X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/fa7225c82381bac4432a6edf16f53b5370238d85..7e6b461318c8a779d91381531435a68ee4e8b6ed:/OSX/libsecurity_ssl/lib/sslContext.h?ds=inline

diff --git a/OSX/libsecurity_ssl/lib/sslContext.h b/OSX/libsecurity_ssl/lib/sslContext.h
index 590efcb3..84486c2c 100644
--- a/OSX/libsecurity_ssl/lib/sslContext.h
+++ b/OSX/libsecurity_ssl/lib/sslContext.h
@@ -76,8 +76,8 @@ typedef enum
     SSL_HdskStateReady,                 /* Handshake is done */
     SSL_HdskStateGracefulClose,
     SSL_HdskStateErrorClose,
-    SSL_HdskStateNoNotifyClose,			/* server disconnected with no
-                                         *   notify msg */
+    SSL_HdskStateNoNotifyClose,			/* Server disconnected with no notify msg */
+    SSL_HdskStateOutOfBandError,        /* The caller encountered an error with out-of-band message processing */
 } SSLHandshakeState;
 
 #define SSLChangeHdskState(ctx, newState) { ctx->state=newState; }
@@ -96,6 +96,7 @@ struct SSLContext
     int writeCipher_ready;
 
     SSLHandshakeState   state;
+    OSStatus outOfBandError;
 
 	/* 
 	 * Prior to successful protocol negotiation, negProtocolVersion
@@ -208,6 +209,12 @@ struct SSLContext
     Boolean             signalCertRequest;
     Boolean             signalClientAuth;
     Boolean             breakOnClientHello;
+    Boolean             allowServerIdentityChange;
+    Boolean             allowRenegotiation;
+    Boolean             enableSessionTickets;
+
+    /* cached configuration buffer */
+    SSLBuffer           contextConfigurationBuffer;
 
     /* List of peer-specified supported_signature_algorithms */
 	unsigned					 numPeerSigAlgs;
@@ -255,14 +262,10 @@ OSStatus SSLUpdateNegotiatedClientAuthType(SSLContextRef ctx);
 
 Boolean sslIsSessionActive(const SSLContext *ctx);
 
-static inline bool sslVersionIsLikeTls12(SSLContext *ctx)
-{
-    check(ctx->negProtocolVersion!=SSL_Version_Undetermined);
-    return ctx->isDTLS ? ctx->negProtocolVersion > DTLS_Version_1_0 : ctx->negProtocolVersion >= TLS_Version_1_2;
-}
+OSStatus SSLGetSessionConfigurationIdentifier(SSLContext *ctx, SSLBuffer *buffer);
 
 /* This is implemented in tls_callbacks.c */
-    int sslGetSessionID(SSLContext *myCtx, SSLBuffer *sessionID);
+int sslGetSessionID(SSLContext *myCtx, SSLBuffer *sessionID);
 
 #ifdef __cplusplus
 }