diff options
author | Parménides GV <parmegv@sdf.org> | 2014-09-26 09:46:26 +0200 |
---|---|---|
committer | Parménides GV <parmegv@sdf.org> | 2014-09-26 09:46:26 +0200 |
commit | 394451dbae3e71282611058e00b5fd16c865f147 (patch) | |
tree | 17b71034d9350a2848603f5edf0a8b13025909be /app/openssl/ssl/ssl3.h | |
parent | 644fd02cf8da95b0b5a99fb9f2142628dd27f7c2 (diff) |
Revert "Updated native subprojects from ics-openvpn."
This reverts commit d0e7ba3029b2fd42582413aa95773fe7dbdede90.
I'll postpone this work for the next cycle, it's not trivial because it doesn't link properly.
Diffstat (limited to 'app/openssl/ssl/ssl3.h')
-rw-r--r-- | app/openssl/ssl/ssl3.h | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/app/openssl/ssl/ssl3.h b/app/openssl/ssl/ssl3.h index 83d59bff..f205f73d 100644 --- a/app/openssl/ssl/ssl3.h +++ b/app/openssl/ssl/ssl3.h @@ -388,6 +388,9 @@ typedef struct ssl3_buffer_st #define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 #define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010 #define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020 +/* SSL3_FLAGS_CCS_OK indicates that a ChangeCipherSpec record is acceptable at + * this point in the handshake. If this flag is not set then received CCS + * records will cause a fatal error for the connection. */ #define SSL3_FLAGS_CCS_OK 0x0080 /* SSL3_FLAGS_SGC_RESTART_DONE is set when we @@ -555,11 +558,6 @@ typedef struct ssl3_state_st * for Channel IDs and that tlsext_channel_id will be valid after the * handshake. */ char tlsext_channel_id_valid; - /* tlsext_channel_id_new means that the updated Channel ID extension - * was negotiated. This is a temporary hack in the code to support both - * forms of Channel ID extension while we transition to the new format, - * which fixed a security issue. */ - char tlsext_channel_id_new; /* For a server: * If |tlsext_channel_id_valid| is true, then this contains the * verified Channel ID from the client: a P256 point, (x,y), where @@ -680,11 +678,11 @@ typedef struct ssl3_state_st #define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) #define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) #define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) +#define SSL3_ST_SR_POST_CLIENT_CERT (0x1BF|SSL_ST_ACCEPT) #ifndef OPENSSL_NO_NEXTPROTONEG #define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT) #define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT) #endif -#define SSL3_ST_SR_POST_CLIENT_CERT (0x1BF|SSL_ST_ACCEPT) #define SSL3_ST_SR_CHANNEL_ID_A (0x220|SSL_ST_ACCEPT) #define SSL3_ST_SR_CHANNEL_ID_B (0x221|SSL_ST_ACCEPT) #define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) |