diff options
Diffstat (limited to 'main/openssl/include')
-rw-r--r-- | main/openssl/include/openssl/ocsp.h | 7 | ||||
-rw-r--r-- | main/openssl/include/openssl/ssl.h | 4 | ||||
-rw-r--r-- | main/openssl/include/openssl/tls1.h | 8 |
3 files changed, 19 insertions, 0 deletions
diff --git a/main/openssl/include/openssl/ocsp.h b/main/openssl/include/openssl/ocsp.h index 31e45744..f14e9f7e 100644 --- a/main/openssl/include/openssl/ocsp.h +++ b/main/openssl/include/openssl/ocsp.h @@ -90,6 +90,13 @@ extern "C" { #define OCSP_RESPID_KEY 0x400 #define OCSP_NOTIME 0x800 +#ifdef OPENSSL_SYS_WIN32 + /* Under Win32 these are defined in wincrypt.h */ +#undef OCSP_REQUEST +#undef X509_NAME +#undef OCSP_RESPONSE +#endif + /* CertID ::= SEQUENCE { * hashAlgorithm AlgorithmIdentifier, * issuerNameHash OCTET STRING, -- Hash of Issuer's DN diff --git a/main/openssl/include/openssl/ssl.h b/main/openssl/include/openssl/ssl.h index 40c4d9cf..57335a98 100644 --- a/main/openssl/include/openssl/ssl.h +++ b/main/openssl/include/openssl/ssl.h @@ -1315,6 +1315,10 @@ struct ssl_st #endif /* OPENSSL_NO_KRB5 */ #ifndef OPENSSL_NO_PSK + /* PSK identity hint is stored here only to enable setting a hint on an SSL object before an + * SSL_SESSION is associated with it. Once an SSL_SESSION is associated with this SSL object, + * the psk_identity_hint from the session takes precedence over this one. */ + char *psk_identity_hint; unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len); diff --git a/main/openssl/include/openssl/tls1.h b/main/openssl/include/openssl/tls1.h index 6283c6a7..ec8948d5 100644 --- a/main/openssl/include/openssl/tls1.h +++ b/main/openssl/include/openssl/tls1.h @@ -531,6 +531,10 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) #define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031 #define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032 +/* ECDHE PSK ciphersuites from RFC 5489 */ +#define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0x0300C037 +#define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0x0300C038 + /* XXX * Inconsistency alert: * The OpenSSL names of ciphers with ephemeral DH here include the string @@ -682,6 +686,10 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) #define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256" #define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384" +/* ECDHE PSK ciphersuites from RFC 5489 */ +#define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 "ECDHE-PSK-WITH-AES-128-CBC-SHA256" +#define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 "ECDHE-PSK-WITH-AES-256-CBC-SHA384" + #define TLS_CT_RSA_SIGN 1 #define TLS_CT_DSS_SIGN 2 #define TLS_CT_RSA_FIXED_DH 3 |