"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "nss/lib/ssl/sslimpl.h" between
nss-3.61.tar.gz and nss-3.62.tar.gz

About: NSS is a set of libraries, APIs, utilities, and documentation designed to support cross-platform development of security-enabled client and server applications. It provides a complete implementation of the crypto libraries used by Mozilla and other companies.

sslimpl.h  (nss-3.61):sslimpl.h  (nss-3.62)
skipping to change at line 39 skipping to change at line 39
#endif #endif
#include "nssrwlk.h" #include "nssrwlk.h"
#include "prthread.h" #include "prthread.h"
#include "prclist.h" #include "prclist.h"
#include "private/pprthred.h" #include "private/pprthred.h"
#include "sslt.h" /* for some formerly private types, now public */ #include "sslt.h" /* for some formerly private types, now public */
typedef struct sslSocketStr sslSocket; typedef struct sslSocketStr sslSocket;
typedef struct sslNamedGroupDefStr sslNamedGroupDef; typedef struct sslNamedGroupDefStr sslNamedGroupDef;
typedef struct sslEsniKeysStr sslEsniKeys;
typedef struct sslEchConfigStr sslEchConfig; typedef struct sslEchConfigStr sslEchConfig;
typedef struct sslEchConfigContentsStr sslEchConfigContents; typedef struct sslEchConfigContentsStr sslEchConfigContents;
typedef struct sslEchXtnStateStr sslEchXtnState;
typedef struct sslPskStr sslPsk; typedef struct sslPskStr sslPsk;
typedef struct sslDelegatedCredentialStr sslDelegatedCredential; typedef struct sslDelegatedCredentialStr sslDelegatedCredential;
typedef struct sslEphemeralKeyPairStr sslEphemeralKeyPair; typedef struct sslEphemeralKeyPairStr sslEphemeralKeyPair;
typedef struct TLS13KeyShareEntryStr TLS13KeyShareEntry; typedef struct TLS13KeyShareEntryStr TLS13KeyShareEntry;
#include "sslencode.h" #include "sslencode.h"
#include "sslexp.h" #include "sslexp.h"
#include "ssl3ext.h" #include "ssl3ext.h"
#include "sslspec.h" #include "sslspec.h"
skipping to change at line 290 skipping to change at line 290
unsigned int enable0RttData : 1; unsigned int enable0RttData : 1;
unsigned int enableTls13CompatMode : 1; unsigned int enableTls13CompatMode : 1;
unsigned int enableDtlsShortHeader : 1; unsigned int enableDtlsShortHeader : 1;
unsigned int enableHelloDowngradeCheck : 1; unsigned int enableHelloDowngradeCheck : 1;
unsigned int enableV2CompatibleHello : 1; unsigned int enableV2CompatibleHello : 1;
unsigned int enablePostHandshakeAuth : 1; unsigned int enablePostHandshakeAuth : 1;
unsigned int enableDelegatedCredentials : 1; unsigned int enableDelegatedCredentials : 1;
unsigned int enableDtls13VersionCompat : 1; unsigned int enableDtls13VersionCompat : 1;
unsigned int suppressEndOfEarlyData : 1; unsigned int suppressEndOfEarlyData : 1;
unsigned int enableTls13GreaseEch : 1; unsigned int enableTls13GreaseEch : 1;
unsigned int enableTls13BackendEch : 1;
} sslOptions; } sslOptions;
typedef enum { sslHandshakingUndetermined = 0, typedef enum { sslHandshakingUndetermined = 0,
sslHandshakingAsClient, sslHandshakingAsClient,
sslHandshakingAsServer sslHandshakingAsServer
} sslHandshakingType; } sslHandshakingType;
#define SSL_LOCK_RANK_SPEC 255 #define SSL_LOCK_RANK_SPEC 255
/* These are the valid values for shutdownHow. /* These are the valid values for shutdownHow.
skipping to change at line 751 skipping to change at line 752
/* The following lists contain DTLSHandshakeRecordEntry */ /* The following lists contain DTLSHandshakeRecordEntry */
PRCList dtlsSentHandshake; /* Used to map records to handshake fragments. */ PRCList dtlsSentHandshake; /* Used to map records to handshake fragments. */
PRCList dtlsRcvdHandshake; /* Handshake records we have received PRCList dtlsRcvdHandshake; /* Handshake records we have received
* used to generate ACKs. */ * used to generate ACKs. */
/* TLS 1.3 ECH state. */ /* TLS 1.3 ECH state. */
PRBool echAccepted; /* Client/Server: True if we've commited to using CHInner. */ PRBool echAccepted; /* Client/Server: True if we've commited to using CHInner. */
HpkeContext *echHpkeCtx; /* Client/Server: HPKE context for ECH. */ HpkeContext *echHpkeCtx; /* Client/Server: HPKE context for ECH. */
const char *echPublicName; /* Client: If rejected, the ECHConfig.publicName to const char *echPublicName; /* Client: If rejected, the ECHConfig.publicName to
* use for certificate verification. */ * use for certificate verification. */
sslBuffer greaseEchBuf; /* Client: Remember GREASE ECH, as advertised, fo r CH2 (HRR case). */
} SSL3HandshakeState; } SSL3HandshakeState;
#define SSL_ASSERT_HASHES_EMPTY(ss) \ #define SSL_ASSERT_HASHES_EMPTY(ss) \
do { \ do { \
PORT_Assert(ss->ssl3.hs.hashType == handshake_hash_unknown); \ PORT_Assert(ss->ssl3.hs.hashType == handshake_hash_unknown); \
PORT_Assert(ss->ssl3.hs.messages.len == 0); \ PORT_Assert(ss->ssl3.hs.messages.len == 0); \
PORT_Assert(ss->ssl3.hs.echInnerMessages.len == 0); \ PORT_Assert(ss->ssl3.hs.echInnerMessages.len == 0); \
} while (0) } while (0)
skipping to change at line 1125 skipping to change at line 1127
* TLS extension related data. * TLS extension related data.
*/ */
/* True when the current session is a stateless resume. */ /* True when the current session is a stateless resume. */
PRBool statelessResume; PRBool statelessResume;
TLSExtensionData xtnData; TLSExtensionData xtnData;
/* Whether we are doing stream or datagram mode */ /* Whether we are doing stream or datagram mode */
SSLProtocolVariant protocolVariant; SSLProtocolVariant protocolVariant;
/* TLS 1.3 Encrypted Client Hello. */ /* TLS 1.3 Encrypted Client Hello. */
PRCList echConfigs; /* Client/server: Must not change while hs is PRCList echConfigs; /* Client/server: Must not change while hs
in-progress. */ * is in-progress. */
SECKEYPublicKey *echPubKey; /* Server: The ECH keypair used in HPKE setup SECKEYPublicKey *echPubKey; /* Server: The ECH keypair used in HPKE. */
*/
SECKEYPrivateKey *echPrivKey; /* As above. */ SECKEYPrivateKey *echPrivKey; /* As above. */
/* Anti-replay for TLS 1.3 0-RTT. */ /* Anti-replay for TLS 1.3 0-RTT. */
SSLAntiReplayContext *antiReplay; SSLAntiReplayContext *antiReplay;
/* An out-of-band PSK. */ /* An out-of-band PSK. */
sslPsk *psk; sslPsk *psk;
}; };
struct sslSelfEncryptKeysStr { struct sslSelfEncryptKeysStr {
skipping to change at line 1951 skipping to change at line 1954
SSLMaskingContext **ctx); SSLMaskingContext **ctx);
SECStatus SSLExp_CreateMask(SSLMaskingContext *ctx, const PRUint8 *sample, SECStatus SSLExp_CreateMask(SSLMaskingContext *ctx, const PRUint8 *sample,
unsigned int sampleLen, PRUint8 *mask, unsigned int sampleLen, PRUint8 *mask,
unsigned int len); unsigned int len);
SECStatus SSLExp_DestroyMaskingContext(SSLMaskingContext *ctx); SECStatus SSLExp_DestroyMaskingContext(SSLMaskingContext *ctx);
SECStatus SSLExp_EnableTls13GreaseEch(PRFileDesc *fd, PRBool enabled); SECStatus SSLExp_EnableTls13GreaseEch(PRFileDesc *fd, PRBool enabled);
SECStatus SSLExp_EnableTls13BackendEch(PRFileDesc *fd, PRBool enabled);
SEC_END_PROTOS SEC_END_PROTOS
#if defined(XP_UNIX) || defined(XP_OS2) || defined(XP_BEOS) #if defined(XP_UNIX) || defined(XP_OS2) || defined(XP_BEOS)
#define SSL_GETPID getpid #define SSL_GETPID getpid
#elif defined(WIN32) #elif defined(WIN32)
extern int __cdecl _getpid(void); extern int __cdecl _getpid(void);
#define SSL_GETPID _getpid #define SSL_GETPID _getpid
#else #else
#define SSL_GETPID() 0 #define SSL_GETPID() 0
#endif #endif
 End of changes. 6 change blocks. 
5 lines changed or deleted 8 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)