grpc 0.12.0 → 0.13.0.pre1.1

data/third_party/boringssl/include/openssl/ssl3.h

@@ -0,0 +1,441 @@
+/* ssl/ssl3.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#ifndef OPENSSL_HEADER_SSL3_H
+#define OPENSSL_HEADER_SSL3_H
+
+#include <openssl/aead.h>
+#include <openssl/type_check.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+
+/* These are kept to support clients that negotiates higher protocol versions
+ * using SSLv2 client hello records. */
+#define SSL2_MT_CLIENT_HELLO 1
+#define SSL2_VERSION 0x0002
+
+/* Signalling cipher suite value from RFC 5746. */
+#define SSL3_CK_SCSV 0x030000FF
+/* Fallback signalling cipher suite value from RFC 7507. */
+#define SSL3_CK_FALLBACK_SCSV 0x03005600
+
+#define SSL3_CK_RSA_NULL_MD5 0x03000001
+#define SSL3_CK_RSA_NULL_SHA 0x03000002
+#define SSL3_CK_RSA_RC4_40_MD5 0x03000003
+#define SSL3_CK_RSA_RC4_128_MD5 0x03000004
+#define SSL3_CK_RSA_RC4_128_SHA 0x03000005
+#define SSL3_CK_RSA_RC2_40_MD5 0x03000006
+#define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
+#define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
+#define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
+#define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
+
+#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
+#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
+#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
+#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
+#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
+#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
+
+#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011
+#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012
+#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013
+#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014
+#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015
+#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016
+
+#define SSL3_CK_ADH_RC4_40_MD5 0x03000017
+#define SSL3_CK_ADH_RC4_128_MD5 0x03000018
+#define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
+#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
+#define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
+
+#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
+#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
+#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
+#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
+#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
+#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
+#define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA"
+#define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
+#define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
+#define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
+
+#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
+#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
+#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
+#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
+#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
+#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
+
+#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
+#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
+#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
+#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA"
+#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
+#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
+
+#define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
+#define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
+#define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
+#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
+#define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
+
+#define SSL3_SSL_SESSION_ID_LENGTH 32
+#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
+
+#define SSL3_MASTER_SECRET_SIZE 48
+#define SSL3_RANDOM_SIZE 32
+#define SSL3_SESSION_ID_SIZE 32
+#define SSL3_RT_HEADER_LENGTH 5
+
+#define SSL3_HM_HEADER_LENGTH 4
+
+#ifndef SSL3_ALIGN_PAYLOAD
+/* Some will argue that this increases memory footprint, but it's not actually
+ * true. Point is that malloc has to return at least 64-bit aligned pointers,
+ * meaning that allocating 5 bytes wastes 3 bytes in either case. Suggested
+ * pre-gaping simply moves these wasted bytes from the end of allocated region
+ * to its front, but makes data payload aligned, which improves performance. */
+#define SSL3_ALIGN_PAYLOAD 8
+#else
+#if (SSL3_ALIGN_PAYLOAD & (SSL3_ALIGN_PAYLOAD - 1)) != 0
+#error "insane SSL3_ALIGN_PAYLOAD"
+#undef SSL3_ALIGN_PAYLOAD
+#endif
+#endif
+
+/* This is the maximum MAC (digest) size used by the SSL library. Currently
+ * maximum of 20 is used by SHA1, but we reserve for future extension for
+ * 512-bit hashes. */
+
+#define SSL3_RT_MAX_MD_SIZE 64
+
+/* Maximum block size used in all ciphersuites. Currently 16 for AES. */
+
+#define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16
+
+/* Maximum plaintext length: defined by SSL/TLS standards */
+#define SSL3_RT_MAX_PLAIN_LENGTH 16384
+/* Maximum compression overhead: defined by SSL/TLS standards */
+#define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024
+
+/* The standards give a maximum encryption overhead of 1024 bytes. In practice
+ * the value is lower than this. The overhead is the maximum number of padding
+ * bytes (256) plus the mac size.
+ *
+ * TODO(davidben): This derivation doesn't take AEADs into account, or TLS 1.1
+ * explicit nonces. It happens to work because |SSL3_RT_MAX_MD_SIZE| is larger
+ * than necessary and no true AEAD has variable overhead in TLS 1.2. */
+#define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE)
+
+/* SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD is the maximum overhead in encrypting a
+ * record. This does not include the record header. Some ciphers use explicit
+ * nonces, so it includes both the AEAD overhead as well as the nonce. */
+#define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
+    (EVP_AEAD_MAX_OVERHEAD + EVP_AEAD_MAX_NONCE_LENGTH)
+
+OPENSSL_COMPILE_ASSERT(
+    SSL3_RT_MAX_ENCRYPTED_OVERHEAD >= SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD,
+    max_overheads_are_consistent);
+
+/* SSL3_RT_MAX_COMPRESSED_LENGTH is an alias for
+ * |SSL3_RT_MAX_PLAIN_LENGTH|. Compression is gone, so don't include the
+ * compression overhead. */
+#define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
+
+#define SSL3_RT_MAX_ENCRYPTED_LENGTH \
+  (SSL3_RT_MAX_ENCRYPTED_OVERHEAD + SSL3_RT_MAX_COMPRESSED_LENGTH)
+#define SSL3_RT_MAX_PACKET_SIZE \
+  (SSL3_RT_MAX_ENCRYPTED_LENGTH + SSL3_RT_HEADER_LENGTH)
+
+#define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
+#define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
+
+#define SSL3_RT_CHANGE_CIPHER_SPEC 20
+#define SSL3_RT_ALERT 21
+#define SSL3_RT_HANDSHAKE 22
+#define SSL3_RT_APPLICATION_DATA 23
+
+/* Pseudo content type for SSL/TLS header info */
+#define SSL3_RT_HEADER 0x100
+
+#define SSL3_AL_WARNING 1
+#define SSL3_AL_FATAL 2
+
+#define SSL3_AD_CLOSE_NOTIFY 0
+#define SSL3_AD_UNEXPECTED_MESSAGE 10    /* fatal */
+#define SSL3_AD_BAD_RECORD_MAC 20        /* fatal */
+#define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */
+#define SSL3_AD_HANDSHAKE_FAILURE 40     /* fatal */
+#define SSL3_AD_NO_CERTIFICATE 41
+#define SSL3_AD_BAD_CERTIFICATE 42
+#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
+#define SSL3_AD_CERTIFICATE_REVOKED 44
+#define SSL3_AD_CERTIFICATE_EXPIRED 45
+#define SSL3_AD_CERTIFICATE_UNKNOWN 46
+#define SSL3_AD_ILLEGAL_PARAMETER 47      /* fatal */
+#define SSL3_AD_INAPPROPRIATE_FALLBACK 86 /* fatal */
+
+#define SSL3_CT_RSA_SIGN 1
+#define SSL3_CT_DSS_SIGN 2
+#define SSL3_CT_RSA_FIXED_DH 3
+#define SSL3_CT_DSS_FIXED_DH 4
+#define SSL3_CT_RSA_EPHEMERAL_DH 5
+#define SSL3_CT_DSS_EPHEMERAL_DH 6
+#define SSL3_CT_FORTEZZA_DMS 20
+
+/* SSLv3 */
+/* client */
+/* extra state */
+#define SSL3_ST_CW_FLUSH (0x100 | SSL_ST_CONNECT)
+#define SSL3_ST_FALSE_START (0x101 | SSL_ST_CONNECT)
+#define SSL3_ST_VERIFY_SERVER_CERT (0x102 | SSL_ST_CONNECT)
+/* write to server */
+#define SSL3_ST_CW_CLNT_HELLO_A (0x110 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_CLNT_HELLO_B (0x111 | SSL_ST_CONNECT)
+/* read from server */
+#define SSL3_ST_CR_SRVR_HELLO_A (0x120 | SSL_ST_CONNECT)
+#define SSL3_ST_CR_SRVR_HELLO_B (0x121 | SSL_ST_CONNECT)
+#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126 | SSL_ST_CONNECT)
+#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127 | SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_A (0x130 | SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_B (0x131 | SSL_ST_CONNECT)
+#define SSL3_ST_CR_KEY_EXCH_A (0x140 | SSL_ST_CONNECT)
+#define SSL3_ST_CR_KEY_EXCH_B (0x141 | SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_REQ_A (0x150 | SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_REQ_B (0x151 | SSL_ST_CONNECT)
+#define SSL3_ST_CR_SRVR_DONE_A (0x160 | SSL_ST_CONNECT)
+#define SSL3_ST_CR_SRVR_DONE_B (0x161 | SSL_ST_CONNECT)
+/* write to server */
+#define SSL3_ST_CW_CERT_A (0x170 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_B (0x171 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_C (0x172 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_D (0x173 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_KEY_EXCH_A (0x180 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_KEY_EXCH_B (0x181 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_VRFY_A (0x190 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_VRFY_B (0x191 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_VRFY_C (0x192 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_CHANGE_A (0x1A0 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_CHANGE_B (0x1A1 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_NEXT_PROTO_A (0x200 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_NEXT_PROTO_B (0x201 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_CHANNEL_ID_A (0x220 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_CHANNEL_ID_B (0x221 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_FINISHED_A (0x1B0 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_FINISHED_B (0x1B1 | SSL_ST_CONNECT)
+/* read from server */
+#define SSL3_ST_CR_CHANGE (0x1C0 | SSL_ST_CONNECT)
+#define SSL3_ST_CR_FINISHED_A (0x1D0 | SSL_ST_CONNECT)
+#define SSL3_ST_CR_FINISHED_B (0x1D1 | SSL_ST_CONNECT)
+#define SSL3_ST_CR_SESSION_TICKET_A (0x1E0 | SSL_ST_CONNECT)
+#define SSL3_ST_CR_SESSION_TICKET_B (0x1E1 | SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_STATUS_A (0x1F0 | SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_STATUS_B (0x1F1 | SSL_ST_CONNECT)
+
+/* server */
+/* extra state */
+#define SSL3_ST_SW_FLUSH (0x100 | SSL_ST_ACCEPT)
+/* read from client */
+#define SSL3_ST_SR_INITIAL_BYTES (0x240 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_V2_CLIENT_HELLO (0x241 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CLNT_HELLO_A (0x110 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CLNT_HELLO_B (0x111 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CLNT_HELLO_C (0x112 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CLNT_HELLO_D (0x115 | SSL_ST_ACCEPT)
+/* write to client */
+#define SSL3_ST_SW_HELLO_REQ_A (0x120 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_HELLO_REQ_B (0x121 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_HELLO_REQ_C (0x122 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SRVR_HELLO_A (0x130 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SRVR_HELLO_B (0x131 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_A (0x140 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_B (0x141 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_KEY_EXCH_A (0x150 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_KEY_EXCH_B (0x151 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_KEY_EXCH_C (0x152 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_REQ_A (0x160 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_REQ_B (0x161 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SRVR_DONE_A (0x170 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SRVR_DONE_B (0x171 | SSL_ST_ACCEPT)
+/* read from client */
+#define SSL3_ST_SR_CERT_A (0x180 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CERT_B (0x181 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_KEY_EXCH_A (0x190 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_KEY_EXCH_B (0x191 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_KEY_EXCH_C (0x192 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CERT_VRFY_A (0x1A0 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CERT_VRFY_B (0x1A1 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CHANGE (0x1B0 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_NEXT_PROTO_A (0x210 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_NEXT_PROTO_B (0x211 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CHANNEL_ID_A (0x230 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CHANNEL_ID_B (0x231 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_FINISHED_A (0x1C0 | SSL_ST_ACCEPT)
+#define SSL3_ST_SR_FINISHED_B (0x1C1 | SSL_ST_ACCEPT)
+
+/* write to client */
+#define SSL3_ST_SW_CHANGE_A (0x1D0 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CHANGE_B (0x1D1 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_FINISHED_A (0x1E0 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_FINISHED_B (0x1E1 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SESSION_TICKET_A (0x1F0 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SESSION_TICKET_B (0x1F1 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_STATUS_A (0x200 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_STATUS_B (0x201 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SUPPLEMENTAL_DATA_A (0x220 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SUPPLEMENTAL_DATA_B (0x221 | SSL_ST_ACCEPT)
+
+#define SSL3_MT_HELLO_REQUEST 0
+#define SSL3_MT_CLIENT_HELLO 1
+#define SSL3_MT_SERVER_HELLO 2
+#define SSL3_MT_NEWSESSION_TICKET 4
+#define SSL3_MT_CERTIFICATE 11
+#define SSL3_MT_SERVER_KEY_EXCHANGE 12
+#define SSL3_MT_CERTIFICATE_REQUEST 13
+#define SSL3_MT_SERVER_DONE 14
+#define SSL3_MT_CERTIFICATE_VERIFY 15
+#define SSL3_MT_CLIENT_KEY_EXCHANGE 16
+#define SSL3_MT_FINISHED 20
+#define SSL3_MT_CERTIFICATE_STATUS 22
+#define SSL3_MT_SUPPLEMENTAL_DATA 23
+#define SSL3_MT_NEXT_PROTO 67
+#define SSL3_MT_ENCRYPTED_EXTENSIONS 203
+#define DTLS1_MT_HELLO_VERIFY_REQUEST 3
+
+
+#define SSL3_MT_CCS 1
+
+/* These are used when changing over to a new cipher */
+#define SSL3_CC_READ 0x01
+#define SSL3_CC_WRITE 0x02
+#define SSL3_CC_CLIENT 0x10
+#define SSL3_CC_SERVER 0x20
+#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT | SSL3_CC_WRITE)
+#define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER | SSL3_CC_READ)
+#define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT | SSL3_CC_READ)
+#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER | SSL3_CC_WRITE)
+
+
+#ifdef  __cplusplus
+}  /* extern C */
+#endif
+
+#endif  /* OPENSSL_HEADER_SSL3_H */

data/third_party/boringssl/include/openssl/stack.h

@@ -0,0 +1,298 @@
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.] */
+
+#ifndef OPENSSL_HEADER_STACK_H
+#define OPENSSL_HEADER_STACK_H
+
+#include <openssl/base.h>
+
+#include <openssl/type_check.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+
+/* A stack, in OpenSSL, is an array of pointers. They are the most commonly
+ * used collection object.
+ *
+ * This file defines macros for type safe use of the stack functions. A stack
+ * of a specific type of object has type |STACK_OF(type)|. This can be defined
+ * (once) with |DEFINE_STACK_OF(type)| and declared where needed with
+ * |DECLARE_STACK_OF(type)|. For example:
+ *
+ *   struct foo {
+ *     int bar;
+ *   };
+ *
+ *   DEFINE_STACK_OF(struct foo);
+ *
+ * Although note that the stack will contain /pointers/ to |foo|.
+ *
+ * A macro will be defined for each of the sk_* functions below. For
+ * STACK_OF(foo), the macros would be sk_foo_new, sk_foo_pop etc. */
+
+
+/* stack_cmp_func is a comparison function that returns a value < 0, 0 or > 0
+ * if |*a| is less than, equal to or greater than |*b|, respectively.  Note the
+ * extra indirection - the function is given a pointer to a pointer to the
+ * element. This differs from the usual qsort/bsearch comparison function. */
+typedef int (*stack_cmp_func)(const void **a, const void **b);
+
+/* stack_st contains an array of pointers. It is not designed to be used
+ * directly, rather the wrapper macros should be used. */
+typedef struct stack_st {
+  /* num contains the number of valid pointers in |data|. */
+  size_t num;
+  void **data;
+  /* sorted is non-zero if the values pointed to by |data| are in ascending
+   * order, based on |comp|. */
+  size_t sorted;
+  /* num_alloc contains the number of pointers allocated in the buffer pointed
+   * to by |data|, which may be larger than |num|. */
+  size_t num_alloc;
+  /* comp is an optional comparison function. */
+  stack_cmp_func comp;
+} _STACK;
+
+
+#define STACK_OF(type) struct stack_st_##type
+
+#define DECLARE_STACK_OF(type) STACK_OF(type);
+
+/* The make_macros.sh script in this directory parses the following lines and
+ * generates the stack_macros.h file that contains macros for the following
+ * types of stacks:
+ *
+ * STACK_OF:ACCESS_DESCRIPTION
+ * STACK_OF:ASN1_ADB_TABLE
+ * STACK_OF:ASN1_GENERALSTRING
+ * STACK_OF:ASN1_INTEGER
+ * STACK_OF:ASN1_OBJECT
+ * STACK_OF:ASN1_STRING_TABLE
+ * STACK_OF:ASN1_TYPE
+ * STACK_OF:ASN1_VALUE
+ * STACK_OF:BIO
+ * STACK_OF:BY_DIR_ENTRY
+ * STACK_OF:BY_DIR_HASH
+ * STACK_OF:CONF_VALUE
+ * STACK_OF:CRYPTO_EX_DATA_FUNCS
+ * STACK_OF:DIST_POINT
+ * STACK_OF:GENERAL_NAME
+ * STACK_OF:GENERAL_NAMES
+ * STACK_OF:GENERAL_SUBTREE
+ * STACK_OF:MIME_HEADER
+ * STACK_OF:PKCS7_RECIP_INFO
+ * STACK_OF:PKCS7_SIGNER_INFO
+ * STACK_OF:POLICYINFO
+ * STACK_OF:POLICYQUALINFO
+ * STACK_OF:POLICY_MAPPING
+ * STACK_OF:RSA_additional_prime
+ * STACK_OF:SSL_COMP
+ * STACK_OF:SSL_CUSTOM_EXTENSION
+ * STACK_OF:STACK_OF_X509_NAME_ENTRY
+ * STACK_OF:SXNETID
+ * STACK_OF:X509
+ * STACK_OF:X509V3_EXT_METHOD
+ * STACK_OF:X509_ALGOR
+ * STACK_OF:X509_ATTRIBUTE
+ * STACK_OF:X509_CRL
+ * STACK_OF:X509_EXTENSION
+ * STACK_OF:X509_INFO
+ * STACK_OF:X509_LOOKUP
+ * STACK_OF:X509_NAME
+ * STACK_OF:X509_NAME_ENTRY
+ * STACK_OF:X509_OBJECT
+ * STACK_OF:X509_POLICY_DATA
+ * STACK_OF:X509_POLICY_NODE
+ * STACK_OF:X509_PURPOSE
+ * STACK_OF:X509_REVOKED
+ * STACK_OF:X509_TRUST
+ * STACK_OF:X509_VERIFY_PARAM
+ * STACK_OF:void
+ *
+ * Some stacks contain only const structures, so the stack should return const
+ * pointers to retain type-checking.
+ *
+ * CONST_STACK_OF:SRTP_PROTECTION_PROFILE
+ * CONST_STACK_OF:SSL_CIPHER */
+
+
+/* Some stacks are special because, although we would like STACK_OF(char *),
+ * that would actually be a stack of pointers to char*, but we just want to
+ * point to the string directly. In this case we call them "special" and use
+ * |DEFINE_SPECIAL_STACK_OF(type)| */
+#define DEFINE_SPECIAL_STACK_OF(type, inner)             \
+  STACK_OF(type) { _STACK special_stack; };              \
+  OPENSSL_COMPILE_ASSERT(sizeof(type) == sizeof(void *), \
+                         special_stack_of_non_pointer_##type);
+
+typedef char *OPENSSL_STRING;
+
+DEFINE_SPECIAL_STACK_OF(OPENSSL_STRING, char)
+DEFINE_SPECIAL_STACK_OF(OPENSSL_BLOCK, uint8_t)
+
+/* The make_macros.sh script in this directory parses the following lines and
+ * generates the stack_macros.h file that contains macros for the following
+ * types of stacks:
+ *
+ * SPECIAL_STACK_OF:OPENSSL_STRING
+ * SPECIAL_STACK_OF:OPENSSL_BLOCK */
+
+#define IN_STACK_H
+#include <openssl/stack_macros.h>
+#undef IN_STACK_H
+
+
+/* These are the raw stack functions, you shouldn't be using them. Rather you
+ * should be using the type stack macros implemented above. */
+
+/* sk_new creates a new, empty stack with the given comparison function, which
+ * may be zero. It returns the new stack or NULL on allocation failure. */
+OPENSSL_EXPORT _STACK *sk_new(stack_cmp_func comp);
+
+/* sk_new_null creates a new, empty stack. It returns the new stack or NULL on
+ * allocation failure. */
+OPENSSL_EXPORT _STACK *sk_new_null(void);
+
+/* sk_num returns the number of elements in |s|. */
+OPENSSL_EXPORT size_t sk_num(const _STACK *sk);
+
+/* sk_zero resets |sk| to the empty state but does nothing to free the
+ * individual elements themselves. */
+OPENSSL_EXPORT void sk_zero(_STACK *sk);
+
+/* sk_value returns the |i|th pointer in |sk|, or NULL if |i| is out of
+ * range. */
+OPENSSL_EXPORT void *sk_value(const _STACK *sk, size_t i);
+
+/* sk_set sets the |i|th pointer in |sk| to |p| and returns |p|. If |i| is out
+ * of range, it returns NULL. */
+OPENSSL_EXPORT void *sk_set(_STACK *sk, size_t i, void *p);
+
+/* sk_free frees the given stack and array of pointers, but does nothing to
+ * free the individual elements. Also see |sk_pop_free|. */
+OPENSSL_EXPORT void sk_free(_STACK *sk);
+
+/* sk_pop_free calls |free_func| on each element in the stack and then frees
+ * the stack itself. */
+OPENSSL_EXPORT void sk_pop_free(_STACK *sk, void (*free_func)(void *));
+
+/* sk_insert inserts |p| into the stack at index |where|, moving existing
+ * elements if needed. It returns the length of the new stack, or zero on
+ * error. */
+OPENSSL_EXPORT size_t sk_insert(_STACK *sk, void *p, size_t where);
+
+/* sk_delete removes the pointer at index |where|, moving other elements down
+ * if needed. It returns the removed pointer, or NULL if |where| is out of
+ * range. */
+OPENSSL_EXPORT void *sk_delete(_STACK *sk, size_t where);
+
+/* sk_delete_ptr removes, at most, one instance of |p| from the stack based on
+ * pointer equality. If an instance of |p| is found then |p| is returned,
+ * otherwise it returns NULL. */
+OPENSSL_EXPORT void *sk_delete_ptr(_STACK *sk, void *p);
+
+/* sk_find returns the first value in the stack equal to |p|. If a comparison
+ * function has been set on the stack, then equality is defined by it and the
+ * stack will be sorted if need be so that a binary search can be used.
+ * Otherwise pointer equality is used. If a matching element is found, its
+ * index is written to |*out_index| (if |out_index| is not NULL) and one is
+ * returned. Otherwise zero is returned. */
+OPENSSL_EXPORT int sk_find(_STACK *sk, size_t *out_index, void *p);
+
+/* sk_shift removes and returns the first element in the stack, or returns NULL
+ * if the stack is empty. */
+OPENSSL_EXPORT void *sk_shift(_STACK *sk);
+
+/* sk_push appends |p| to the stack and returns the length of the new stack, or
+ * 0 on allocation failure. */
+OPENSSL_EXPORT size_t sk_push(_STACK *sk, void *p);
+
+/* sk_pop returns and removes the last element on the stack, or NULL if the
+ * stack is empty. */
+OPENSSL_EXPORT void *sk_pop(_STACK *sk);
+
+/* sk_dup performs a shallow copy of a stack and returns the new stack, or NULL
+ * on error. */
+OPENSSL_EXPORT _STACK *sk_dup(const _STACK *sk);
+
+/* sk_sort sorts the elements of |sk| into ascending order based on the
+ * comparison function. The stack maintains a |sorted| flag and sorting an
+ * already sorted stack is a no-op. */
+OPENSSL_EXPORT void sk_sort(_STACK *sk);
+
+/* sk_is_sorted returns one if |sk| is known to be sorted and zero
+ * otherwise. */
+OPENSSL_EXPORT int sk_is_sorted(const _STACK *sk);
+
+/* sk_set_cmp_func sets the comparison function to be used by |sk| and returns
+ * the previous one. */
+OPENSSL_EXPORT stack_cmp_func sk_set_cmp_func(_STACK *sk, stack_cmp_func comp);
+
+/* sk_deep_copy performs a copy of |sk| and of each of the non-NULL elements in
+ * |sk| by using |copy_func|. If an error occurs, |free_func| is used to free
+ * any copies already made and NULL is returned. */
+OPENSSL_EXPORT _STACK *sk_deep_copy(const _STACK *sk,
+                                    void *(*copy_func)(void *),
+                                    void (*free_func)(void *));
+
+
+#if defined(__cplusplus)
+}  /* extern C */
+#endif
+
+#endif  /* OPENSSL_HEADER_STACK_H */