X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/fa7225c82381bac4432a6edf16f53b5370238d85..dd5fb164cf5b32c462296bc65e289e100f74b59a:/OSX/libsecurity_ssl/lib/sslContext.h?ds=inline diff --git a/OSX/libsecurity_ssl/lib/sslContext.h b/OSX/libsecurity_ssl/lib/sslContext.h index 590efcb3..82f5ffc7 100644 --- a/OSX/libsecurity_ssl/lib/sslContext.h +++ b/OSX/libsecurity_ssl/lib/sslContext.h @@ -76,8 +76,8 @@ typedef enum SSL_HdskStateReady, /* Handshake is done */ SSL_HdskStateGracefulClose, SSL_HdskStateErrorClose, - SSL_HdskStateNoNotifyClose, /* server disconnected with no - * notify msg */ + SSL_HdskStateNoNotifyClose, /* Server disconnected with no notify msg */ + SSL_HdskStateOutOfBandError, /* The caller encountered an error with out-of-band message processing */ } SSLHandshakeState; #define SSLChangeHdskState(ctx, newState) { ctx->state=newState; } @@ -96,6 +96,7 @@ struct SSLContext int writeCipher_ready; SSLHandshakeState state; + OSStatus outOfBandError; /* * Prior to successful protocol negotiation, negProtocolVersion @@ -208,6 +209,12 @@ struct SSLContext Boolean signalCertRequest; Boolean signalClientAuth; Boolean breakOnClientHello; + Boolean allowServerIdentityChange; + Boolean allowRenegotiation; + Boolean enableSessionTickets; + + /* cached configuration buffer */ + SSLBuffer contextConfigurationBuffer; /* List of peer-specified supported_signature_algorithms */ unsigned numPeerSigAlgs; @@ -261,8 +268,10 @@ static inline bool sslVersionIsLikeTls12(SSLContext *ctx) return ctx->isDTLS ? ctx->negProtocolVersion > DTLS_Version_1_0 : ctx->negProtocolVersion >= TLS_Version_1_2; } +OSStatus SSLGetSessionConfigurationIdentifier(SSLContext *ctx, SSLBuffer *buffer); + /* This is implemented in tls_callbacks.c */ - int sslGetSessionID(SSLContext *myCtx, SSLBuffer *sessionID); +int sslGetSessionID(SSLContext *myCtx, SSLBuffer *sessionID); #ifdef __cplusplus }