summaryrefslogtreecommitdiffstats
path: root/net/third_party/nss/ssl/sslimpl.h
diff options
context:
space:
mode:
authoragl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2010-11-22 21:42:38 +0000
committeragl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2010-11-22 21:42:38 +0000
commit67d9e6801ab1201732fc2a1d13e95a2f330cc0f3 (patch)
tree53a8023a177fdebe038955b43fcda0b0612f6e19 /net/third_party/nss/ssl/sslimpl.h
parent53edc64524d217d22b175f78f8c81df0ece79a11 (diff)
downloadchromium_src-67d9e6801ab1201732fc2a1d13e95a2f330cc0f3.zip
chromium_src-67d9e6801ab1201732fc2a1d13e95a2f330cc0f3.tar.gz
chromium_src-67d9e6801ab1201732fc2a1d13e95a2f330cc0f3.tar.bz2
nss: add support for OCSP stapling.
This patch adds support in libssl for requesting and storing OCSP stapled responses. BUG=none TEST=none (yet) http://codereview.chromium.org/5045001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@67005 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/third_party/nss/ssl/sslimpl.h')
-rw-r--r--net/third_party/nss/ssl/sslimpl.h13
1 files changed, 13 insertions, 0 deletions
diff --git a/net/third_party/nss/ssl/sslimpl.h b/net/third_party/nss/ssl/sslimpl.h
index b84511b..c656f65 100644
--- a/net/third_party/nss/ssl/sslimpl.h
+++ b/net/third_party/nss/ssl/sslimpl.h
@@ -350,6 +350,7 @@ typedef struct sslOptionsStr {
unsigned int requireSafeNegotiation : 1; /* 22 */
unsigned int enableFalseStart : 1; /* 23 */
unsigned int enableSnapStart : 1; /* 24 */
+ unsigned int enableOCSPStapling : 1; /* 25 */
} sslOptions;
typedef enum { sslHandshakingUndetermined = 0,
@@ -820,6 +821,14 @@ const ssl3CipherSuiteDef *suite_def;
* when this one finishes */
PRBool usedStepDownKey; /* we did a server key exchange. */
PRBool sendingSCSV; /* instead of empty RI */
+ PRBool may_get_cert_status; /* the server echoed a
+ * status_request extension so
+ * may send a CertificateStatus
+ * handshake message. */
+ SECItem pending_cert_msg; /* a Certificate message which we
+ * save temporarily if we may get
+ * a CertificateStatus message */
+ SECItem cert_status; /* an OCSP response */
sslBuffer msgState; /* current state for handshake messages*/
/* protected by recvBufLock */
sslBuffer messages; /* Accumulated handshake messages */
@@ -1620,6 +1629,8 @@ extern SECStatus ssl3_ClientHandleSessionTicketXtn(sslSocket *ss,
PRUint16 ex_type, SECItem *data);
extern SECStatus ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss,
PRUint16 ex_type, SECItem *data);
+extern SECStatus ssl3_ClientHandleStatusRequestXtn(sslSocket *ss,
+ PRUint16 ex_type, SECItem *data);
extern SECStatus ssl3_ServerHandleSessionTicketXtn(sslSocket *ss,
PRUint16 ex_type, SECItem *data);
extern SECStatus ssl3_ServerHandleNextProtoNegoXtn(sslSocket *ss,
@@ -1631,6 +1642,8 @@ extern SECStatus ssl3_ServerHandleNextProtoNegoXtn(sslSocket *ss,
*/
extern PRInt32 ssl3_SendSessionTicketXtn(sslSocket *ss, PRBool append,
PRUint32 maxBytes);
+extern PRInt32 ssl3_ClientSendStatusRequestXtn(sslSocket *ss, PRBool append,
+ PRUint32 maxBytes);
/* ClientHello and ServerHello extension senders.
* The code is in ssl3ext.c.
generated by cgit v1.1 at 2025-01-18 04:49:43 +0000