rho-tau-extensions 6.0.11 → 6.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/libs/crosswalk/ext/platform/android/adds/lib/armeabi/libxwalkcore.so +0 -0
- data/libs/crosswalk/ext/platform/android/adds/lib/armeabi/libxwalkdummy.so +0 -0
- data/libs/crosswalk/ext/platform/android/adds/lib/x86/libxwalkcore.so +0 -0
- data/libs/crosswalk/ext/platform/android/adds/lib/x86/libxwalkdummy.so +0 -0
- data/libs/crosswalk/ext/platform/android/adds/lib/xwalk_core_library_java.jar +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/layout-v17/dropdown_item.xml +2 -2
- data/libs/crosswalk/ext/platform/android/adds/res/layout/dropdown_item.xml +1 -1
- data/libs/crosswalk/ext/platform/android/adds/res/menu/select_action_menu.xml +8 -8
- data/libs/crosswalk/ext/platform/android/adds/res/raw/icudtl.dat +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/raw/xwalk.pak +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/raw/xwalk_100_percent.pak +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-am/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-ar/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-bg/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-ca/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-cs/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-da/android_ui_strings.xml +4 -3
- data/libs/crosswalk/ext/platform/android/adds/res/values-de/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-el/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-en-rGB/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-es-rUS/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-es/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-fa/android_ui_strings.xml +2 -1
- data/libs/crosswalk/ext/platform/android/adds/res/values-fi/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-fr/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-hi/android_ui_strings.xml +2 -1
- data/libs/crosswalk/ext/platform/android/adds/res/values-hr/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-hu/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-in/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-it/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-iw/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-ja/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-ko/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-lt/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-lv/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-nb/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-nl/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-pl/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-pt-rBR/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-pt-rPT/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-ro/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-ru/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-sk/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-sl/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-sr/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-sv/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-sw/android_ui_strings.xml +2 -1
- data/libs/crosswalk/ext/platform/android/adds/res/values-th/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-tl/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-tr/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-uk/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-v17/{ui_java_styles.xml → styles_03.xml} +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-v21/{ui_java_styles.xml → styles_03.xml} +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-vi/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-zh-rCN/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values-zh-rTW/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values/android_ui_strings.xml +1 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values/{xwalk_attrs.xml → attrs.xml} +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values/attrs_03.xml +18 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values/{xwalk_colors.xml → colors_xwalk.xml} +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values/{ui_java_dimens.xml → dimens_03.xml} +1 -3
- data/libs/crosswalk/ext/platform/android/adds/res/values/{xwalk_dimens.xml → dimens_xwalk.xml} +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values/ids_xwalk.xml +12 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values/strings_00.xml +16 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values/{xwalk_core_internal_java_strings.xml → strings_01.xml} +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values/{xwalk_core_java_strings.xml → strings_02.xml} +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values/{ui_java_strings.xml → strings_03.xml} +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values/{xwalk_styles.xml → styles_00.xml} +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values/{ui_java_styles.xml → styles_03.xml} +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values/{xwalk_values.xml → values_00.xml} +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/values/xwalk_app_strings.xml +7 -10
- data/libs/crosswalk/ext/platform/android/adds/res/values/xwalk_resources_list.xml +2 -1
- data/libs/enterprise-barcode/ext/platform/iphone/Barcode.xcodeproj/project.pbxproj +8 -4
- data/libs/nodejs/ext/platform/iphone/Nodejs.xcodeproj/project.pbxproj +8 -4
- data/libs/openssl.so-edge/ext/android/armeabi/libcrypto.a +0 -0
- data/libs/openssl.so-edge/ext/android/armeabi/libssl.a +0 -0
- data/libs/openssl.so-edge/ext/android/x86/libcrypto.a +0 -0
- data/libs/openssl.so-edge/ext/android/x86/libssl.a +0 -0
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/internal/asn1t.h +19 -0
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/internal/dso.h +23 -0
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/internal/thread_once.h +5 -2
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/asn1.h +5 -2
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/asn1t.h +5 -0
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/bio.h +9 -12
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/bn.h +1 -1
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/buffer.h +1 -4
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/conf.h +1 -0
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/crypto.h +5 -1
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/ct.h +17 -2
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/dh.h +24 -6
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/dsa.h +1 -0
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/e_os2.h +3 -16
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/ec.h +7 -12
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/engine.h +0 -2
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/err.h +3 -2
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/evp.h +11 -1
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/lhash.h +13 -0
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/objects.h +2 -2
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/ocsp.h +3 -16
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/opensslconf.h +20 -8
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/opensslv.h +3 -3
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/rsa.h +2 -0
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/seed.h +1 -3
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/srtp.h +1 -1
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/ssl.h +85 -52
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/ssl3.h +4 -1
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/tls1.h +6 -6
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/ui.h +10 -0
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/x509.h +1 -1
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/x509_vfy.h +5 -0
- data/libs/openssl.so-edge/ext/openssl-1-1-0-stable/include/openssl/x509v3.h +1 -0
- data/version +1 -1
- metadata +19 -27
- data/libs/crosswalk/ext/platform/android/adds/res/drawable-hdpi/crosswalk.png +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/drawable-ldpi/crosswalk.png +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/drawable-mdpi/crosswalk.png +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/drawable-xhdpi/crosswalk.png +0 -0
- data/libs/crosswalk/ext/platform/android/adds/res/drawable/launchscreen_bg.xml +0 -19
- data/libs/crosswalk/ext/platform/android/adds/res/layout-v17/autofill_suggestion_item.xml +0 -18
- data/libs/crosswalk/ext/platform/android/adds/res/layout/autofill_suggestion_item.xml +0 -7
- data/libs/crosswalk/ext/platform/android/adds/res/raw/contacts_api.js +0 -206
- data/libs/crosswalk/ext/platform/android/adds/res/raw/device_capabilities_api.js +0 -231
- data/libs/crosswalk/ext/platform/android/adds/res/raw/messaging_api.js +0 -359
- data/libs/crosswalk/ext/platform/android/adds/res/raw/presentation_api.js +0 -144
- data/libs/crosswalk/ext/platform/android/adds/res/values-v14/theme.xml +0 -16
- data/libs/crosswalk/ext/platform/android/adds/res/values/ui_java_attrs.xml +0 -9
@@ -22,6 +22,21 @@ extern "C" {
|
|
22
22
|
* OpenSSL was configured with the following options:
|
23
23
|
*/
|
24
24
|
|
25
|
+
#ifndef OPENSSL_NO_COMP
|
26
|
+
# define OPENSSL_NO_COMP
|
27
|
+
#endif
|
28
|
+
#ifndef OPENSSL_NO_MD2
|
29
|
+
# define OPENSSL_NO_MD2
|
30
|
+
#endif
|
31
|
+
#ifndef OPENSSL_NO_RC5
|
32
|
+
# define OPENSSL_NO_RC5
|
33
|
+
#endif
|
34
|
+
#ifndef OPENSSL_THREADS
|
35
|
+
# define OPENSSL_THREADS
|
36
|
+
#endif
|
37
|
+
#ifndef OPENSSL_NO_AFALGENG
|
38
|
+
# define OPENSSL_NO_AFALGENG
|
39
|
+
#endif
|
25
40
|
#ifndef OPENSSL_NO_ASAN
|
26
41
|
# define OPENSSL_NO_ASAN
|
27
42
|
#endif
|
@@ -37,6 +52,9 @@ extern "C" {
|
|
37
52
|
#ifndef OPENSSL_NO_EGD
|
38
53
|
# define OPENSSL_NO_EGD
|
39
54
|
#endif
|
55
|
+
#ifndef OPENSSL_NO_ENGINE
|
56
|
+
# define OPENSSL_NO_ENGINE
|
57
|
+
#endif
|
40
58
|
#ifndef OPENSSL_NO_FUZZ_AFL
|
41
59
|
# define OPENSSL_NO_FUZZ_AFL
|
42
60
|
#endif
|
@@ -46,15 +64,12 @@ extern "C" {
|
|
46
64
|
#ifndef OPENSSL_NO_HEARTBEATS
|
47
65
|
# define OPENSSL_NO_HEARTBEATS
|
48
66
|
#endif
|
49
|
-
#ifndef
|
50
|
-
# define
|
67
|
+
#ifndef OPENSSL_NO_HW
|
68
|
+
# define OPENSSL_NO_HW
|
51
69
|
#endif
|
52
70
|
#ifndef OPENSSL_NO_MSAN
|
53
71
|
# define OPENSSL_NO_MSAN
|
54
72
|
#endif
|
55
|
-
#ifndef OPENSSL_NO_RC5
|
56
|
-
# define OPENSSL_NO_RC5
|
57
|
-
#endif
|
58
73
|
#ifndef OPENSSL_NO_SCTP
|
59
74
|
# define OPENSSL_NO_SCTP
|
60
75
|
#endif
|
@@ -76,9 +91,6 @@ extern "C" {
|
|
76
91
|
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
|
77
92
|
# define OPENSSL_NO_WEAK_SSL_CIPHERS
|
78
93
|
#endif
|
79
|
-
#ifndef OPENSSL_THREADS
|
80
|
-
# define OPENSSL_THREADS
|
81
|
-
#endif
|
82
94
|
#ifndef OPENSSL_NO_AFALGENG
|
83
95
|
# define OPENSSL_NO_AFALGENG
|
84
96
|
#endif
|
@@ -39,11 +39,11 @@ extern "C" {
|
|
39
39
|
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
40
40
|
* major minor fix final patch/beta)
|
41
41
|
*/
|
42
|
-
# define OPENSSL_VERSION_NUMBER
|
42
|
+
# define OPENSSL_VERSION_NUMBER 0x10100080L
|
43
43
|
# ifdef OPENSSL_FIPS
|
44
|
-
# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.
|
44
|
+
# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0h-fips-dev xx XXX xxxx"
|
45
45
|
# else
|
46
|
-
# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.
|
46
|
+
# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0h-dev xx XXX xxxx"
|
47
47
|
# endif
|
48
48
|
|
49
49
|
/*-
|
@@ -462,11 +462,13 @@ int ERR_load_RSA_strings(void);
|
|
462
462
|
|
463
463
|
/* Function codes. */
|
464
464
|
# define RSA_F_CHECK_PADDING_MD 140
|
465
|
+
# define RSA_F_ENCODE_PKCS1 146
|
465
466
|
# define RSA_F_INT_RSA_VERIFY 145
|
466
467
|
# define RSA_F_OLD_RSA_PRIV_DECODE 147
|
467
468
|
# define RSA_F_PKEY_RSA_CTRL 143
|
468
469
|
# define RSA_F_PKEY_RSA_CTRL_STR 144
|
469
470
|
# define RSA_F_PKEY_RSA_SIGN 142
|
471
|
+
# define RSA_F_PKEY_RSA_VERIFY 149
|
470
472
|
# define RSA_F_PKEY_RSA_VERIFYRECOVER 141
|
471
473
|
# define RSA_F_RSA_ALGOR_TO_MD 156
|
472
474
|
# define RSA_F_RSA_BUILTIN_KEYGEN 129
|
@@ -36,7 +36,7 @@ extern "C" {
|
|
36
36
|
# ifndef OPENSSL_NO_SRTP
|
37
37
|
|
38
38
|
__owur int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
|
39
|
-
__owur int SSL_set_tlsext_use_srtp(SSL *
|
39
|
+
__owur int SSL_set_tlsext_use_srtp(SSL *ssl, const char *profiles);
|
40
40
|
|
41
41
|
__owur STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
|
42
42
|
__owur SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
|
@@ -262,54 +262,33 @@ typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
|
|
262
262
|
const unsigned char *in,
|
263
263
|
size_t inlen, int *al, void *parse_arg);
|
264
264
|
|
265
|
+
/* Typedef for verification callback */
|
266
|
+
typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
|
267
|
+
|
265
268
|
/* Allow initial connection to servers that don't support RI */
|
266
269
|
# define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004U
|
267
|
-
/* Removed from OpenSSL 0.9.8q and 1.0.0c */
|
268
|
-
/* Dead forever, see CVE-2010-4180. */
|
269
|
-
# define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x0U
|
270
270
|
# define SSL_OP_TLSEXT_PADDING 0x00000010U
|
271
|
-
# define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x0U
|
272
271
|
# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040U
|
273
|
-
/* Ancient SSLeay version, retained for compatibility */
|
274
|
-
# define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x0
|
275
|
-
# define SSL_OP_TLS_D5_BUG 0x0U
|
276
|
-
/* Removed from OpenSSL 1.1.0 */
|
277
|
-
# define SSL_OP_TLS_BLOCK_PADDING_BUG 0x0U
|
278
|
-
|
279
|
-
/* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */
|
280
|
-
# define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0
|
281
|
-
/* Refers to ancient SSLREF and SSLv2, retained for compatibility */
|
282
|
-
# define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0
|
283
|
-
/* Related to removed SSLv2 */
|
284
|
-
# define SSL_OP_MICROSOFT_SESS_ID_BUG 0x0
|
285
|
-
# define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x0
|
286
272
|
|
287
273
|
/*
|
288
274
|
* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in
|
289
275
|
* OpenSSL 0.9.6d. Usually (depending on the application protocol) the
|
290
276
|
* workaround is not needed. Unfortunately some broken SSL/TLS
|
291
277
|
* implementations cannot handle it at all, which is why we include it in
|
292
|
-
* SSL_OP_ALL.
|
278
|
+
* SSL_OP_ALL. Added in 0.9.6e
|
293
279
|
*/
|
294
|
-
/* added in 0.9.6e */
|
295
280
|
# define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800U
|
296
281
|
|
297
|
-
/*
|
298
|
-
* SSL_OP_ALL: various bug workarounds that should be rather harmless. This
|
299
|
-
* used to be 0x000FFFFFL before 0.9.7.
|
300
|
-
*/
|
301
|
-
# define SSL_OP_ALL 0x80000BFFU
|
302
|
-
|
303
282
|
/* DTLS options */
|
304
|
-
# define SSL_OP_NO_QUERY_MTU
|
283
|
+
# define SSL_OP_NO_QUERY_MTU 0x00001000U
|
305
284
|
/* Turn on Cookie Exchange (on relevant for servers) */
|
306
|
-
# define SSL_OP_COOKIE_EXCHANGE
|
285
|
+
# define SSL_OP_COOKIE_EXCHANGE 0x00002000U
|
307
286
|
/* Don't use RFC4507 ticket extension */
|
308
|
-
# define SSL_OP_NO_TICKET
|
287
|
+
# define SSL_OP_NO_TICKET 0x00004000U
|
309
288
|
# ifndef OPENSSL_NO_DTLS1_METHOD
|
310
289
|
/* Use Cisco's "speshul" version of DTLS_BAD_VER
|
311
290
|
* (only with deprecated DTLSv1_client_method()) */
|
312
|
-
# define SSL_OP_CISCO_ANYCONNECT
|
291
|
+
# define SSL_OP_CISCO_ANYCONNECT 0x00008000U
|
313
292
|
# endif
|
314
293
|
|
315
294
|
/* As server, disallow session resumption on renegotiation */
|
@@ -318,12 +297,8 @@ typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
|
|
318
297
|
# define SSL_OP_NO_COMPRESSION 0x00020000U
|
319
298
|
/* Permit unsafe legacy renegotiation */
|
320
299
|
# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000U
|
321
|
-
/*
|
322
|
-
# define
|
323
|
-
/* Does nothing: retained for compatibility */
|
324
|
-
# define SSL_OP_SINGLE_DH_USE 0x0
|
325
|
-
/* Does nothing: retained for compatibility */
|
326
|
-
# define SSL_OP_EPHEMERAL_RSA 0x0
|
300
|
+
/* Disable encrypt-then-mac */
|
301
|
+
# define SSL_OP_NO_ENCRYPT_THEN_MAC 0x00080000U
|
327
302
|
/*
|
328
303
|
* Set on servers to choose the cipher according to the server's preferences
|
329
304
|
*/
|
@@ -336,7 +311,6 @@ typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
|
|
336
311
|
*/
|
337
312
|
# define SSL_OP_TLS_ROLLBACK_BUG 0x00800000U
|
338
313
|
|
339
|
-
# define SSL_OP_NO_SSLv2 0x00000000U
|
340
314
|
# define SSL_OP_NO_SSLv3 0x02000000U
|
341
315
|
# define SSL_OP_NO_TLSv1 0x04000000U
|
342
316
|
# define SSL_OP_NO_TLSv1_2 0x08000000U
|
@@ -349,12 +323,6 @@ typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
|
|
349
323
|
SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2)
|
350
324
|
# define SSL_OP_NO_DTLS_MASK (SSL_OP_NO_DTLSv1|SSL_OP_NO_DTLSv1_2)
|
351
325
|
|
352
|
-
|
353
|
-
/* Removed from previous versions */
|
354
|
-
# define SSL_OP_PKCS1_CHECK_1 0x0
|
355
|
-
# define SSL_OP_PKCS1_CHECK_2 0x0
|
356
|
-
# define SSL_OP_NETSCAPE_CA_DN_BUG 0x0
|
357
|
-
# define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x0U
|
358
326
|
/*
|
359
327
|
* Make server add server-hello extension from early version of cryptopro
|
360
328
|
* draft, when GOST ciphersuite is negotiated. Required for interoperability
|
@@ -362,6 +330,59 @@ typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
|
|
362
330
|
*/
|
363
331
|
# define SSL_OP_CRYPTOPRO_TLSEXT_BUG 0x80000000U
|
364
332
|
|
333
|
+
/*
|
334
|
+
* SSL_OP_ALL: various bug workarounds that should be rather harmless.
|
335
|
+
* This used to be 0x000FFFFFL before 0.9.7.
|
336
|
+
* This used to be 0x80000BFFU before 1.1.1.
|
337
|
+
*/
|
338
|
+
# define SSL_OP_ALL (SSL_OP_CRYPTOPRO_TLSEXT_BUG|\
|
339
|
+
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS|\
|
340
|
+
SSL_OP_LEGACY_SERVER_CONNECT|\
|
341
|
+
SSL_OP_TLSEXT_PADDING|\
|
342
|
+
SSL_OP_SAFARI_ECDHE_ECDSA_BUG)
|
343
|
+
|
344
|
+
/* OBSOLETE OPTIONS: retained for compatibility */
|
345
|
+
|
346
|
+
/* Removed from OpenSSL 1.1.0. Was 0x00000001L */
|
347
|
+
/* Related to removed SSLv2. */
|
348
|
+
# define SSL_OP_MICROSOFT_SESS_ID_BUG 0x0
|
349
|
+
/* Removed from OpenSSL 1.1.0. Was 0x00000002L */
|
350
|
+
/* Related to removed SSLv2. */
|
351
|
+
# define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x0
|
352
|
+
/* Removed from OpenSSL 0.9.8q and 1.0.0c. Was 0x00000008L */
|
353
|
+
/* Dead forever, see CVE-2010-4180 */
|
354
|
+
# define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x0
|
355
|
+
/* Removed from OpenSSL 1.0.1h and 1.0.2. Was 0x00000010L */
|
356
|
+
/* Refers to ancient SSLREF and SSLv2. */
|
357
|
+
# define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0
|
358
|
+
/* Removed from OpenSSL 1.1.0. Was 0x00000020 */
|
359
|
+
# define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x0
|
360
|
+
/* Removed from OpenSSL 0.9.7h and 0.9.8b. Was 0x00000040L */
|
361
|
+
# define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0
|
362
|
+
/* Removed from OpenSSL 1.1.0. Was 0x00000080 */
|
363
|
+
/* Ancient SSLeay version. */
|
364
|
+
# define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x0
|
365
|
+
/* Removed from OpenSSL 1.1.0. Was 0x00000100L */
|
366
|
+
# define SSL_OP_TLS_D5_BUG 0x0
|
367
|
+
/* Removed from OpenSSL 1.1.0. Was 0x00000200L */
|
368
|
+
# define SSL_OP_TLS_BLOCK_PADDING_BUG 0x0
|
369
|
+
/* Removed from OpenSSL 1.1.0. Was 0x00080000L */
|
370
|
+
# define SSL_OP_SINGLE_ECDH_USE 0x0
|
371
|
+
/* Removed from OpenSSL 1.1.0. Was 0x00100000L */
|
372
|
+
# define SSL_OP_SINGLE_DH_USE 0x0
|
373
|
+
/* Removed from OpenSSL 1.0.1k and 1.0.2. Was 0x00200000L */
|
374
|
+
# define SSL_OP_EPHEMERAL_RSA 0x0
|
375
|
+
/* Removed from OpenSSL 1.1.0. Was 0x01000000L */
|
376
|
+
# define SSL_OP_NO_SSLv2 0x0
|
377
|
+
/* Removed from OpenSSL 1.0.1. Was 0x08000000L */
|
378
|
+
# define SSL_OP_PKCS1_CHECK_1 0x0
|
379
|
+
/* Removed from OpenSSL 1.0.1. Was 0x10000000L */
|
380
|
+
# define SSL_OP_PKCS1_CHECK_2 0x0
|
381
|
+
/* Removed from OpenSSL 1.1.0. Was 0x20000000L */
|
382
|
+
# define SSL_OP_NETSCAPE_CA_DN_BUG 0x0
|
383
|
+
/* Removed from OpenSSL 1.1.0. Was 0x40000000L */
|
384
|
+
# define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x0
|
385
|
+
|
365
386
|
/*
|
366
387
|
* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
|
367
388
|
* when just a single record has been written):
|
@@ -1139,6 +1160,8 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
|
|
1139
1160
|
# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE 127
|
1140
1161
|
# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB 128
|
1141
1162
|
# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG 129
|
1163
|
+
# define SSL_CTRL_GET_MIN_PROTO_VERSION 130
|
1164
|
+
# define SSL_CTRL_GET_MAX_PROTO_VERSION 131
|
1142
1165
|
# define SSL_CERT_SET_FIRST 1
|
1143
1166
|
# define SSL_CERT_SET_NEXT 2
|
1144
1167
|
# define SSL_CERT_SET_SERVER 3
|
@@ -1241,7 +1264,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
|
|
1241
1264
|
# define SSL_CTX_set1_sigalgs_list(ctx, s) \
|
1242
1265
|
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s)
|
1243
1266
|
# define SSL_set1_sigalgs(ctx, slist, slistlen) \
|
1244
|
-
SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,
|
1267
|
+
SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(int *)slist)
|
1245
1268
|
# define SSL_set1_sigalgs_list(ctx, s) \
|
1246
1269
|
SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s)
|
1247
1270
|
# define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) \
|
@@ -1270,10 +1293,18 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
|
|
1270
1293
|
SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL)
|
1271
1294
|
#define SSL_CTX_set_max_proto_version(ctx, version) \
|
1272
1295
|
SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL)
|
1296
|
+
#define SSL_CTX_get_min_proto_version(ctx) \
|
1297
|
+
SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, NULL, NULL)
|
1298
|
+
#define SSL_CTX_get_max_proto_version(ctx) \
|
1299
|
+
SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, NULL, NULL)
|
1273
1300
|
#define SSL_set_min_proto_version(s, version) \
|
1274
1301
|
SSL_ctrl(s, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL)
|
1275
1302
|
#define SSL_set_max_proto_version(s, version) \
|
1276
1303
|
SSL_ctrl(s, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL)
|
1304
|
+
#define SSL_get_min_proto_version(s) \
|
1305
|
+
SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, NULL, NULL)
|
1306
|
+
#define SSL_get_max_proto_version(s) \
|
1307
|
+
SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, NULL, NULL)
|
1277
1308
|
|
1278
1309
|
#if OPENSSL_API_COMPAT < 0x10100000L
|
1279
1310
|
/* Provide some compatibility macros for removed functionality. */
|
@@ -1342,9 +1373,8 @@ __owur int SSL_set_cipher_list(SSL *s, const char *str);
|
|
1342
1373
|
void SSL_set_read_ahead(SSL *s, int yes);
|
1343
1374
|
__owur int SSL_get_verify_mode(const SSL *s);
|
1344
1375
|
__owur int SSL_get_verify_depth(const SSL *s);
|
1345
|
-
__owur
|
1346
|
-
void SSL_set_verify(SSL *s, int mode,
|
1347
|
-
int (*callback) (int ok, X509_STORE_CTX *ctx));
|
1376
|
+
__owur SSL_verify_cb SSL_get_verify_callback(const SSL *s);
|
1377
|
+
void SSL_set_verify(SSL *s, int mode, SSL_verify_cb callback);
|
1348
1378
|
void SSL_set_verify_depth(SSL *s, int depth);
|
1349
1379
|
void SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg);
|
1350
1380
|
# ifndef OPENSSL_NO_RSA
|
@@ -1426,7 +1456,7 @@ int SSL_SESSION_up_ref(SSL_SESSION *ses);
|
|
1426
1456
|
void SSL_SESSION_free(SSL_SESSION *ses);
|
1427
1457
|
__owur int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
|
1428
1458
|
__owur int SSL_set_session(SSL *to, SSL_SESSION *session);
|
1429
|
-
|
1459
|
+
int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
|
1430
1460
|
int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c);
|
1431
1461
|
__owur int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
|
1432
1462
|
__owur int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
|
@@ -1443,10 +1473,8 @@ __owur STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s);
|
|
1443
1473
|
|
1444
1474
|
__owur int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
|
1445
1475
|
__owur int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
|
1446
|
-
__owur
|
1447
|
-
|
1448
|
-
void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
|
1449
|
-
int (*callback) (int, X509_STORE_CTX *));
|
1476
|
+
__owur SSL_verify_cb SSL_CTX_get_verify_callback(const SSL_CTX *ctx);
|
1477
|
+
void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, SSL_verify_cb callback);
|
1450
1478
|
void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
|
1451
1479
|
void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
|
1452
1480
|
int (*cb) (X509_STORE_CTX *, void *),
|
@@ -1777,6 +1805,8 @@ void SSL_set_tmp_dh_callback(SSL *ssl,
|
|
1777
1805
|
__owur const COMP_METHOD *SSL_get_current_compression(SSL *s);
|
1778
1806
|
__owur const COMP_METHOD *SSL_get_current_expansion(SSL *s);
|
1779
1807
|
__owur const char *SSL_COMP_get_name(const COMP_METHOD *comp);
|
1808
|
+
__owur const char *SSL_COMP_get0_name(const SSL_COMP *comp);
|
1809
|
+
__owur int SSL_COMP_get_id(const SSL_COMP *comp);
|
1780
1810
|
STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
|
1781
1811
|
__owur STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
|
1782
1812
|
*meths);
|
@@ -1814,7 +1844,7 @@ void SSL_set_not_resumable_session_callback(SSL *ssl,
|
|
1814
1844
|
# endif
|
1815
1845
|
|
1816
1846
|
__owur int SSL_session_reused(SSL *s);
|
1817
|
-
__owur int SSL_is_server(SSL *s);
|
1847
|
+
__owur int SSL_is_server(const SSL *s);
|
1818
1848
|
|
1819
1849
|
__owur __owur SSL_CONF_CTX *SSL_CONF_CTX_new(void);
|
1820
1850
|
int SSL_CONF_CTX_finish(SSL_CONF_CTX *cctx);
|
@@ -2231,6 +2261,7 @@ int ERR_load_SSL_strings(void);
|
|
2231
2261
|
# define SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY 358
|
2232
2262
|
# define SSL_F_TLS_CONSTRUCT_FINISHED 359
|
2233
2263
|
# define SSL_F_TLS_CONSTRUCT_HELLO_REQUEST 373
|
2264
|
+
# define SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET 428
|
2234
2265
|
# define SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE 374
|
2235
2266
|
# define SSL_F_TLS_CONSTRUCT_SERVER_DONE 375
|
2236
2267
|
# define SSL_F_TLS_CONSTRUCT_SERVER_HELLO 376
|
@@ -2343,6 +2374,7 @@ int ERR_load_SSL_strings(void);
|
|
2343
2374
|
# define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
|
2344
2375
|
# define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
|
2345
2376
|
# define SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN 204
|
2377
|
+
# define SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE 194
|
2346
2378
|
# define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
|
2347
2379
|
# define SSL_R_EXTRA_DATA_IN_MESSAGE 153
|
2348
2380
|
# define SSL_R_FAILED_TO_INIT_ASYNC 405
|
@@ -2482,6 +2514,7 @@ int ERR_load_SSL_strings(void);
|
|
2482
2514
|
# define SSL_R_TLS_HEARTBEAT_PENDING 366
|
2483
2515
|
# define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
|
2484
2516
|
# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
|
2517
|
+
# define SSL_R_TOO_MANY_WARN_ALERTS 409
|
2485
2518
|
# define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314
|
2486
2519
|
# define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
|
2487
2520
|
# define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
|
@@ -264,11 +264,14 @@ extern "C" {
|
|
264
264
|
# define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
|
265
265
|
|
266
266
|
/* Set if we encrypt then mac instead of usual mac then encrypt */
|
267
|
-
# define
|
267
|
+
# define TLS1_FLAGS_ENCRYPT_THEN_MAC_READ 0x0100
|
268
|
+
# define TLS1_FLAGS_ENCRYPT_THEN_MAC TLS1_FLAGS_ENCRYPT_THEN_MAC_READ
|
268
269
|
|
269
270
|
/* Set if extended master secret extension received from peer */
|
270
271
|
# define TLS1_FLAGS_RECEIVED_EXTMS 0x0200
|
271
272
|
|
273
|
+
# define TLS1_FLAGS_ENCRYPT_THEN_MAC_WRITE 0x0400
|
274
|
+
|
272
275
|
# define SSL3_MT_HELLO_REQUEST 0
|
273
276
|
# define SSL3_MT_CLIENT_HELLO 1
|
274
277
|
# define SSL3_MT_SERVER_HELLO 2
|
@@ -226,12 +226,12 @@ __owur int SSL_get_servername_type(const SSL *s);
|
|
226
226
|
* as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
|
227
227
|
* optional context. (Since a zero length context is allowed, the |use_context|
|
228
228
|
* flag controls whether a context is included.) It returns 1 on success and
|
229
|
-
*
|
229
|
+
* 0 or -1 otherwise.
|
230
230
|
*/
|
231
231
|
__owur int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
|
232
|
-
|
233
|
-
|
234
|
-
|
232
|
+
const char *label, size_t llen,
|
233
|
+
const unsigned char *context,
|
234
|
+
size_t contextlen, int use_context);
|
235
235
|
|
236
236
|
int SSL_get_sigalgs(SSL *s, int idx,
|
237
237
|
int *psign, int *phash, int *psignandhash,
|
@@ -298,9 +298,9 @@ SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB,0, (void (**)(void))cb)
|
|
298
298
|
SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
|
299
299
|
|
300
300
|
# define SSL_CTX_get_tlsext_status_arg(ssl, arg) \
|
301
|
-
SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg
|
301
|
+
SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
|
302
302
|
# define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
|
303
|
-
SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
|
303
|
+
SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
|
304
304
|
|
305
305
|
#define SSL_CTX_set_tlsext_status_type(ssl, type) \
|
306
306
|
SSL_CTX_ctrl(ssl, SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE, type, NULL)
|
@@ -339,8 +339,12 @@ int ERR_load_UI_strings(void);
|
|
339
339
|
/* Error codes for the UI functions. */
|
340
340
|
|
341
341
|
/* Function codes. */
|
342
|
+
# define UI_F_CLOSE_CONSOLE 115
|
343
|
+
# define UI_F_ECHO_CONSOLE 116
|
342
344
|
# define UI_F_GENERAL_ALLOCATE_BOOLEAN 108
|
343
345
|
# define UI_F_GENERAL_ALLOCATE_PROMPT 109
|
346
|
+
# define UI_F_NOECHO_CONSOLE 117
|
347
|
+
# define UI_F_OPEN_CONSOLE 114
|
344
348
|
# define UI_F_UI_CREATE_METHOD 112
|
345
349
|
# define UI_F_UI_CTRL 111
|
346
350
|
# define UI_F_UI_DUP_ERROR_STRING 101
|
@@ -350,6 +354,7 @@ int ERR_load_UI_strings(void);
|
|
350
354
|
# define UI_F_UI_DUP_VERIFY_STRING 106
|
351
355
|
# define UI_F_UI_GET0_RESULT 107
|
352
356
|
# define UI_F_UI_NEW_METHOD 104
|
357
|
+
# define UI_F_UI_PROCESS 113
|
353
358
|
# define UI_F_UI_SET_RESULT 105
|
354
359
|
|
355
360
|
/* Reason codes. */
|
@@ -357,9 +362,14 @@ int ERR_load_UI_strings(void);
|
|
357
362
|
# define UI_R_INDEX_TOO_LARGE 102
|
358
363
|
# define UI_R_INDEX_TOO_SMALL 103
|
359
364
|
# define UI_R_NO_RESULT_BUFFER 105
|
365
|
+
# define UI_R_PROCESSING_ERROR 107
|
360
366
|
# define UI_R_RESULT_TOO_LARGE 100
|
361
367
|
# define UI_R_RESULT_TOO_SMALL 101
|
368
|
+
# define UI_R_SYSASSIGN_ERROR 109
|
369
|
+
# define UI_R_SYSDASSGN_ERROR 110
|
370
|
+
# define UI_R_SYSQIOW_ERROR 111
|
362
371
|
# define UI_R_UNKNOWN_CONTROL_COMMAND 106
|
372
|
+
# define UI_R_UNKNOWN_TTYGET_ERRNO_VALUE 108
|
363
373
|
|
364
374
|
# ifdef __cplusplus
|
365
375
|
}
|