsLikeTls12(SSLContext *ctx)
-{
-    check(ctx->negProtocolVersion!=SSL_Version_Undetermined);
-    return ctx->isDTLS ? ctx->negProtocolVersion > DTLS_Version_1_0 : ctx->negProtocolVersion >= TLS_Version_1_2;
-}
+OSStatus SSLGetSessionConfigurationIdentifier(SSLContext *ctx, SSLBuffer *buffer);
 
 /* This is implemented in tls_callbacks.c */
-    int sslGetSessionID(SSLContext *myCtx, SSLBuffer *sessionID);
+int sslGetSessionID(SSLContext *myCtx, SSLBuffer *sessionID);
 
 #ifdef __cplusplus
 }
mirror of Security