diff options
| author | Kenny Root <kroot@google.com> | 2015-07-24 21:10:53 +0000 |
|---|---|---|
| committer | Android Git Automerger <android-git-automerger@android.com> | 2015-07-24 21:10:53 +0000 |
| commit | dc35386c92b2c545de07d711009d3e8f7e25db00 (patch) | |
| tree | 4d210b442e8e6742e9b0ff9dca4fc158c1a6a03e /src/ssl/internal.h | |
| parent | ffd8e0a5b40ce124e6dce4cb7546a26680d33d16 (diff) | |
| parent | 07f4f42347557420f105a72d9a93bc8ee88a3dc5 (diff) | |
| download | external_boringssl-dc35386c92b2c545de07d711009d3e8f7e25db00.zip external_boringssl-dc35386c92b2c545de07d711009d3e8f7e25db00.tar.gz external_boringssl-dc35386c92b2c545de07d711009d3e8f7e25db00.tar.bz2 | |
am 07f4f423: Merge changes Icdc56a50,I63d5dc28,Ia7d0c5d8,I47406533
* commit '07f4f42347557420f105a72d9a93bc8ee88a3dc5':
Handle RDRAND failures.
dsa_pub_encode: Write out DSA parameters (p, q, g) in addition to key.
Fix for CVE-2015-1789.
Fixes for CVE-2015-1791.
Diffstat (limited to 'src/ssl/internal.h')
| -rw-r--r-- | src/ssl/internal.h | 18 |
1 files changed, 8 insertions, 10 deletions
diff --git a/src/ssl/internal.h b/src/ssl/internal.h index 7d9a5ad..4d70431 100644 --- a/src/ssl/internal.h +++ b/src/ssl/internal.h @@ -581,15 +581,13 @@ typedef struct cert_st { } CERT; typedef struct sess_cert_st { - STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */ + /* cert_chain is the certificate chain sent by the peer. NOTE: for a client, + * this does includes the server's leaf certificate, but, for a server, this + * does NOT include the client's leaf. */ + STACK_OF(X509) *cert_chain; - /* The 'peer_...' members are used only by clients. */ - int peer_cert_type; - - CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */ - CERT_PKEY peer_pkeys[SSL_PKEY_NUM]; - /* Obviously we don't have the private keys of these, - * so maybe we shouldn't even use the CERT_PKEY type here. */ + /* peer_cert, on a client, is the leaf certificate of the peer. */ + X509 *peer_cert; DH *peer_dh_tmp; EC_KEY *peer_ecdh_tmp; @@ -799,8 +797,8 @@ CERT *ssl_cert_dup(CERT *cert); void ssl_cert_clear_certs(CERT *c); void ssl_cert_free(CERT *c); SESS_CERT *ssl_sess_cert_new(void); -void ssl_sess_cert_free(SESS_CERT *sc); -int ssl_set_peer_cert_type(SESS_CERT *c, int type); +SESS_CERT *ssl_sess_cert_dup(const SESS_CERT *sess_cert); +void ssl_sess_cert_free(SESS_CERT *sess_cert); int ssl_get_new_session(SSL *s, int session); int ssl_get_prev_session(SSL *s, const struct ssl_early_callback_ctx *ctx); STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, const CBS *cbs); |