]>
Commit | Line | Data |
---|---|---|
846e33c7 RS |
1 | /* |
2 | * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. | |
61ae935a | 3 | * |
846e33c7 RS |
4 | * Licensed under the OpenSSL license (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
61ae935a MC |
8 | */ |
9 | ||
10 | /***************************************************************************** | |
11 | * * | |
12 | * The following definitions are PRIVATE to the state machine. They should * | |
13 | * NOT be used outside of the state machine. * | |
14 | * * | |
15 | *****************************************************************************/ | |
16 | ||
17 | /* Max message length definitions */ | |
18 | ||
19 | /* The spec allows for a longer length than this, but we limit it */ | |
20 | #define HELLO_VERIFY_REQUEST_MAX_LENGTH 258 | |
21 | #define SERVER_HELLO_MAX_LENGTH 20000 | |
3847d426 | 22 | #define HELLO_RETRY_REQUEST_MAX_LENGTH 20000 |
e46f2334 | 23 | #define ENCRYPTED_EXTENSIONS_MAX_LENGTH 20000 |
61ae935a MC |
24 | #define SERVER_KEY_EXCH_MAX_LENGTH 102400 |
25 | #define SERVER_HELLO_DONE_MAX_LENGTH 0 | |
e1c3de44 | 26 | #define KEY_UPDATE_MAX_LENGTH 1 |
61ae935a MC |
27 | #define CCS_MAX_LENGTH 1 |
28 | /* Max should actually be 36 but we are generous */ | |
29 | #define FINISHED_MAX_LENGTH 64 | |
30 | ||
fadd9a1e | 31 | /* Extension context codes */ |
70af3d8e | 32 | /* This extension is only allowed in TLS */ |
6b473aca | 33 | #define EXT_TLS_ONLY 0x0001 |
70af3d8e | 34 | /* This extension is only allowed in DTLS */ |
6b473aca MC |
35 | #define EXT_DTLS_ONLY 0x0002 |
36 | /* Some extensions may be allowed in DTLS but we don't implement them for it */ | |
37 | #define EXT_TLS_IMPLEMENTATION_ONLY 0x0004 | |
38 | /* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is */ | |
39 | #define EXT_SSL3_ALLOWED 0x0008 | |
70af3d8e | 40 | /* Extension is only defined for TLS1.2 and above */ |
6b473aca | 41 | #define EXT_TLS1_2_AND_BELOW_ONLY 0x0010 |
70af3d8e | 42 | /* Extension is only defined for TLS1.3 and above */ |
6b473aca MC |
43 | #define EXT_TLS1_3_ONLY 0x0020 |
44 | #define EXT_CLIENT_HELLO 0x0040 | |
fadd9a1e | 45 | /* Really means TLS1.2 or below */ |
6b473aca MC |
46 | #define EXT_TLS1_2_SERVER_HELLO 0x0080 |
47 | #define EXT_TLS1_3_SERVER_HELLO 0x0100 | |
48 | #define EXT_TLS1_3_ENCRYPTED_EXTENSIONS 0x0200 | |
49 | #define EXT_TLS1_3_HELLO_RETRY_REQUEST 0x0400 | |
50 | #define EXT_TLS1_3_CERTIFICATE 0x0800 | |
51 | #define EXT_TLS1_3_NEW_SESSION_TICKET 0x1000 | |
fadd9a1e | 52 | |
61ae935a | 53 | /* Message processing return codes */ |
be3583fa | 54 | typedef enum { |
61ae935a MC |
55 | /* Something bad happened */ |
56 | MSG_PROCESS_ERROR, | |
57 | /* We've finished reading - swap to writing */ | |
58 | MSG_PROCESS_FINISHED_READING, | |
59 | /* | |
60 | * We've completed the main processing of this message but there is some | |
61 | * post processing to be done. | |
62 | */ | |
63 | MSG_PROCESS_CONTINUE_PROCESSING, | |
64 | /* We've finished this message - read the next message */ | |
65 | MSG_PROCESS_CONTINUE_READING | |
be3583fa | 66 | } MSG_PROCESS_RETURN; |
61ae935a MC |
67 | |
68 | /* Flush the write BIO */ | |
69 | int statem_flush(SSL *s); | |
70 | ||
a15c953f MC |
71 | typedef int (*confunc_f) (SSL *s, WPACKET *pkt); |
72 | ||
aff9929b MC |
73 | int check_in_list(SSL *s, unsigned int group_id, const unsigned char *groups, |
74 | size_t num_groups, int checkallow); | |
75 | ||
61ae935a MC |
76 | /* |
77 | * TLS/DTLS client state machine functions | |
78 | */ | |
8481f583 MC |
79 | int ossl_statem_client_read_transition(SSL *s, int mt); |
80 | WRITE_TRAN ossl_statem_client_write_transition(SSL *s); | |
81 | WORK_STATE ossl_statem_client_pre_work(SSL *s, WORK_STATE wst); | |
82 | WORK_STATE ossl_statem_client_post_work(SSL *s, WORK_STATE wst); | |
6392fb8e | 83 | int ossl_statem_client_construct_message(SSL *s, WPACKET *pkt, |
a15c953f | 84 | confunc_f *confunc, int *mt); |
eda75751 | 85 | size_t ossl_statem_client_max_message_size(SSL *s); |
8481f583 MC |
86 | MSG_PROCESS_RETURN ossl_statem_client_process_message(SSL *s, PACKET *pkt); |
87 | WORK_STATE ossl_statem_client_post_process_message(SSL *s, WORK_STATE wst); | |
61ae935a MC |
88 | |
89 | /* | |
90 | * TLS/DTLS server state machine functions | |
91 | */ | |
8481f583 MC |
92 | int ossl_statem_server_read_transition(SSL *s, int mt); |
93 | WRITE_TRAN ossl_statem_server_write_transition(SSL *s); | |
94 | WORK_STATE ossl_statem_server_pre_work(SSL *s, WORK_STATE wst); | |
95 | WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE wst); | |
6392fb8e | 96 | int ossl_statem_server_construct_message(SSL *s, WPACKET *pkt, |
a15c953f | 97 | confunc_f *confunc,int *mt); |
eda75751 | 98 | size_t ossl_statem_server_max_message_size(SSL *s); |
8481f583 MC |
99 | MSG_PROCESS_RETURN ossl_statem_server_process_message(SSL *s, PACKET *pkt); |
100 | WORK_STATE ossl_statem_server_post_process_message(SSL *s, WORK_STATE wst); | |
61ae935a MC |
101 | |
102 | /* Functions for getting new message data */ | |
103 | __owur int tls_get_message_header(SSL *s, int *mt); | |
eda75751 MC |
104 | __owur int tls_get_message_body(SSL *s, size_t *len); |
105 | __owur int dtls_get_message(SSL *s, int *mt, size_t *len); | |
61ae935a MC |
106 | |
107 | /* Message construction and processing functions */ | |
7776a36c | 108 | __owur int tls_process_initial_server_flight(SSL *s, int *al); |
be3583fa MC |
109 | __owur MSG_PROCESS_RETURN tls_process_change_cipher_spec(SSL *s, PACKET *pkt); |
110 | __owur MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt); | |
7cea05dc MC |
111 | __owur int tls_construct_change_cipher_spec(SSL *s, WPACKET *pkt); |
112 | __owur int dtls_construct_change_cipher_spec(SSL *s, WPACKET *pkt); | |
61ae935a | 113 | |
229185e6 | 114 | __owur int tls_construct_finished(SSL *s, WPACKET *pkt); |
44c04a2e | 115 | __owur int tls_construct_key_update(SSL *s, WPACKET *pkt); |
e1c3de44 | 116 | __owur MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt); |
30f05b19 | 117 | __owur WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs); |
be3583fa | 118 | __owur WORK_STATE dtls_wait_for_dry(SSL *s); |
61ae935a MC |
119 | |
120 | /* some client-only functions */ | |
7cea05dc | 121 | __owur int tls_construct_client_hello(SSL *s, WPACKET *pkt); |
be3583fa MC |
122 | __owur MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt); |
123 | __owur MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt); | |
124 | __owur MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt); | |
f63e4288 | 125 | __owur int tls_process_cert_status_body(SSL *s, PACKET *pkt, int *al); |
be3583fa MC |
126 | __owur MSG_PROCESS_RETURN tls_process_cert_status(SSL *s, PACKET *pkt); |
127 | __owur MSG_PROCESS_RETURN tls_process_server_done(SSL *s, PACKET *pkt); | |
d8bc1399 | 128 | __owur int tls_construct_cert_verify(SSL *s, WPACKET *pkt); |
be3583fa | 129 | __owur WORK_STATE tls_prepare_client_certificate(SSL *s, WORK_STATE wst); |
7cea05dc | 130 | __owur int tls_construct_client_certificate(SSL *s, WPACKET *pkt); |
61ae935a | 131 | __owur int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey); |
7cea05dc | 132 | __owur int tls_construct_client_key_exchange(SSL *s, WPACKET *pkt); |
61ae935a | 133 | __owur int tls_client_key_exchange_post_work(SSL *s); |
f63e4288 | 134 | __owur int tls_construct_cert_status_body(SSL *s, WPACKET *pkt); |
7cea05dc | 135 | __owur int tls_construct_cert_status(SSL *s, WPACKET *pkt); |
a230b26e | 136 | __owur MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt); |
be3583fa | 137 | __owur MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt); |
61ae935a | 138 | __owur int ssl3_check_cert_and_algorithm(SSL *s); |
a230b26e | 139 | #ifndef OPENSSL_NO_NEXTPROTONEG |
7cea05dc | 140 | __owur int tls_construct_next_proto(SSL *s, WPACKET *pkt); |
a230b26e | 141 | #endif |
c7f47786 | 142 | __owur MSG_PROCESS_RETURN tls_process_hello_req(SSL *s, PACKET *pkt); |
be3583fa | 143 | __owur MSG_PROCESS_RETURN dtls_process_hello_verify(SSL *s, PACKET *pkt); |
61ae935a MC |
144 | |
145 | /* some server-only functions */ | |
be3583fa MC |
146 | __owur MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt); |
147 | __owur WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst); | |
7cea05dc | 148 | __owur int tls_construct_server_hello(SSL *s, WPACKET *pkt); |
7cea05dc MC |
149 | __owur int dtls_construct_hello_verify_request(SSL *s, WPACKET *pkt); |
150 | __owur int tls_construct_server_certificate(SSL *s, WPACKET *pkt); | |
151 | __owur int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt); | |
152 | __owur int tls_construct_certificate_request(SSL *s, WPACKET *pkt); | |
153 | __owur int tls_construct_server_done(SSL *s, WPACKET *pkt); | |
be3583fa MC |
154 | __owur MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt); |
155 | __owur MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt); | |
156 | __owur WORK_STATE tls_post_process_client_key_exchange(SSL *s, WORK_STATE wst); | |
157 | __owur MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt); | |
a230b26e | 158 | #ifndef OPENSSL_NO_NEXTPROTONEG |
be3583fa | 159 | __owur MSG_PROCESS_RETURN tls_process_next_proto(SSL *s, PACKET *pkt); |
a230b26e | 160 | #endif |
7cea05dc | 161 | __owur int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt); |
6b473aca | 162 | |
70af3d8e MC |
163 | |
164 | /* Extension processing */ | |
165 | ||
166 | __owur int tls_collect_extensions(SSL *s, PACKET *packet, unsigned int context, | |
167 | RAW_EXTENSION **res, int *al); | |
7d152a3c | 168 | __owur int tls_parse_extension(SSL *s, TLSEXT_INDEX idx, int context, |
8521ced6 | 169 | RAW_EXTENSION *exts, X509 *x, size_t chainidx, |
f97d4c37 | 170 | int *al); |
4b299b8e | 171 | __owur int tls_parse_all_extensions(SSL *s, int context, RAW_EXTENSION *exts, |
8521ced6 | 172 | X509 *x, size_t chainidx, int *al); |
4b299b8e | 173 | __owur int tls_construct_extensions(SSL *s, WPACKET *pkt, unsigned int context, |
8521ced6 | 174 | X509 *x, size_t chainidx, int *al); |
25670f3e | 175 | |
1053a6e2 MC |
176 | __owur int tls_psk_do_binder(SSL *s, const EVP_MD *md, |
177 | const unsigned char *msgstart, | |
178 | size_t binderoffset, const unsigned char *binderin, | |
179 | unsigned char *binderout, | |
180 | SSL_SESSION *sess, int sign); | |
181 | ||
25670f3e | 182 | /* Server Extension processing */ |
61138358 MC |
183 | int tls_parse_ctos_renegotiate(SSL *s, PACKET *pkt, unsigned int context, |
184 | X509 *x, size_t chainidx, int *al); | |
185 | int tls_parse_ctos_server_name(SSL *s, PACKET *pkt, unsigned int context, | |
186 | X509 *x, size_t chainidx, int *al); | |
25670f3e | 187 | #ifndef OPENSSL_NO_SRP |
61138358 MC |
188 | int tls_parse_ctos_srp(SSL *s, PACKET *pkt, unsigned int context, X509 *x, |
189 | size_t chainidx, int *al); | |
25670f3e MC |
190 | #endif |
191 | #ifndef OPENSSL_NO_EC | |
61138358 MC |
192 | int tls_parse_ctos_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context, |
193 | X509 *x, size_t chainidx, int *al); | |
194 | int tls_parse_ctos_supported_groups(SSL *s, PACKET *pkt, unsigned int context, | |
195 | X509 *x, size_t chainidx, int *al); | |
25670f3e | 196 | #endif |
61138358 MC |
197 | int tls_parse_ctos_session_ticket(SSL *s, PACKET *pkt, unsigned int context, |
198 | X509 *x, size_t chainidx, int *al); | |
199 | int tls_parse_ctos_sig_algs(SSL *s, PACKET *pkt, unsigned int context, X509 *x, | |
200 | size_t chainidx, int *al); | |
ab83e314 | 201 | #ifndef OPENSSL_NO_OCSP |
61138358 MC |
202 | int tls_parse_ctos_status_request(SSL *s, PACKET *pkt, unsigned int context, |
203 | X509 *x, size_t chainidx, int *al); | |
ab83e314 | 204 | #endif |
25670f3e | 205 | #ifndef OPENSSL_NO_NEXTPROTONEG |
61138358 MC |
206 | int tls_parse_ctos_npn(SSL *s, PACKET *pkt, unsigned int context, X509 *x, |
207 | size_t chainidx, int *al); | |
25670f3e | 208 | #endif |
61138358 MC |
209 | int tls_parse_ctos_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x, |
210 | size_t chainidx, int *al); | |
25670f3e | 211 | #ifndef OPENSSL_NO_SRTP |
61138358 MC |
212 | int tls_parse_ctos_use_srtp(SSL *s, PACKET *pkt, unsigned int context, X509 *x, |
213 | size_t chainidx, int *al); | |
25670f3e | 214 | #endif |
61138358 MC |
215 | int tls_parse_ctos_etm(SSL *s, PACKET *pkt, unsigned int context, X509 *x, |
216 | size_t chainidx, int *al); | |
217 | int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, | |
218 | size_t chainidx, int *al); | |
219 | int tls_parse_ctos_ems(SSL *s, PACKET *pkt, unsigned int context, X509 *x, | |
220 | size_t chainidx, int *al); | |
221 | int tls_parse_ctos_psk_kex_modes(SSL *s, PACKET *pkt, unsigned int context, | |
222 | X509 *x, size_t chainidx, int *al); | |
223 | int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x, | |
224 | size_t chainidx, int *al); | |
7da160b0 | 225 | |
61138358 MC |
226 | int tls_construct_stoc_renegotiate(SSL *s, WPACKET *pkt, unsigned int context, |
227 | X509 *x, size_t chainidx, int *al); | |
228 | int tls_construct_stoc_server_name(SSL *s, WPACKET *pkt, unsigned int context, | |
229 | X509 *x, size_t chainidx, int *al); | |
ab83e314 | 230 | #ifndef OPENSSL_NO_EC |
61138358 MC |
231 | int tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt, unsigned int context, |
232 | X509 *x, size_t chainidx, int *al); | |
ab83e314 | 233 | #endif |
61138358 MC |
234 | int tls_construct_stoc_session_ticket(SSL *s, WPACKET *pkt, |
235 | unsigned int context, X509 *x, | |
8521ced6 | 236 | size_t chainidx, int *al); |
ab83e314 | 237 | #ifndef OPENSSL_NO_OCSP |
61138358 MC |
238 | int tls_construct_stoc_status_request(SSL *s, WPACKET *pkt, |
239 | unsigned int context, X509 *x, | |
8521ced6 | 240 | size_t chainidx, int *al); |
ab83e314 MC |
241 | #endif |
242 | #ifndef OPENSSL_NO_NEXTPROTONEG | |
61138358 MC |
243 | int tls_construct_stoc_next_proto_neg(SSL *s, WPACKET *pkt, |
244 | unsigned int context, X509 *x, | |
8521ced6 | 245 | size_t chainidx, int *al); |
ab83e314 | 246 | #endif |
61138358 MC |
247 | int tls_construct_stoc_alpn(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, |
248 | size_t chainidx, int *al); | |
ab83e314 | 249 | #ifndef OPENSSL_NO_SRTP |
61138358 MC |
250 | int tls_construct_stoc_use_srtp(SSL *s, WPACKET *pkt, unsigned int context, |
251 | X509 *x, size_t chainidx, int *al); | |
ab83e314 | 252 | #endif |
61138358 MC |
253 | int tls_construct_stoc_etm(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, |
254 | size_t chainidx, int *al); | |
255 | int tls_construct_stoc_ems(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, | |
256 | size_t chainidx, int *al); | |
257 | int tls_construct_stoc_key_share(SSL *s, WPACKET *pkt, unsigned int context, | |
258 | X509 *x, size_t chainidx, int *al); | |
7da160b0 MC |
259 | /* |
260 | * Not in public headers as this is not an official extension. Only used when | |
261 | * SSL_OP_CRYPTOPRO_TLSEXT_BUG is set. | |
262 | */ | |
263 | #define TLSEXT_TYPE_cryptopro_bug 0xfde8 | |
61138358 MC |
264 | int tls_construct_stoc_cryptopro_bug(SSL *s, WPACKET *pkt, unsigned int context, |
265 | X509 *x, size_t chainidx, int *al); | |
266 | int tls_construct_stoc_psk(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, | |
267 | size_t chainidx, int *al); | |
6dd083fd MC |
268 | |
269 | /* Client Extension processing */ | |
61138358 MC |
270 | int tls_construct_ctos_renegotiate(SSL *s, WPACKET *pkt, unsigned int context, |
271 | X509 *x, size_t chainidx, int *al); | |
272 | int tls_construct_ctos_server_name(SSL *s, WPACKET *pkt, unsigned int context, | |
273 | X509 *x, size_t chainidx, int *al); | |
ab83e314 | 274 | #ifndef OPENSSL_NO_SRP |
61138358 MC |
275 | int tls_construct_ctos_srp(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, |
276 | size_t chainidx, int *al); | |
ab83e314 MC |
277 | #endif |
278 | #ifndef OPENSSL_NO_EC | |
61138358 MC |
279 | int tls_construct_ctos_ec_pt_formats(SSL *s, WPACKET *pkt, unsigned int context, |
280 | X509 *x, size_t chainidx, int *al); | |
281 | int tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt, | |
282 | unsigned int context, X509 *x, | |
8521ced6 | 283 | size_t chainidx, int *al); |
ab83e314 | 284 | #endif |
61138358 MC |
285 | int tls_construct_ctos_session_ticket(SSL *s, WPACKET *pkt, |
286 | unsigned int context, X509 *x, | |
8521ced6 | 287 | size_t chainidx, int *al); |
61138358 MC |
288 | int tls_construct_ctos_sig_algs(SSL *s, WPACKET *pkt, unsigned int context, |
289 | X509 *x, size_t chainidx, int *al); | |
ab83e314 | 290 | #ifndef OPENSSL_NO_OCSP |
61138358 MC |
291 | int tls_construct_ctos_status_request(SSL *s, WPACKET *pkt, |
292 | unsigned int context, X509 *x, | |
8521ced6 | 293 | size_t chainidx, int *al); |
ab83e314 MC |
294 | #endif |
295 | #ifndef OPENSSL_NO_NEXTPROTONEG | |
61138358 MC |
296 | int tls_construct_ctos_npn(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, |
297 | size_t chainidx, int *al); | |
ab83e314 | 298 | #endif |
61138358 MC |
299 | int tls_construct_ctos_alpn(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, |
300 | size_t chainidx, int *al); | |
ab83e314 | 301 | #ifndef OPENSSL_NO_SRTP |
61138358 MC |
302 | int tls_construct_ctos_use_srtp(SSL *s, WPACKET *pkt, unsigned int context, |
303 | X509 *x, size_t chainidx, int *al); | |
ab83e314 | 304 | #endif |
61138358 MC |
305 | int tls_construct_ctos_etm(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, |
306 | size_t chainidx, int *al); | |
ab83e314 | 307 | #ifndef OPENSSL_NO_CT |
61138358 MC |
308 | int tls_construct_ctos_sct(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, |
309 | size_t chainidx, int *al); | |
ab83e314 | 310 | #endif |
61138358 MC |
311 | int tls_construct_ctos_ems(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, |
312 | size_t chainidx, int *al); | |
313 | int tls_construct_ctos_supported_versions(SSL *s, WPACKET *pkt, | |
314 | unsigned int context, X509 *x, | |
8521ced6 | 315 | size_t chainidx, int *al); |
61138358 MC |
316 | int tls_construct_ctos_key_share(SSL *s, WPACKET *pkt, unsigned int context, |
317 | X509 *x, size_t chainidx, int *al); | |
318 | int tls_construct_ctos_psk_kex_modes(SSL *s, WPACKET *pkt, unsigned int context, | |
319 | X509 *x, size_t chainidx, int *al); | |
320 | int tls_construct_ctos_padding(SSL *s, WPACKET *pkt, unsigned int context, | |
321 | X509 *x, size_t chainidx, int *al); | |
322 | int tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, | |
323 | size_t chainidx, int *al); | |
324 | int tls_parse_stoc_renegotiate(SSL *s, PACKET *pkt, unsigned int context, | |
325 | X509 *x, size_t chainidx, int *al); | |
326 | int tls_parse_stoc_server_name(SSL *s, PACKET *pkt, unsigned int context, | |
327 | X509 *x, size_t chainidx, int *al); | |
6dd083fd | 328 | #ifndef OPENSSL_NO_EC |
61138358 MC |
329 | int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context, |
330 | X509 *x, size_t chainidx, int *al); | |
6dd083fd | 331 | #endif |
61138358 MC |
332 | int tls_parse_stoc_session_ticket(SSL *s, PACKET *pkt, unsigned int context, |
333 | X509 *x, size_t chainidx, int *al); | |
ab83e314 | 334 | #ifndef OPENSSL_NO_OCSP |
61138358 MC |
335 | int tls_parse_stoc_status_request(SSL *s, PACKET *pkt, unsigned int context, |
336 | X509 *x, size_t chainidx, int *al); | |
ab83e314 | 337 | #endif |
6dd083fd | 338 | #ifndef OPENSSL_NO_CT |
61138358 MC |
339 | int tls_parse_stoc_sct(SSL *s, PACKET *pkt, unsigned int context, X509 *x, |
340 | size_t chainidx, int *al); | |
6dd083fd MC |
341 | #endif |
342 | #ifndef OPENSSL_NO_NEXTPROTONEG | |
61138358 MC |
343 | int tls_parse_stoc_npn(SSL *s, PACKET *pkt, unsigned int context, X509 *x, |
344 | size_t chainidx, int *al); | |
6dd083fd | 345 | #endif |
61138358 MC |
346 | int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x, |
347 | size_t chainidx, int *al); | |
6dd083fd | 348 | #ifndef OPENSSL_NO_SRTP |
61138358 MC |
349 | int tls_parse_stoc_use_srtp(SSL *s, PACKET *pkt, unsigned int context, X509 *x, |
350 | size_t chainidx, int *al); | |
6dd083fd | 351 | #endif |
61138358 MC |
352 | int tls_parse_stoc_etm(SSL *s, PACKET *pkt, unsigned int context, X509 *x, |
353 | size_t chainidx, int *al); | |
354 | int tls_parse_stoc_ems(SSL *s, PACKET *pkt, unsigned int context, X509 *x, | |
355 | size_t chainidx, int *al); | |
356 | int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, | |
357 | size_t chainidx, int *al); | |
358 | int tls_parse_stoc_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x, | |
359 | size_t chainidx, int *al); |