1 /* $OpenBSD: ssl.h,v 1.209 2021/09/14 23:07:18 inoguchi Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as core.stdc.config.c_long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116 /* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 module libressl_d.openssl.ssl; 143 144 145 private static import core.stdc.config; 146 private static import libressl_d.compat.stdio; 147 private static import libressl_d.compat.time; 148 private static import libressl_d.openssl.asn1; 149 private static import libressl_d.openssl.ec; 150 private static import libressl_d.openssl.evp; 151 private static import libressl_d.openssl.opensslfeatures; 152 private static import libressl_d.openssl.ossl_typ; 153 private static import libressl_d.openssl.stack; 154 private static import libressl_d.openssl.x509_vfy; 155 public import core.stdc.stdint; 156 public import libressl_d.openssl.bio; 157 public import libressl_d.openssl.crypto; 158 public import libressl_d.openssl.dtls1; 159 public import libressl_d.openssl.hmac; 160 public import libressl_d.openssl.opensslconf; 161 public import libressl_d.openssl.pem; 162 public import libressl_d.openssl.safestack; 163 public import libressl_d.openssl.srtp; 164 public import libressl_d.openssl.ssl23; 165 public import libressl_d.openssl.ssl2; 166 public import libressl_d.openssl.ssl3; 167 public import libressl_d.openssl.tls1; 168 public import libressl_d.openssl.x509; 169 170 version (OPENSSL_NO_DEPRECATED) { 171 } else { 172 public import libressl_d.openssl.buffer; 173 public import libressl_d.openssl.crypto; 174 public import libressl_d.openssl.lhash; 175 176 version (OPENSSL_NO_X509) { 177 } else { 178 public import libressl_d.openssl.x509; 179 } 180 } 181 182 //public import libressl_d.openssl.dtls1; /* Datagram TLS */ 183 //public import libressl_d.openssl.srtp; /* Support for the use_srtp extension */ 184 //public import libressl_d.openssl.tls1; /* This is mostly sslv3 with a few tweaks */ 185 186 extern (C): 187 nothrow @nogc: 188 189 /* SSLeay version number for ASN.1 encoding of the session information */ 190 /* 191 * Version 0 - initial version 192 * Version 1 - added the optional peer certificate 193 */ 194 enum SSL_SESSION_ASN1_VERSION = 0x0001; 195 196 /* text strings for the ciphers */ 197 enum SSL_TXT_NULL_WITH_MD5 = libressl_d.openssl.ssl2.SSL2_TXT_NULL_WITH_MD5; 198 enum SSL_TXT_RC4_128_WITH_MD5 = libressl_d.openssl.ssl2.SSL2_TXT_RC4_128_WITH_MD5; 199 enum SSL_TXT_RC4_128_EXPORT40_WITH_MD5 = libressl_d.openssl.ssl2.SSL2_TXT_RC4_128_EXPORT40_WITH_MD5; 200 enum SSL_TXT_RC2_128_CBC_WITH_MD5 = libressl_d.openssl.ssl2.SSL2_TXT_RC2_128_CBC_WITH_MD5; 201 enum SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 = libressl_d.openssl.ssl2.SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5; 202 enum SSL_TXT_IDEA_128_CBC_WITH_MD5 = libressl_d.openssl.ssl2.SSL2_TXT_IDEA_128_CBC_WITH_MD5; 203 enum SSL_TXT_DES_64_CBC_WITH_MD5 = libressl_d.openssl.ssl2.SSL2_TXT_DES_64_CBC_WITH_MD5; 204 enum SSL_TXT_DES_64_CBC_WITH_SHA = libressl_d.openssl.ssl2.SSL2_TXT_DES_64_CBC_WITH_SHA; 205 enum SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 = libressl_d.openssl.ssl2.SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5; 206 enum SSL_TXT_DES_192_EDE3_CBC_WITH_SHA = libressl_d.openssl.ssl2.SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA; 207 208 /* 209 * VRS Additional Kerberos5 entries 210 */ 211 enum SSL_TXT_KRB5_DES_64_CBC_SHA = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_DES_64_CBC_SHA; 212 enum SSL_TXT_KRB5_DES_192_CBC3_SHA = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_DES_192_CBC3_SHA; 213 enum SSL_TXT_KRB5_RC4_128_SHA = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_RC4_128_SHA; 214 enum SSL_TXT_KRB5_IDEA_128_CBC_SHA = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_IDEA_128_CBC_SHA; 215 enum SSL_TXT_KRB5_DES_64_CBC_MD5 = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_DES_64_CBC_MD5; 216 enum SSL_TXT_KRB5_DES_192_CBC3_MD5 = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_DES_192_CBC3_MD5; 217 enum SSL_TXT_KRB5_RC4_128_MD5 = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_RC4_128_MD5; 218 enum SSL_TXT_KRB5_IDEA_128_CBC_MD5 = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_IDEA_128_CBC_MD5; 219 220 enum SSL_TXT_KRB5_DES_40_CBC_SHA = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_DES_40_CBC_SHA; 221 enum SSL_TXT_KRB5_RC2_40_CBC_SHA = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_RC2_40_CBC_SHA; 222 enum SSL_TXT_KRB5_RC4_40_SHA = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_RC4_40_SHA; 223 enum SSL_TXT_KRB5_DES_40_CBC_MD5 = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_DES_40_CBC_MD5; 224 enum SSL_TXT_KRB5_RC2_40_CBC_MD5 = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_RC2_40_CBC_MD5; 225 enum SSL_TXT_KRB5_RC4_40_MD5 = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_RC4_40_MD5; 226 227 //enum SSL_TXT_KRB5_DES_40_CBC_SHA = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_DES_40_CBC_SHA; 228 //enum SSL_TXT_KRB5_DES_40_CBC_MD5 = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_DES_40_CBC_MD5; 229 //enum SSL_TXT_KRB5_DES_64_CBC_SHA = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_DES_64_CBC_SHA; 230 //enum SSL_TXT_KRB5_DES_64_CBC_MD5 = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_DES_64_CBC_MD5; 231 //enum SSL_TXT_KRB5_DES_192_CBC3_SHA = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_DES_192_CBC3_SHA; 232 //enum SSL_TXT_KRB5_DES_192_CBC3_MD5 = libressl_d.openssl.ssl3.SSL3_TXT_KRB5_DES_192_CBC3_MD5; 233 enum SSL_MAX_KRB5_PRINCIPAL_LENGTH = 256; 234 235 enum SSL_MAX_SSL_SESSION_ID_LENGTH = 32; 236 enum SSL_MAX_SID_CTX_LENGTH = 32; 237 238 enum SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES = 512 / 8; 239 enum SSL_MAX_KEY_ARG_LENGTH = 8; 240 enum SSL_MAX_MASTER_KEY_LENGTH = 48; 241 242 /* These are used to specify which ciphers to use and not to use */ 243 244 enum SSL_TXT_LOW = "LOW"; 245 enum SSL_TXT_MEDIUM = "MEDIUM"; 246 enum SSL_TXT_HIGH = "HIGH"; 247 248 /** 249 * unused! 250 */ 251 enum SSL_TXT_kFZA = "kFZA"; 252 253 ///Ditto 254 enum SSL_TXT_aFZA = "aFZA"; 255 256 ///Ditto 257 enum SSL_TXT_eFZA = "eFZA"; 258 259 ///Ditto 260 enum SSL_TXT_FZA = "FZA"; 261 262 enum SSL_TXT_aNULL = "aNULL"; 263 enum SSL_TXT_eNULL = "eNULL"; 264 enum SSL_TXT_NULL = "null"; 265 266 enum SSL_TXT_kRSA = "kRSA"; 267 268 /** 269 * no such ciphersuites supported! 270 */ 271 enum SSL_TXT_kDHr = "kDHr"; 272 273 ///Ditto 274 enum SSL_TXT_kDHd = "kDHd"; 275 276 ///Ditto 277 enum SSL_TXT_kDH = "kDH"; 278 279 enum SSL_TXT_kEDH = "kEDH"; 280 enum SSL_TXT_kKRB5 = "kKRB5"; 281 enum SSL_TXT_kECDHr = "kECDHr"; 282 enum SSL_TXT_kECDHe = "kECDHe"; 283 enum SSL_TXT_kECDH = "kECDH"; 284 enum SSL_TXT_kEECDH = "kEECDH"; 285 enum SSL_TXT_kPSK = "kPSK"; 286 enum SSL_TXT_kGOST = "kGOST"; 287 enum SSL_TXT_kSRP = "kSRP"; 288 289 enum SSL_TXT_aRSA = "aRSA"; 290 enum SSL_TXT_aDSS = "aDSS"; 291 292 /** 293 * no such ciphersuites supported! 294 */ 295 enum SSL_TXT_aDH = "aDH"; 296 297 enum SSL_TXT_aECDH = "aECDH"; 298 enum SSL_TXT_aKRB5 = "aKRB5"; 299 enum SSL_TXT_aECDSA = "aECDSA"; 300 enum SSL_TXT_aPSK = "aPSK"; 301 enum SSL_TXT_aGOST94 = "aGOST94"; 302 enum SSL_TXT_aGOST01 = "aGOST01"; 303 enum SSL_TXT_aGOST = "aGOST"; 304 305 enum SSL_TXT_DSS = "DSS"; 306 enum SSL_TXT_DH = "DH"; 307 308 /** 309 * same as "kDHE:-ADH" 310 */ 311 enum SSL_TXT_DHE = "DHE"; 312 313 /** 314 * previous name for DHE 315 */ 316 enum SSL_TXT_EDH = "EDH"; 317 318 enum SSL_TXT_ADH = "ADH"; 319 enum SSL_TXT_RSA = "RSA"; 320 enum SSL_TXT_ECDH = "ECDH"; 321 322 /** 323 * same as "kECDHE:-AECDH" 324 */ 325 enum SSL_TXT_ECDHE = "ECDHE"; 326 327 /** 328 * previous name for ECDHE 329 */ 330 enum SSL_TXT_EECDH = "EECDH"; 331 332 enum SSL_TXT_AECDH = "AECDH"; 333 enum SSL_TXT_ECDSA = "ECDSA"; 334 enum SSL_TXT_KRB5 = "KRB5"; 335 enum SSL_TXT_PSK = "PSK"; 336 enum SSL_TXT_SRP = "SRP"; 337 338 enum SSL_TXT_DES = "DES"; 339 enum SSL_TXT_3DES = "3DES"; 340 enum SSL_TXT_RC4 = "RC4"; 341 enum SSL_TXT_RC2 = "RC2"; 342 enum SSL_TXT_IDEA = "IDEA"; 343 enum SSL_TXT_SEED = "SEED"; 344 enum SSL_TXT_AES128 = "AES128"; 345 enum SSL_TXT_AES256 = "AES256"; 346 enum SSL_TXT_AES = "AES"; 347 enum SSL_TXT_AES_GCM = "AESGCM"; 348 enum SSL_TXT_CAMELLIA128 = "CAMELLIA128"; 349 enum SSL_TXT_CAMELLIA256 = "CAMELLIA256"; 350 enum SSL_TXT_CAMELLIA = "CAMELLIA"; 351 enum SSL_TXT_CHACHA20 = "CHACHA20"; 352 353 enum SSL_TXT_AEAD = "AEAD"; 354 enum SSL_TXT_MD5 = "MD5"; 355 enum SSL_TXT_SHA1 = "SHA1"; 356 357 /** 358 * same as "SHA1" 359 */ 360 enum SSL_TXT_SHA = "SHA"; 361 362 enum SSL_TXT_GOST94 = "GOST94"; 363 enum SSL_TXT_GOST89MAC = "GOST89MAC"; 364 enum SSL_TXT_SHA256 = "SHA256"; 365 enum SSL_TXT_SHA384 = "SHA384"; 366 enum SSL_TXT_STREEBOG256 = "STREEBOG256"; 367 enum SSL_TXT_STREEBOG512 = "STREEBOG512"; 368 369 enum SSL_TXT_DTLS1 = "DTLSv1"; 370 enum SSL_TXT_DTLS1_2 = "DTLSv1.2"; 371 enum SSL_TXT_SSLV2 = "SSLv2"; 372 enum SSL_TXT_SSLV3 = "SSLv3"; 373 enum SSL_TXT_TLSV1 = "TLSv1"; 374 enum SSL_TXT_TLSV1_1 = "TLSv1.1"; 375 enum SSL_TXT_TLSV1_2 = "TLSv1.2"; 376 377 static if ((libressl_d.openssl.opensslfeatures.LIBRESSL_HAS_TLS1_3) || (libressl_d.openssl.opensslfeatures.LIBRESSL_INTERNAL)) { 378 enum SSL_TXT_TLSV1_3 = "TLSv1.3"; 379 } 380 381 enum SSL_TXT_EXP = "EXP"; 382 enum SSL_TXT_EXPORT = "EXPORT"; 383 384 enum SSL_TXT_ALL = "ALL"; 385 386 /* 387 * COMPLEMENTOF* definitions. These identifiers are used to (de-select) 388 * ciphers normally not being used. 389 * Example: "RC4" will activate all ciphers using RC4 including ciphers 390 * without authentication, which would normally disabled by DEFAULT (due 391 * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT" 392 * will make sure that it is also disabled in the specific selection. 393 * COMPLEMENTOF* identifiers are portable between version, as adjustments 394 * to the default cipher setup will also be included here. 395 * 396 * COMPLEMENTOFDEFAULT does not experience the same special treatment that 397 * DEFAULT gets, as only selection is being done and no sorting as needed 398 * for DEFAULT. 399 */ 400 enum SSL_TXT_CMPALL = "COMPLEMENTOFALL"; 401 enum SSL_TXT_CMPDEF = "COMPLEMENTOFDEFAULT"; 402 403 /* 404 * The following cipher list is used by default. 405 * It also is substituted when an application-defined cipher list string 406 * starts with 'DEFAULT'. 407 */ 408 enum SSL_DEFAULT_CIPHER_LIST = "ALL:!aNULL:!eNULL:!SSLv2"; 409 /* 410 * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always 411 * starts with a reasonable order, and all we have to do for DEFAULT is 412 * throwing out anonymous and unencrypted ciphersuites! 413 * (The latter are not actually enabled by ALL, but "ALL:RSA" would enable 414 * some of them.) 415 */ 416 417 /* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ 418 enum SSL_SENT_SHUTDOWN = 1; 419 enum SSL_RECEIVED_SHUTDOWN = 2; 420 421 enum SSL_FILETYPE_ASN1 = libressl_d.openssl.x509.X509_FILETYPE_ASN1; 422 enum SSL_FILETYPE_PEM = libressl_d.openssl.x509.X509_FILETYPE_PEM; 423 424 /* 425 * This is needed to stop compilers complaining about the 426 * 'struct ssl_st *' function parameters used to prototype callbacks 427 * in SSL_CTX. 428 */ 429 alias ssl_crock_st = .ssl_st*; 430 431 version (LIBRESSL_INTERNAL) { 432 alias TLS_SESSION_TICKET_EXT = libressl_d.openssl.tls1.tls_session_ticket_ext_st; 433 } 434 435 version (all) { 436 struct ssl_method_st; 437 struct ssl_cipher_st; 438 struct ssl_session_st; 439 } 440 441 alias SSL_METHOD = .ssl_method_st; 442 alias SSL_CIPHER = .ssl_cipher_st; 443 alias SSL_SESSION = .ssl_session_st; 444 445 //DECLARE_STACK_OF(SSL_CIPHER) 446 struct stack_st_SSL_CIPHER 447 { 448 libressl_d.openssl.stack._STACK stack; 449 } 450 451 /** 452 * SRTP protection profiles for use with the use_srtp extension (RFC 5764) 453 */ 454 struct srtp_protection_profile_st 455 { 456 const (char)* name; 457 core.stdc.config.c_ulong id; 458 } 459 460 alias SRTP_PROTECTION_PROFILE = .srtp_protection_profile_st; 461 462 //DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE) 463 struct stack_st_SRTP_PROTECTION_PROFILE 464 { 465 libressl_d.openssl.stack._STACK stack; 466 } 467 468 alias tls_session_ticket_ext_cb_fn = extern (C) nothrow @nogc int function(libressl_d.openssl.ossl_typ.SSL* s, const (ubyte)* data, int len, void* arg); 469 alias tls_session_secret_cb_fn = extern (C) nothrow @nogc int function(libressl_d.openssl.ossl_typ.SSL* s, void* secret, int* secret_len, .stack_st_SSL_CIPHER * peer_ciphers, .SSL_CIPHER** cipher, void* arg); 470 471 /** 472 * Allow initial connection to servers that don't support RI 473 */ 474 enum SSL_OP_LEGACY_SERVER_CONNECT = 0x00000004L; 475 476 /** 477 * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added 478 * in OpenSSL 0.9.6d. Usually (depending on the application protocol) 479 * the workaround is not needed. 480 * Unfortunately some broken SSL/TLS implementations cannot handle it 481 * at all, which is why it was previously included in SSL_OP_ALL. 482 * Now it's not. 483 */ 484 enum SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 0x00000800L; 485 486 /** 487 * DTLS options 488 */ 489 enum SSL_OP_NO_QUERY_MTU = 0x00001000L; 490 491 /** 492 * Turn on Cookie Exchange (on relevant for servers) 493 */ 494 enum SSL_OP_COOKIE_EXCHANGE = 0x00002000L; 495 496 /** 497 * Don't use RFC4507 ticket extension 498 */ 499 enum SSL_OP_NO_TICKET = 0x00004000L; 500 501 /** 502 * As server, disallow session resumption on renegotiation 503 */ 504 enum SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 0x00010000L; 505 506 /** 507 * Disallow client initiated renegotiation. 508 */ 509 enum SSL_OP_NO_CLIENT_RENEGOTIATION = 0x00020000L; 510 511 /** 512 * If set, always create a new key when using tmp_dh parameters 513 */ 514 enum SSL_OP_SINGLE_DH_USE = 0x00100000L; 515 516 /** 517 * Set on servers to choose the cipher according to the server's 518 * preferences 519 */ 520 enum SSL_OP_CIPHER_SERVER_PREFERENCE = 0x00400000L; 521 522 enum SSL_OP_NO_TLSv1 = 0x04000000L; 523 enum SSL_OP_NO_TLSv1_2 = 0x08000000L; 524 enum SSL_OP_NO_TLSv1_1 = 0x10000000L; 525 526 static if ((libressl_d.openssl.opensslfeatures.LIBRESSL_HAS_TLS1_3) || (libressl_d.openssl.opensslfeatures.LIBRESSL_INTERNAL)) { 527 enum SSL_OP_NO_TLSv1_3 = 0x20000000L; 528 } 529 530 enum SSL_OP_NO_DTLSv1 = 0x40000000L; 531 enum SSL_OP_NO_DTLSv1_2 = 0x80000000L; 532 533 /** 534 * SSL_OP_ALL: various bug workarounds that should be rather harmless. 535 */ 536 enum SSL_OP_ALL = .SSL_OP_LEGACY_SERVER_CONNECT; 537 538 /* Obsolete flags kept for compatibility. No sane code should use them. */ 539 enum SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION = 0x00; 540 enum SSL_OP_CISCO_ANYCONNECT = 0x00; 541 enum SSL_OP_CRYPTOPRO_TLSEXT_BUG = 0x00; 542 enum SSL_OP_EPHEMERAL_RSA = 0x00; 543 enum SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 0x00; 544 enum SSL_OP_MICROSOFT_SESS_ID_BUG = 0x00; 545 enum SSL_OP_MSIE_SSLV2_RSA_PADDING = 0x00; 546 enum SSL_OP_NETSCAPE_CA_DN_BUG = 0x00; 547 enum SSL_OP_NETSCAPE_CHALLENGE_BUG = 0x00; 548 enum SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 0x00; 549 enum SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 0x00; 550 enum SSL_OP_NO_COMPRESSION = 0x00; 551 enum SSL_OP_NO_SSLv2 = 0x00; 552 enum SSL_OP_NO_SSLv3 = 0x00; 553 enum SSL_OP_PKCS1_CHECK_1 = 0x00; 554 enum SSL_OP_PKCS1_CHECK_2 = 0x00; 555 enum SSL_OP_SAFARI_ECDHE_ECDSA_BUG = 0x00; 556 enum SSL_OP_SINGLE_ECDH_USE = 0x00; 557 enum SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 0x00; 558 enum SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 0x00; 559 enum SSL_OP_TLSEXT_PADDING = 0x00; 560 enum SSL_OP_TLS_BLOCK_PADDING_BUG = 0x00; 561 enum SSL_OP_TLS_D5_BUG = 0x00; 562 enum SSL_OP_TLS_ROLLBACK_BUG = 0x00; 563 564 /** 565 * Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success 566 * when just a single record has been written): 567 */ 568 enum SSL_MODE_ENABLE_PARTIAL_WRITE = 0x00000001L; 569 570 /** 571 * Make it possible to retry SSL_write() with changed buffer location 572 * (buffer contents must stay the same!); this is not the default to avoid 573 * the misconception that non-blocking SSL_write() behaves like 574 * non-blocking write(): 575 */ 576 enum SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = 0x00000002L; 577 578 /** 579 * Never bother the application with retries if the transport 580 * is blocking: 581 */ 582 enum SSL_MODE_AUTO_RETRY = 0x00000004L; 583 584 /** 585 * Don't attempt to automatically build certificate chain 586 */ 587 enum SSL_MODE_NO_AUTO_CHAIN = 0x00000008L; 588 589 /** 590 * Save RAM by releasing read and write buffers when they're empty. (SSL3 and 591 * TLS only.) "Released" buffers are put onto a free-list in the context 592 * or just freed (depending on the context's setting for freelist_max_len). 593 */ 594 enum SSL_MODE_RELEASE_BUFFERS = 0x00000010L; 595 596 /* 597 * Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, 598 * they cannot be used to clear bits. 599 */ 600 601 pragma(inline, true) 602 core.stdc.config.c_long SSL_CTX_set_options(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, core.stdc.config.c_long op) 603 604 do 605 { 606 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_OPTIONS, op, null); 607 } 608 609 pragma(inline, true) 610 core.stdc.config.c_long SSL_CTX_clear_options(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, core.stdc.config.c_long op) 611 612 do 613 { 614 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_CLEAR_OPTIONS, op, null); 615 } 616 617 pragma(inline, true) 618 core.stdc.config.c_long SSL_CTX_get_options(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 619 620 do 621 { 622 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_OPTIONS, 0, null); 623 } 624 625 pragma(inline, true) 626 core.stdc.config.c_long SSL_set_options(libressl_d.openssl.ossl_typ.SSL* ssl, core.stdc.config.c_long op) 627 628 do 629 { 630 return .SSL_ctrl(ssl, .SSL_CTRL_OPTIONS, op, null); 631 } 632 633 pragma(inline, true) 634 core.stdc.config.c_long SSL_clear_options(libressl_d.openssl.ossl_typ.SSL* ssl, core.stdc.config.c_long op) 635 636 do 637 { 638 return .SSL_ctrl(ssl, .SSL_CTRL_CLEAR_OPTIONS, op, null); 639 } 640 641 pragma(inline, true) 642 core.stdc.config.c_long SSL_get_options(libressl_d.openssl.ossl_typ.SSL* ssl) 643 644 do 645 { 646 return .SSL_ctrl(ssl, .SSL_CTRL_OPTIONS, 0, null); 647 } 648 649 pragma(inline, true) 650 core.stdc.config.c_long SSL_CTX_set_mode(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, core.stdc.config.c_long op) 651 652 do 653 { 654 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_MODE, op, null); 655 } 656 657 pragma(inline, true) 658 core.stdc.config.c_long SSL_CTX_clear_mode(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, core.stdc.config.c_long op) 659 660 do 661 { 662 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_CLEAR_MODE, op, null); 663 } 664 665 pragma(inline, true) 666 core.stdc.config.c_long SSL_CTX_get_mode(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 667 668 do 669 { 670 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_MODE, 0, null); 671 } 672 673 pragma(inline, true) 674 core.stdc.config.c_long SSL_clear_mode(libressl_d.openssl.ossl_typ.SSL* ssl, core.stdc.config.c_long op) 675 676 do 677 { 678 return .SSL_ctrl(ssl, .SSL_CTRL_CLEAR_MODE, op, null); 679 } 680 681 pragma(inline, true) 682 core.stdc.config.c_long SSL_set_mode(libressl_d.openssl.ossl_typ.SSL* ssl, core.stdc.config.c_long op) 683 684 do 685 { 686 return .SSL_ctrl(ssl, .SSL_CTRL_MODE, op, null); 687 } 688 689 pragma(inline, true) 690 core.stdc.config.c_long SSL_get_mode(libressl_d.openssl.ossl_typ.SSL* ssl) 691 692 do 693 { 694 return .SSL_ctrl(ssl, .SSL_CTRL_MODE, 0, null); 695 } 696 697 pragma(inline, true) 698 core.stdc.config.c_long SSL_set_mtu(libressl_d.openssl.ossl_typ.SSL* ssl, core.stdc.config.c_long mtu) 699 700 do 701 { 702 return .SSL_ctrl(ssl, .SSL_CTRL_SET_MTU, mtu, null); 703 } 704 705 pragma(inline, true) 706 core.stdc.config.c_long SSL_get_secure_renegotiation_support(libressl_d.openssl.ossl_typ.SSL* ssl) 707 708 do 709 { 710 return .SSL_ctrl(ssl, .SSL_CTRL_GET_RI_SUPPORT, 0, null); 711 } 712 713 void SSL_CTX_set_msg_callback(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, void function(int write_p, int version_, int content_type, const (void)* buf, size_t len, libressl_d.openssl.ossl_typ.SSL* ssl, void* arg) cb); 714 void SSL_set_msg_callback(libressl_d.openssl.ossl_typ.SSL* ssl, void function(int write_p, int version_, int content_type, const (void)* buf, size_t len, libressl_d.openssl.ossl_typ.SSL* ssl, void* arg) cb); 715 716 pragma(inline, true) 717 core.stdc.config.c_long SSL_CTX_set_msg_callback_arg(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, void* arg) 718 719 do 720 { 721 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, arg); 722 } 723 724 pragma(inline, true) 725 core.stdc.config.c_long SSL_set_msg_callback_arg(libressl_d.openssl.ossl_typ.SSL* ssl, void* arg) 726 727 do 728 { 729 return .SSL_ctrl(ssl, .SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, arg); 730 } 731 732 version (LIBRESSL_INTERNAL) { 733 } else { 734 struct ssl_aead_ctx_st; 735 alias SSL_AEAD_CTX = .ssl_aead_ctx_st; 736 } 737 738 /** 739 * 100k max cert list :-\) 740 */ 741 enum SSL_MAX_CERT_LIST_DEFAULT = 1024 * 100; 742 743 enum SSL_SESSION_CACHE_MAX_SIZE_DEFAULT = 1024 * 20; 744 745 /** 746 * This callback type is used inside SSL_CTX, SSL, and in the functions that set 747 * them. It is used to override the generation of SSL/TLS session IDs in a 748 * server. Return value should be zero on an error, non-zero to proceed. Also, 749 * callbacks should themselves check if the id they generate is unique otherwise 750 * the SSL handshake will fail with an error - callbacks can do this using the 751 * 'ssl' value they're passed by; 752 * SSL_has_matching_session_id(ssl, id, *id_len) 753 * The length value passed in is set at the maximum size the session ID can be. 754 * In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback 755 * can alter this length to be less if desired, but under SSLv2 session IDs are 756 * supposed to be fixed at 16 bytes so the id will be padded after the callback 757 * returns in this case. It is also an error for the callback to set the size to 758 * zero. 759 */ 760 alias GEN_SESSION_CB = extern (C) nothrow @nogc int function(const (libressl_d.openssl.ossl_typ.SSL)* ssl, ubyte* id, uint* id_len); 761 762 alias SSL_COMP = .ssl_comp_st; 763 764 version (LIBRESSL_INTERNAL) { 765 struct ssl_comp_st 766 { 767 int id; 768 const (char)* name; 769 } 770 771 //DECLARE_STACK_OF(SSL_COMP) 772 struct stack_st_SSL_COMP 773 { 774 libressl_d.openssl.stack._STACK stack; 775 } 776 777 struct lhash_st_SSL_SESSION 778 { 779 int dummy; 780 } 781 782 struct ssl_ctx_internal_st; 783 784 struct ssl_ctx_st 785 { 786 const (.SSL_METHOD)* method; 787 788 .stack_st_SSL_CIPHER* cipher_list; 789 790 libressl_d.openssl.x509_vfy.x509_store_st /* X509_STORE */* cert_store; 791 792 /* 793 * If timeout is not 0, it is the default timeout value set 794 * when SSL_new() is called. This has been put in to make 795 * life easier to set things up 796 */ 797 core.stdc.config.c_long session_timeout; 798 799 int references; 800 801 /* Default values to use in SSL structures follow (these are copied by SSL_new) */ 802 803 libressl_d.openssl.x509.stack_st_X509* extra_certs; 804 805 int verify_mode; 806 uint sid_ctx_length; 807 ubyte[.SSL_MAX_SID_CTX_LENGTH] sid_ctx; 808 809 libressl_d.openssl.x509_vfy.X509_VERIFY_PARAM* param; 810 811 /* 812 * XXX 813 * default_passwd_cb used by python and openvpn, need to keep it until we 814 * add an accessor 815 */ 816 /* Default password callback. */ 817 libressl_d.openssl.pem.pem_password_cb* default_passwd_callback; 818 819 /* Default password callback user data. */ 820 void* default_passwd_callback_userdata; 821 822 .ssl_ctx_internal_st* internal; 823 } 824 } else { 825 struct ssl_comp_st; 826 struct lhash_st_SSL_SESSION; 827 struct ssl_ctx_st; 828 } 829 830 enum SSL_SESS_CACHE_OFF = 0x0000; 831 enum SSL_SESS_CACHE_CLIENT = 0x0001; 832 enum SSL_SESS_CACHE_SERVER = 0x0002; 833 enum SSL_SESS_CACHE_BOTH = .SSL_SESS_CACHE_CLIENT | .SSL_SESS_CACHE_SERVER; 834 enum SSL_SESS_CACHE_NO_AUTO_CLEAR = 0x0080; 835 /* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */ 836 enum SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 0x0100; 837 enum SSL_SESS_CACHE_NO_INTERNAL_STORE = 0x0200; 838 enum SSL_SESS_CACHE_NO_INTERNAL = .SSL_SESS_CACHE_NO_INTERNAL_LOOKUP | .SSL_SESS_CACHE_NO_INTERNAL_STORE; 839 840 .lhash_st_SSL_SESSION* SSL_CTX_sessions(libressl_d.openssl.ossl_typ.SSL_CTX* ctx); 841 842 pragma(inline, true) 843 core.stdc.config.c_long SSL_CTX_sess_number(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 844 845 do 846 { 847 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SESS_NUMBER, 0, null); 848 } 849 850 pragma(inline, true) 851 core.stdc.config.c_long SSL_CTX_sess_connect(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 852 853 do 854 { 855 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SESS_CONNECT, 0, null); 856 } 857 858 pragma(inline, true) 859 core.stdc.config.c_long SSL_CTX_sess_connect_good(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 860 861 do 862 { 863 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SESS_CONNECT_GOOD, 0, null); 864 } 865 866 pragma(inline, true) 867 core.stdc.config.c_long SSL_CTX_sess_connect_renegotiate(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 868 869 do 870 { 871 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SESS_CONNECT_RENEGOTIATE, 0, null); 872 } 873 874 pragma(inline, true) 875 core.stdc.config.c_long SSL_CTX_sess_accept(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 876 877 do 878 { 879 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SESS_ACCEPT, 0, null); 880 } 881 882 pragma(inline, true) 883 core.stdc.config.c_long SSL_CTX_sess_accept_renegotiate(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 884 885 do 886 { 887 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SESS_ACCEPT_RENEGOTIATE, 0, null); 888 } 889 890 pragma(inline, true) 891 core.stdc.config.c_long SSL_CTX_sess_accept_good(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 892 893 do 894 { 895 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SESS_ACCEPT_GOOD, 0, null); 896 } 897 898 pragma(inline, true) 899 core.stdc.config.c_long SSL_CTX_sess_hits(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 900 901 do 902 { 903 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SESS_HIT, 0, null); 904 } 905 906 pragma(inline, true) 907 core.stdc.config.c_long SSL_CTX_sess_cb_hits(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 908 909 do 910 { 911 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SESS_CB_HIT, 0, null); 912 } 913 914 pragma(inline, true) 915 core.stdc.config.c_long SSL_CTX_sess_misses(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 916 917 do 918 { 919 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SESS_MISSES, 0, null); 920 } 921 922 pragma(inline, true) 923 core.stdc.config.c_long SSL_CTX_sess_timeouts(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 924 925 do 926 { 927 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SESS_TIMEOUTS, 0, null); 928 } 929 930 pragma(inline, true) 931 core.stdc.config.c_long SSL_CTX_sess_cache_full(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 932 933 do 934 { 935 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SESS_CACHE_FULL, 0, null); 936 } 937 938 void SSL_CTX_sess_set_new_cb(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, int function(.ssl_st* ssl, .SSL_SESSION* sess) new_session_cb); 939 //int (*SSL_CTX_sess_get_new_cb(libressl_d.openssl.ossl_typ.SSL_CTX* ctx))(.ssl_st* ssl, .SSL_SESSION* sess); 940 void SSL_CTX_sess_set_remove_cb(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, void function(.ssl_ctx_st* ctx, .SSL_SESSION* sess) remove_session_cb); 941 //void (*SSL_CTX_sess_get_remove_cb(libressl_d.openssl.ossl_typ.SSL_CTX* ctx))(.ssl_ctx_st* ctx, .SSL_SESSION* sess); 942 void SSL_CTX_sess_set_get_cb(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, .SSL_SESSION* function(.ssl_st* ssl, const (ubyte)* data, int len, int* copy) get_session_cb); 943 //.SSL_SESSION* (*SSL_CTX_sess_get_get_cb(libressl_d.openssl.ossl_typ.SSL_CTX* ctx))(.ssl_st* ssl, const (ubyte)* data, int len, int* copy); 944 void SSL_CTX_set_info_callback(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, void function(const (libressl_d.openssl.ossl_typ.SSL)* ssl, int type, int val) cb); 945 //void (*SSL_CTX_get_info_callback(libressl_d.openssl.ossl_typ.SSL_CTX* ctx))(const (libressl_d.openssl.ossl_typ.SSL)* ssl, int type, int val); 946 void SSL_CTX_set_client_cert_cb(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, int function(libressl_d.openssl.ossl_typ.SSL* ssl, libressl_d.openssl.ossl_typ.X509** x509, libressl_d.openssl.ossl_typ.EVP_PKEY** pkey) client_cert_cb); 947 //int (*SSL_CTX_get_client_cert_cb(libressl_d.openssl.ossl_typ.SSL_CTX* ctx))(libressl_d.openssl.ossl_typ.SSL* ssl, libressl_d.openssl.ossl_typ.X509** x509, libressl_d.openssl.ossl_typ.EVP_PKEY** pkey); 948 949 version (OPENSSL_NO_ENGINE) { 950 } else { 951 int SSL_CTX_set_client_cert_engine(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, libressl_d.openssl.ossl_typ.ENGINE* e); 952 } 953 954 void SSL_CTX_set_cookie_generate_cb(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, int function(libressl_d.openssl.ossl_typ.SSL* ssl, ubyte* cookie, uint* cookie_len) app_gen_cookie_cb); 955 void SSL_CTX_set_cookie_verify_cb(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, int function(libressl_d.openssl.ossl_typ.SSL* ssl, const (ubyte)* cookie, uint cookie_len) app_verify_cookie_cb); 956 void SSL_CTX_set_next_protos_advertised_cb(libressl_d.openssl.ossl_typ.SSL_CTX* s, int function(libressl_d.openssl.ossl_typ.SSL* ssl, const (ubyte)** out_, uint* outlen, void* arg) cb, void* arg); 957 void SSL_CTX_set_next_proto_select_cb(libressl_d.openssl.ossl_typ.SSL_CTX* s, int function(libressl_d.openssl.ossl_typ.SSL* ssl, ubyte** out_, ubyte* outlen, const (ubyte)* in_, uint inlen, void* arg) cb, void* arg); 958 959 int SSL_select_next_proto(ubyte** out_, ubyte* outlen, const (ubyte)* in_, uint inlen, const (ubyte)* client, uint client_len); 960 void SSL_get0_next_proto_negotiated(const (libressl_d.openssl.ossl_typ.SSL)* s, const (ubyte)** data, uint* len); 961 962 enum OPENSSL_NPN_UNSUPPORTED = 0; 963 enum OPENSSL_NPN_NEGOTIATED = 1; 964 enum OPENSSL_NPN_NO_OVERLAP = 2; 965 966 int SSL_CTX_set_alpn_protos(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, const (ubyte)* protos, uint protos_len); 967 int SSL_set_alpn_protos(libressl_d.openssl.ossl_typ.SSL* ssl, const (ubyte)* protos, uint protos_len); 968 void SSL_CTX_set_alpn_select_cb(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, int function(libressl_d.openssl.ossl_typ.SSL* ssl, const (ubyte)** out_, ubyte* outlen, const (ubyte)* in_, uint inlen, void* arg) cb, void* arg); 969 void SSL_get0_alpn_selected(const (libressl_d.openssl.ossl_typ.SSL)* ssl, const (ubyte)** data, uint* len); 970 971 static if ((libressl_d.openssl.opensslfeatures.LIBRESSL_HAS_TLS1_3) || (libressl_d.openssl.opensslfeatures.LIBRESSL_INTERNAL)) { 972 alias SSL_psk_use_session_cb_func = extern (C) nothrow @nogc int function(libressl_d.openssl.ossl_typ.SSL* ssl, const (libressl_d.openssl.ossl_typ.EVP_MD)* md, const (ubyte)** id, size_t* idlen, .SSL_SESSION** sess); 973 void SSL_set_psk_use_session_callback(libressl_d.openssl.ossl_typ.SSL* s, .SSL_psk_use_session_cb_func cb); 974 } 975 976 enum SSL_NOTHING = 1; 977 enum SSL_WRITING = 2; 978 enum SSL_READING = 3; 979 enum SSL_X509_LOOKUP = 4; 980 981 /* These will only be used when doing non-blocking IO */ 982 pragma(inline, true) 983 bool SSL_want_nothing(const (libressl_d.openssl.ossl_typ.SSL)* s) 984 985 do 986 { 987 return .SSL_want(s) == .SSL_NOTHING; 988 } 989 990 pragma(inline, true) 991 bool SSL_want_read(const (libressl_d.openssl.ossl_typ.SSL)* s) 992 993 do 994 { 995 return .SSL_want(s) == .SSL_READING; 996 } 997 998 pragma(inline, true) 999 bool SSL_want_write(const (libressl_d.openssl.ossl_typ.SSL)* s) 1000 1001 do 1002 { 1003 return .SSL_want(s) == .SSL_WRITING; 1004 } 1005 1006 pragma(inline, true) 1007 bool SSL_want_x509_lookup(const (libressl_d.openssl.ossl_typ.SSL)* s) 1008 1009 do 1010 { 1011 return .SSL_want(s) == .SSL_X509_LOOKUP; 1012 } 1013 1014 enum SSL_MAC_FLAG_READ_MAC_STREAM = 1; 1015 enum SSL_MAC_FLAG_WRITE_MAC_STREAM = 2; 1016 1017 version (LIBRESSL_INTERNAL) { 1018 struct ssl_internal_st; 1019 struct cert_st; 1020 struct dtls1_state_st; 1021 struct ssl3_state_st; 1022 1023 struct ssl_st 1024 { 1025 /** 1026 * protocol version 1027 * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION, DTLS1_VERSION) 1028 */ 1029 int version_; 1030 1031 /** 1032 * SSLv3 1033 */ 1034 const (.SSL_METHOD)* method; 1035 1036 /* 1037 * There are 2 BIO's even though they are normally both the 1038 * same. This is so data can be read and written to different 1039 * handlers 1040 */ 1041 1042 /** 1043 * used by SSL_read 1044 */ 1045 libressl_d.openssl.bio.BIO* rbio; 1046 1047 /** 1048 * used by SSL_write 1049 */ 1050 libressl_d.openssl.bio.BIO* wbio; 1051 1052 /** 1053 * used during session-id reuse to concatenate 1054 * messages 1055 */ 1056 libressl_d.openssl.bio.BIO* bbio; 1057 1058 /** 1059 * are we the server side? - mostly used by SSL_clear 1060 */ 1061 int server; 1062 1063 /** 1064 * SSLv3 variables 1065 */ 1066 .ssl3_state_st* s3; 1067 1068 /** 1069 * DTLSv1 variables 1070 */ 1071 .dtls1_state_st* d1; 1072 1073 libressl_d.openssl.x509_vfy.X509_VERIFY_PARAM* param; 1074 1075 /** 1076 * crypto 1077 */ 1078 .stack_st_SSL_CIPHER* cipher_list; 1079 1080 /** 1081 * This is used to hold the server certificate used 1082 */ 1083 .cert_st /* CERT */* cert; 1084 1085 /* 1086 * the session_id_context is used to ensure sessions are only reused 1087 * in the appropriate context 1088 */ 1089 uint sid_ctx_length; 1090 ubyte[.SSL_MAX_SID_CTX_LENGTH] sid_ctx; 1091 1092 /* This can also be in the session once a session is established */ 1093 .SSL_SESSION* session; 1094 1095 /* Used in SSL2 and SSL3 */ 1096 1097 /** 1098 * 0 don't care about verify failure. 1099 * 1 fail if verify fails 1100 */ 1101 int verify_mode; 1102 1103 /** 1104 * error bytes to be written 1105 */ 1106 int error; 1107 1108 /** 1109 * actual code 1110 */ 1111 int error_code; 1112 1113 libressl_d.openssl.ossl_typ.SSL_CTX* ctx; 1114 1115 core.stdc.config.c_long verify_result; 1116 1117 int references; 1118 1119 /** 1120 * what was passed, used for 1121 * SSLv3/TLS rollback check 1122 */ 1123 int client_version; 1124 1125 uint max_send_fragment; 1126 1127 char* tlsext_hostname; 1128 1129 /* certificate status request info */ 1130 /** 1131 * Status type or -1 if no status type 1132 */ 1133 int tlsext_status_type; 1134 1135 /** 1136 * initial ctx, used to store sessions 1137 */ 1138 libressl_d.openssl.ossl_typ.SSL_CTX* initial_ctx; 1139 1140 alias session_ctx = initial_ctx; 1141 1142 /* 1143 * XXX really should be internal, but is 1144 * touched unnaturally by wpa-supplicant 1145 * and freeradius and other perversions 1146 */ 1147 1148 /** 1149 * cryptographic state 1150 */ 1151 libressl_d.openssl.ossl_typ.EVP_CIPHER_CTX* enc_read_ctx; 1152 1153 /** 1154 * used for mac generation 1155 */ 1156 libressl_d.openssl.ossl_typ.EVP_MD_CTX* read_hash; 1157 1158 .ssl_internal_st* internal; 1159 } 1160 } else { 1161 struct ssl_st; 1162 } 1163 1164 /* compatibility */ 1165 1166 pragma(inline, true) 1167 int SSL_set_app_data(libressl_d.openssl.ossl_typ.SSL* s, char* arg) 1168 1169 do 1170 { 1171 return .SSL_set_ex_data(s, 0, arg); 1172 } 1173 1174 pragma(inline, true) 1175 void* SSL_get_app_data(const (libressl_d.openssl.ossl_typ.SSL)* s) 1176 1177 do 1178 { 1179 return .SSL_get_ex_data(s, 0); 1180 } 1181 1182 pragma(inline, true) 1183 int SSL_SESSION_set_app_data(.SSL_SESSION* s, char* a) 1184 1185 do 1186 { 1187 return .SSL_SESSION_set_ex_data(s, 0, a); 1188 } 1189 1190 pragma(inline, true) 1191 void* SSL_SESSION_get_app_data(const (.SSL_SESSION)* s) 1192 1193 do 1194 { 1195 return .SSL_SESSION_get_ex_data(s, 0); 1196 } 1197 1198 pragma(inline, true) 1199 void* SSL_CTX_get_app_data(const (libressl_d.openssl.ossl_typ.SSL_CTX)* ctx) 1200 1201 do 1202 { 1203 return .SSL_CTX_get_ex_data(ctx, 0); 1204 } 1205 1206 pragma(inline, true) 1207 int SSL_CTX_set_app_data(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, char* arg) 1208 1209 do 1210 { 1211 return .SSL_CTX_set_ex_data(ctx, 0, arg); 1212 } 1213 1214 /* 1215 * The following are the possible values for ssl.state are are 1216 * used to indicate where we are up to in the SSL connection establishment. 1217 * The macros that follow are about the only things you should need to use 1218 * and even then, only when using non-blocking IO. 1219 * It can also be useful to work out where you were when the connection 1220 * failed 1221 */ 1222 1223 enum SSL_ST_CONNECT = 0x1000; 1224 enum SSL_ST_ACCEPT = 0x2000; 1225 enum SSL_ST_MASK = 0x0FFF; 1226 enum SSL_ST_INIT = .SSL_ST_CONNECT | .SSL_ST_ACCEPT; 1227 enum SSL_ST_BEFORE = 0x4000; 1228 enum SSL_ST_OK = 0x03; 1229 enum SSL_ST_RENEGOTIATE = 0x04 | .SSL_ST_INIT; 1230 1231 enum SSL_CB_LOOP = 0x01; 1232 enum SSL_CB_EXIT = 0x02; 1233 enum SSL_CB_READ = 0x04; 1234 enum SSL_CB_WRITE = 0x08; 1235 1236 /** 1237 * used in callback 1238 */ 1239 enum SSL_CB_ALERT = 0x4000; 1240 1241 enum SSL_CB_READ_ALERT = .SSL_CB_ALERT | .SSL_CB_READ; 1242 enum SSL_CB_WRITE_ALERT = .SSL_CB_ALERT | .SSL_CB_WRITE; 1243 enum SSL_CB_ACCEPT_LOOP = .SSL_ST_ACCEPT | .SSL_CB_LOOP; 1244 enum SSL_CB_ACCEPT_EXIT = .SSL_ST_ACCEPT | .SSL_CB_EXIT; 1245 enum SSL_CB_CONNECT_LOOP = .SSL_ST_CONNECT | .SSL_CB_LOOP; 1246 enum SSL_CB_CONNECT_EXIT = .SSL_ST_CONNECT | .SSL_CB_EXIT; 1247 enum SSL_CB_HANDSHAKE_START = 0x10; 1248 enum SSL_CB_HANDSHAKE_DONE = 0x20; 1249 1250 /* Is the SSL_connection established? */ 1251 alias SSL_get_state = .SSL_state; 1252 1253 pragma(inline, true) 1254 bool SSL_is_init_finished(const (libressl_d.openssl.ossl_typ.SSL)* a) 1255 1256 do 1257 { 1258 return .SSL_state(a) == .SSL_ST_OK; 1259 } 1260 1261 pragma(inline, true) 1262 int SSL_in_init(const (libressl_d.openssl.ossl_typ.SSL)* a) 1263 1264 do 1265 { 1266 return .SSL_state(a) & .SSL_ST_INIT; 1267 } 1268 1269 pragma(inline, true) 1270 int SSL_in_before(const (libressl_d.openssl.ossl_typ.SSL)* a) 1271 1272 do 1273 { 1274 return .SSL_state(a) & .SSL_ST_BEFORE; 1275 } 1276 1277 pragma(inline, true) 1278 int SSL_in_connect_init(const (libressl_d.openssl.ossl_typ.SSL)* a) 1279 1280 do 1281 { 1282 return .SSL_state(a) & .SSL_ST_CONNECT; 1283 } 1284 1285 pragma(inline, true) 1286 int SSL_in_accept_init(const (libressl_d.openssl.ossl_typ.SSL)* a) 1287 1288 do 1289 { 1290 return .SSL_state(a) & .SSL_ST_ACCEPT; 1291 } 1292 1293 /* 1294 * The following 2 states are kept in ssl.rstate when reads fail, 1295 * you should not need these 1296 */ 1297 enum SSL_ST_READ_HEADER = 0xF0; 1298 enum SSL_ST_READ_BODY = 0xF1; 1299 enum SSL_ST_READ_DONE = 0xF2; 1300 1301 /* 1302 * Obtain latest Finished message 1303 * -- that we sent (SSL_get_finished) 1304 * -- that we expected from peer (SSL_get_peer_finished). 1305 * Returns length (0 == no Finished so far), copies up to 'count' bytes. 1306 */ 1307 size_t SSL_get_finished(const (libressl_d.openssl.ossl_typ.SSL)* s, void* buf, size_t count); 1308 size_t SSL_get_peer_finished(const (libressl_d.openssl.ossl_typ.SSL)* s, void* buf, size_t count); 1309 1310 /* 1311 * use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options 1312 * are 'ored' with SSL_VERIFY_PEER if they are desired 1313 */ 1314 enum SSL_VERIFY_NONE = 0x00; 1315 enum SSL_VERIFY_PEER = 0x01; 1316 enum SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 0x02; 1317 enum SSL_VERIFY_CLIENT_ONCE = 0x04; 1318 1319 static if ((libressl_d.openssl.opensslfeatures.LIBRESSL_HAS_TLS1_3) || (libressl_d.openssl.opensslfeatures.LIBRESSL_INTERNAL)) { 1320 enum SSL_VERIFY_POST_HANDSHAKE = 0x08; 1321 1322 int SSL_verify_client_post_handshake(libressl_d.openssl.ossl_typ.SSL* s); 1323 void SSL_CTX_set_post_handshake_auth(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, int val); 1324 void SSL_set_post_handshake_auth(libressl_d.openssl.ossl_typ.SSL* s, int val); 1325 } 1326 1327 alias OpenSSL_add_ssl_algorithms = .SSL_library_init; 1328 alias SSLeay_add_ssl_algorithms = .SSL_library_init; 1329 1330 /* More backward compatibility */ 1331 pragma(inline, true) 1332 const (char)* SSL_get_cipher(const (libressl_d.openssl.ossl_typ.SSL)* s) 1333 1334 do 1335 { 1336 return .SSL_CIPHER_get_name(.SSL_get_current_cipher(s)); 1337 } 1338 1339 pragma(inline, true) 1340 int SSL_get_cipher_bits(const (libressl_d.openssl.ossl_typ.SSL)* s, int* np) 1341 1342 do 1343 { 1344 return .SSL_CIPHER_get_bits(.SSL_get_current_cipher(s), np); 1345 } 1346 1347 pragma(inline, true) 1348 const (char)* SSL_get_cipher_version(const (libressl_d.openssl.ossl_typ.SSL)* s) 1349 1350 do 1351 { 1352 return .SSL_CIPHER_get_version(.SSL_get_current_cipher(s)); 1353 } 1354 1355 pragma(inline, true) 1356 const (char)* SSL_get_cipher_name(const (libressl_d.openssl.ossl_typ.SSL)* s) 1357 1358 do 1359 { 1360 return .SSL_CIPHER_get_name(.SSL_get_current_cipher(s)); 1361 } 1362 1363 alias SSL_get_time = .SSL_SESSION_get_time; 1364 alias SSL_set_time = .SSL_SESSION_set_time; 1365 alias SSL_get_timeout = .SSL_SESSION_get_timeout; 1366 alias SSL_set_timeout = .SSL_SESSION_set_timeout; 1367 1368 //#define d2i_SSL_SESSION_bio(bp, s_id) libressl_d.openssl.asn1.ASN1_d2i_bio_of(.SSL_SESSION, .SSL_SESSION_new, .d2i_SSL_SESSION, bp, s_id) 1369 //#define i2d_SSL_SESSION_bio(bp, s_id) libressl_d.openssl.asn1.ASN1_i2d_bio_of(.SSL_SESSION, .i2d_SSL_SESSION, bp, s_id) 1370 1371 .SSL_SESSION* PEM_read_bio_SSL_SESSION(libressl_d.openssl.bio.BIO* bp, .SSL_SESSION** x, libressl_d.openssl.pem.pem_password_cb* cb, void* u); 1372 .SSL_SESSION* PEM_read_SSL_SESSION(libressl_d.compat.stdio.FILE* fp, .SSL_SESSION** x, libressl_d.openssl.pem.pem_password_cb* cb, void* u); 1373 int PEM_write_bio_SSL_SESSION(libressl_d.openssl.bio.BIO* bp, .SSL_SESSION* x); 1374 int PEM_write_SSL_SESSION(libressl_d.compat.stdio.FILE* fp, .SSL_SESSION* x); 1375 1376 /* 1377 * TLS Alerts. 1378 * 1379 * https://www.iana.org/assignments/tls-parameters/#tls-parameters-6 1380 */ 1381 1382 /* Obsolete alerts. */ 1383 version (LIBRESSL_INTERNAL) { 1384 } else { 1385 /* Removed in TLSv1.1 */ 1386 enum SSL_AD_DECRYPTION_FAILED = 21; 1387 1388 /* Removed in TLSv1.0 */ 1389 enum SSL_AD_NO_CERTIFICATE = 41; 1390 1391 /* Removed in TLSv1.1 */ 1392 enum SSL_AD_EXPORT_RESTRICTION = 60; 1393 } 1394 1395 enum SSL_AD_CLOSE_NOTIFY = 0; 1396 enum SSL_AD_UNEXPECTED_MESSAGE = 10; 1397 enum SSL_AD_BAD_RECORD_MAC = 20; 1398 enum SSL_AD_RECORD_OVERFLOW = 22; 1399 1400 /* Removed in TLSv1.3 */ 1401 enum SSL_AD_DECOMPRESSION_FAILURE = 30; 1402 1403 enum SSL_AD_HANDSHAKE_FAILURE = 40; 1404 enum SSL_AD_BAD_CERTIFICATE = 42; 1405 enum SSL_AD_UNSUPPORTED_CERTIFICATE = 43; 1406 enum SSL_AD_CERTIFICATE_REVOKED = 44; 1407 enum SSL_AD_CERTIFICATE_EXPIRED = 45; 1408 enum SSL_AD_CERTIFICATE_UNKNOWN = 46; 1409 enum SSL_AD_ILLEGAL_PARAMETER = 47; 1410 enum SSL_AD_UNKNOWN_CA = 48; 1411 enum SSL_AD_ACCESS_DENIED = 49; 1412 enum SSL_AD_DECODE_ERROR = 50; 1413 enum SSL_AD_DECRYPT_ERROR = 51; 1414 enum SSL_AD_PROTOCOL_VERSION = 70; 1415 enum SSL_AD_INSUFFICIENT_SECURITY = 71; 1416 enum SSL_AD_INTERNAL_ERROR = 80; 1417 enum SSL_AD_INAPPROPRIATE_FALLBACK = 86; 1418 enum SSL_AD_USER_CANCELLED = 90; 1419 1420 /* Removed in TLSv1.3 */ 1421 enum SSL_AD_NO_RENEGOTIATION = 100; 1422 1423 /* Added in TLSv1.3. */ 1424 enum SSL_AD_MISSING_EXTENSION = 109; 1425 1426 enum SSL_AD_UNSUPPORTED_EXTENSION = 110; 1427 1428 /* Removed in TLSv1.3 */ 1429 enum SSL_AD_CERTIFICATE_UNOBTAINABLE = 111; 1430 1431 enum SSL_AD_UNRECOGNIZED_NAME = 112; 1432 enum SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE = 113; 1433 1434 /* Removed in TLSv1.3 */ 1435 enum SSL_AD_BAD_CERTIFICATE_HASH_VALUE = 114; 1436 1437 enum SSL_AD_UNKNOWN_PSK_IDENTITY = 115; 1438 enum SSL_AD_CERTIFICATE_REQUIRED = 116; 1439 enum SSL_AD_NO_APPLICATION_PROTOCOL = 120; 1440 1441 /* Offset to get an SSL_R_... value from an SSL_AD_... value. */ 1442 enum SSL_AD_REASON_OFFSET = 1000; 1443 1444 enum SSL_ERROR_NONE = 0; 1445 enum SSL_ERROR_SSL = 1; 1446 enum SSL_ERROR_WANT_READ = 2; 1447 enum SSL_ERROR_WANT_WRITE = 3; 1448 enum SSL_ERROR_WANT_X509_LOOKUP = 4; 1449 1450 /** 1451 * look at error stack/return value/errno 1452 */ 1453 enum SSL_ERROR_SYSCALL = 5; 1454 1455 enum SSL_ERROR_ZERO_RETURN = 6; 1456 enum SSL_ERROR_WANT_CONNECT = 7; 1457 enum SSL_ERROR_WANT_ACCEPT = 8; 1458 1459 enum SSL_CTRL_NEED_TMP_RSA = 1; 1460 enum SSL_CTRL_SET_TMP_RSA = 2; 1461 enum SSL_CTRL_SET_TMP_DH = 3; 1462 enum SSL_CTRL_SET_TMP_ECDH = 4; 1463 enum SSL_CTRL_SET_TMP_RSA_CB = 5; 1464 enum SSL_CTRL_SET_TMP_DH_CB = 6; 1465 enum SSL_CTRL_SET_TMP_ECDH_CB = 7; 1466 1467 enum SSL_CTRL_GET_SESSION_REUSED = 8; 1468 enum SSL_CTRL_GET_CLIENT_CERT_REQUEST = 9; 1469 enum SSL_CTRL_GET_NUM_RENEGOTIATIONS = 10; 1470 enum SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS = 11; 1471 enum SSL_CTRL_GET_TOTAL_RENEGOTIATIONS = 12; 1472 enum SSL_CTRL_GET_FLAGS = 13; 1473 enum SSL_CTRL_EXTRA_CHAIN_CERT = 14; 1474 1475 enum SSL_CTRL_SET_MSG_CALLBACK = 15; 1476 enum SSL_CTRL_SET_MSG_CALLBACK_ARG = 16; 1477 1478 /* only applies to datagram connections */ 1479 enum SSL_CTRL_SET_MTU = 17; 1480 /* Stats */ 1481 enum SSL_CTRL_SESS_NUMBER = 20; 1482 enum SSL_CTRL_SESS_CONNECT = 21; 1483 enum SSL_CTRL_SESS_CONNECT_GOOD = 22; 1484 enum SSL_CTRL_SESS_CONNECT_RENEGOTIATE = 23; 1485 enum SSL_CTRL_SESS_ACCEPT = 24; 1486 enum SSL_CTRL_SESS_ACCEPT_GOOD = 25; 1487 enum SSL_CTRL_SESS_ACCEPT_RENEGOTIATE = 26; 1488 enum SSL_CTRL_SESS_HIT = 27; 1489 enum SSL_CTRL_SESS_CB_HIT = 28; 1490 enum SSL_CTRL_SESS_MISSES = 29; 1491 enum SSL_CTRL_SESS_TIMEOUTS = 30; 1492 enum SSL_CTRL_SESS_CACHE_FULL = 31; 1493 enum SSL_CTRL_OPTIONS = 32; 1494 enum SSL_CTRL_MODE = 33; 1495 1496 enum SSL_CTRL_GET_READ_AHEAD = 40; 1497 enum SSL_CTRL_SET_READ_AHEAD = 41; 1498 enum SSL_CTRL_SET_SESS_CACHE_SIZE = 42; 1499 enum SSL_CTRL_GET_SESS_CACHE_SIZE = 43; 1500 enum SSL_CTRL_SET_SESS_CACHE_MODE = 44; 1501 enum SSL_CTRL_GET_SESS_CACHE_MODE = 45; 1502 1503 enum SSL_CTRL_GET_MAX_CERT_LIST = 50; 1504 enum SSL_CTRL_SET_MAX_CERT_LIST = 51; 1505 1506 enum SSL_CTRL_SET_MAX_SEND_FRAGMENT = 52; 1507 1508 /* see tls1.h for macros based on these */ 1509 enum SSL_CTRL_SET_TLSEXT_SERVERNAME_CB = 53; 1510 enum SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG = 54; 1511 enum SSL_CTRL_SET_TLSEXT_HOSTNAME = 55; 1512 enum SSL_CTRL_SET_TLSEXT_DEBUG_CB = 56; 1513 enum SSL_CTRL_SET_TLSEXT_DEBUG_ARG = 57; 1514 enum SSL_CTRL_GET_TLSEXT_TICKET_KEYS = 58; 1515 enum SSL_CTRL_SET_TLSEXT_TICKET_KEYS = 59; 1516 enum SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB = 128; 1517 enum SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB = 63; 1518 enum SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG = 129; 1519 enum SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG = 64; 1520 enum SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE = 127; 1521 enum SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE = 65; 1522 enum SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS = 66; 1523 enum SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS = 67; 1524 enum SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS = 68; 1525 enum SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS = 69; 1526 enum SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP = 70; 1527 enum SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP = 71; 1528 1529 enum SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB = 72; 1530 1531 enum SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB = 75; 1532 enum SSL_CTRL_SET_SRP_VERIFY_PARAM_CB = 76; 1533 enum SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB = 77; 1534 1535 enum SSL_CTRL_SET_SRP_ARG = 78; 1536 enum SSL_CTRL_SET_TLS_EXT_SRP_USERNAME = 79; 1537 enum SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH = 80; 1538 enum SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD = 81; 1539 1540 enum DTLS_CTRL_GET_TIMEOUT = 73; 1541 enum DTLS_CTRL_HANDLE_TIMEOUT = 74; 1542 enum DTLS_CTRL_LISTEN = 75; 1543 1544 enum SSL_CTRL_GET_RI_SUPPORT = 76; 1545 enum SSL_CTRL_CLEAR_OPTIONS = 77; 1546 enum SSL_CTRL_CLEAR_MODE = 78; 1547 1548 enum SSL_CTRL_GET_EXTRA_CHAIN_CERTS = 82; 1549 enum SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS = 83; 1550 1551 enum SSL_CTRL_CHAIN = 88; 1552 enum SSL_CTRL_CHAIN_CERT = 89; 1553 1554 enum SSL_CTRL_SET_GROUPS = 91; 1555 enum SSL_CTRL_SET_GROUPS_LIST = 92; 1556 1557 enum SSL_CTRL_SET_ECDH_AUTO = 94; 1558 1559 static if ((libressl_d.openssl.opensslfeatures.LIBRESSL_HAS_TLS1_3) || (libressl_d.openssl.opensslfeatures.LIBRESSL_INTERNAL)) { 1560 enum SSL_CTRL_GET_PEER_SIGNATURE_NID = 108; 1561 enum SSL_CTRL_GET_PEER_TMP_KEY = 109; 1562 enum SSL_CTRL_GET_SERVER_TMP_KEY = .SSL_CTRL_GET_PEER_TMP_KEY; 1563 } else { 1564 enum SSL_CTRL_GET_SERVER_TMP_KEY = 109; 1565 } 1566 1567 enum SSL_CTRL_GET_CHAIN_CERTS = 115; 1568 1569 enum SSL_CTRL_SET_DH_AUTO = 118; 1570 1571 enum SSL_CTRL_SET_MIN_PROTO_VERSION = 123; 1572 enum SSL_CTRL_SET_MAX_PROTO_VERSION = 124; 1573 enum SSL_CTRL_GET_MIN_PROTO_VERSION = 130; 1574 enum SSL_CTRL_GET_MAX_PROTO_VERSION = 131; 1575 1576 static if ((libressl_d.openssl.opensslfeatures.LIBRESSL_HAS_TLS1_3) || (libressl_d.openssl.opensslfeatures.LIBRESSL_INTERNAL)) { 1577 enum SSL_CTRL_GET_SIGNATURE_NID = 132; 1578 } 1579 1580 pragma(inline, true) 1581 core.stdc.config.c_long DTLSv1_get_timeout(libressl_d.openssl.ossl_typ.SSL* ssl, void* arg) 1582 1583 do 1584 { 1585 return .SSL_ctrl(ssl, .DTLS_CTRL_GET_TIMEOUT, 0, arg); 1586 } 1587 1588 pragma(inline, true) 1589 core.stdc.config.c_long DTLSv1_handle_timeout(libressl_d.openssl.ossl_typ.SSL* ssl) 1590 1591 do 1592 { 1593 return .SSL_ctrl(ssl, .DTLS_CTRL_HANDLE_TIMEOUT, 0, null); 1594 } 1595 1596 pragma(inline, true) 1597 core.stdc.config.c_long DTLSv1_listen(libressl_d.openssl.ossl_typ.SSL* ssl, void* peer) 1598 1599 do 1600 { 1601 return .SSL_ctrl(ssl, .DTLS_CTRL_LISTEN, 0, peer); 1602 } 1603 1604 pragma(inline, true) 1605 core.stdc.config.c_long SSL_session_reused(libressl_d.openssl.ossl_typ.SSL* ssl) 1606 1607 do 1608 { 1609 return .SSL_ctrl(ssl, .SSL_CTRL_GET_SESSION_REUSED, 0, null); 1610 } 1611 1612 pragma(inline, true) 1613 core.stdc.config.c_long SSL_num_renegotiations(libressl_d.openssl.ossl_typ.SSL* ssl) 1614 1615 do 1616 { 1617 return .SSL_ctrl(ssl, .SSL_CTRL_GET_NUM_RENEGOTIATIONS, 0, null); 1618 } 1619 1620 pragma(inline, true) 1621 core.stdc.config.c_long SSL_clear_num_renegotiations(libressl_d.openssl.ossl_typ.SSL* ssl) 1622 1623 do 1624 { 1625 return .SSL_ctrl(ssl, .SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS, 0, null); 1626 } 1627 1628 pragma(inline, true) 1629 core.stdc.config.c_long SSL_total_renegotiations(libressl_d.openssl.ossl_typ.SSL* ssl) 1630 1631 do 1632 { 1633 return .SSL_ctrl(ssl, .SSL_CTRL_GET_TOTAL_RENEGOTIATIONS, 0, null); 1634 } 1635 1636 pragma(inline, true) 1637 core.stdc.config.c_long SSL_CTX_need_tmp_RSA(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 1638 1639 do 1640 { 1641 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_NEED_TMP_RSA, 0, null); 1642 } 1643 1644 pragma(inline, true) 1645 core.stdc.config.c_long SSL_CTX_set_tmp_rsa(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, char* rsa) 1646 1647 do 1648 { 1649 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SET_TMP_RSA, 0, rsa); 1650 } 1651 1652 pragma(inline, true) 1653 core.stdc.config.c_long SSL_CTX_set_tmp_dh(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, char* dh) 1654 1655 do 1656 { 1657 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SET_TMP_DH, 0, dh); 1658 } 1659 1660 pragma(inline, true) 1661 core.stdc.config.c_long SSL_CTX_set_tmp_ecdh(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, char* ecdh) 1662 1663 do 1664 { 1665 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SET_TMP_ECDH, 0, ecdh); 1666 } 1667 1668 pragma(inline, true) 1669 core.stdc.config.c_long SSL_CTX_set_dh_auto(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, core.stdc.config.c_long onoff) 1670 1671 do 1672 { 1673 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SET_DH_AUTO, onoff, null); 1674 } 1675 1676 pragma(inline, true) 1677 core.stdc.config.c_long SSL_CTX_set_ecdh_auto(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, core.stdc.config.c_long onoff) 1678 1679 do 1680 { 1681 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SET_ECDH_AUTO, onoff, null); 1682 } 1683 1684 pragma(inline, true) 1685 core.stdc.config.c_long SSL_need_tmp_RSA(libressl_d.openssl.ossl_typ.SSL* ssl) 1686 1687 do 1688 { 1689 return .SSL_ctrl(ssl, .SSL_CTRL_NEED_TMP_RSA, 0, null); 1690 } 1691 1692 pragma(inline, true) 1693 core.stdc.config.c_long SSL_set_tmp_rsa(libressl_d.openssl.ossl_typ.SSL* ssl, char* rsa) 1694 1695 do 1696 { 1697 return .SSL_ctrl(ssl, .SSL_CTRL_SET_TMP_RSA, 0, rsa); 1698 } 1699 1700 pragma(inline, true) 1701 core.stdc.config.c_long SSL_set_tmp_dh(libressl_d.openssl.ossl_typ.SSL* ssl, char* dh) 1702 1703 do 1704 { 1705 return .SSL_ctrl(ssl, .SSL_CTRL_SET_TMP_DH, 0, dh); 1706 } 1707 1708 pragma(inline, true) 1709 core.stdc.config.c_long SSL_set_tmp_ecdh(libressl_d.openssl.ossl_typ.SSL* ssl, char* ecdh) 1710 1711 do 1712 { 1713 return .SSL_ctrl(ssl, .SSL_CTRL_SET_TMP_ECDH, 0, ecdh); 1714 } 1715 1716 pragma(inline, true) 1717 core.stdc.config.c_long SSL_set_dh_auto(libressl_d.openssl.ossl_typ.SSL* s, core.stdc.config.c_long onoff) 1718 1719 do 1720 { 1721 return .SSL_ctrl(s, .SSL_CTRL_SET_DH_AUTO, onoff, null); 1722 } 1723 1724 pragma(inline, true) 1725 core.stdc.config.c_long SSL_set_ecdh_auto(libressl_d.openssl.ossl_typ.SSL* s, core.stdc.config.c_long onoff) 1726 1727 do 1728 { 1729 return .SSL_ctrl(s, .SSL_CTRL_SET_ECDH_AUTO, onoff, null); 1730 } 1731 1732 int SSL_CTX_set0_chain(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, libressl_d.openssl.x509.stack_st_X509* chain); 1733 int SSL_CTX_set1_chain(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, libressl_d.openssl.x509.stack_st_X509* chain); 1734 int SSL_CTX_add0_chain_cert(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, libressl_d.openssl.ossl_typ.X509* x509); 1735 int SSL_CTX_add1_chain_cert(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, libressl_d.openssl.ossl_typ.X509* x509); 1736 int SSL_CTX_get0_chain_certs(const (libressl_d.openssl.ossl_typ.SSL_CTX)* ctx, libressl_d.openssl.x509.stack_st_X509** out_chain); 1737 int SSL_CTX_clear_chain_certs(libressl_d.openssl.ossl_typ.SSL_CTX* ctx); 1738 1739 int SSL_set0_chain(libressl_d.openssl.ossl_typ.SSL* ssl, libressl_d.openssl.x509.stack_st_X509* chain); 1740 int SSL_set1_chain(libressl_d.openssl.ossl_typ.SSL* ssl, libressl_d.openssl.x509.stack_st_X509* chain); 1741 int SSL_add0_chain_cert(libressl_d.openssl.ossl_typ.SSL* ssl, libressl_d.openssl.ossl_typ.X509* x509); 1742 int SSL_add1_chain_cert(libressl_d.openssl.ossl_typ.SSL* ssl, libressl_d.openssl.ossl_typ.X509* x509); 1743 int SSL_get0_chain_certs(const (libressl_d.openssl.ossl_typ.SSL)* ssl, libressl_d.openssl.x509.stack_st_X509** out_chain); 1744 int SSL_clear_chain_certs(libressl_d.openssl.ossl_typ.SSL* ssl); 1745 1746 int SSL_CTX_set1_groups(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, const (int)* groups, size_t groups_len); 1747 int SSL_CTX_set1_groups_list(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, const (char)* groups); 1748 1749 int SSL_set1_groups(libressl_d.openssl.ossl_typ.SSL* ssl, const (int)* groups, size_t groups_len); 1750 int SSL_set1_groups_list(libressl_d.openssl.ossl_typ.SSL* ssl, const (char)* groups); 1751 1752 int SSL_CTX_get_min_proto_version(libressl_d.openssl.ossl_typ.SSL_CTX* ctx); 1753 int SSL_CTX_get_max_proto_version(libressl_d.openssl.ossl_typ.SSL_CTX* ctx); 1754 int SSL_CTX_set_min_proto_version(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, core.stdc.stdint.uint16_t version_); 1755 int SSL_CTX_set_max_proto_version(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, core.stdc.stdint.uint16_t version_); 1756 1757 int SSL_get_min_proto_version(libressl_d.openssl.ossl_typ.SSL* ssl); 1758 int SSL_get_max_proto_version(libressl_d.openssl.ossl_typ.SSL* ssl); 1759 int SSL_set_min_proto_version(libressl_d.openssl.ossl_typ.SSL* ssl, core.stdc.stdint.uint16_t version_); 1760 int SSL_set_max_proto_version(libressl_d.openssl.ossl_typ.SSL* ssl, core.stdc.stdint.uint16_t version_); 1761 1762 const (.SSL_METHOD)* SSL_CTX_get_ssl_method(const (libressl_d.openssl.ossl_typ.SSL_CTX)* ctx); 1763 1764 version (LIBRESSL_INTERNAL) { 1765 } else { 1766 enum SSL_CTRL_SET_CURVES = .SSL_CTRL_SET_GROUPS; 1767 enum SSL_CTRL_SET_CURVES_LIST = .SSL_CTRL_SET_GROUPS_LIST; 1768 1769 alias SSL_CTX_set1_curves = .SSL_CTX_set1_groups; 1770 alias SSL_CTX_set1_curves_list = .SSL_CTX_set1_groups_list; 1771 alias SSL_set1_curves = .SSL_set1_groups; 1772 alias SSL_set1_curves_list = .SSL_set1_groups_list; 1773 } 1774 1775 pragma(inline, true) 1776 core.stdc.config.c_long SSL_CTX_add_extra_chain_cert(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, char* x509) 1777 1778 do 1779 { 1780 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509); 1781 } 1782 1783 pragma(inline, true) 1784 core.stdc.config.c_long SSL_CTX_get_extra_chain_certs(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, void* px509) 1785 1786 do 1787 { 1788 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, px509); 1789 } 1790 1791 pragma(inline, true) 1792 core.stdc.config.c_long SSL_CTX_get_extra_chain_certs_only(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, void* px509) 1793 1794 do 1795 { 1796 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 1, px509); 1797 } 1798 1799 pragma(inline, true) 1800 core.stdc.config.c_long SSL_CTX_clear_extra_chain_certs(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 1801 1802 do 1803 { 1804 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS, 0, null); 1805 } 1806 1807 pragma(inline, true) 1808 core.stdc.config.c_long SSL_get_server_tmp_key(libressl_d.openssl.ossl_typ.SSL* s, void* pk) 1809 1810 do 1811 { 1812 return .SSL_ctrl(s, .SSL_CTRL_GET_SERVER_TMP_KEY, 0, pk); 1813 } 1814 1815 static if ((libressl_d.openssl.opensslfeatures.LIBRESSL_HAS_TLS1_3) || (libressl_d.openssl.opensslfeatures.LIBRESSL_INTERNAL)) { 1816 pragma(inline, true) 1817 core.stdc.config.c_long SSL_get_signature_nid(libressl_d.openssl.ossl_typ.SSL* s, void* pn) 1818 1819 do 1820 { 1821 return .SSL_ctrl(s, .SSL_CTRL_GET_SIGNATURE_NID, 0, pn); 1822 } 1823 1824 pragma(inline, true) 1825 core.stdc.config.c_long SSL_get_peer_signature_nid(libressl_d.openssl.ossl_typ.SSL* s, void* pn) 1826 1827 do 1828 { 1829 return .SSL_ctrl(s, .SSL_CTRL_GET_PEER_SIGNATURE_NID, 0, pn); 1830 } 1831 1832 pragma(inline, true) 1833 core.stdc.config.c_long SSL_get_peer_tmp_key(libressl_d.openssl.ossl_typ.SSL* s, void* pk) 1834 1835 do 1836 { 1837 return .SSL_ctrl(s, .SSL_CTRL_GET_PEER_TMP_KEY, 0, pk); 1838 } 1839 1840 int SSL_get_signature_type_nid(const (libressl_d.openssl.ossl_typ.SSL)* ssl, int* nid); 1841 int SSL_get_peer_signature_type_nid(const (libressl_d.openssl.ossl_typ.SSL)* ssl, int* nid); 1842 } 1843 1844 version (LIBRESSL_INTERNAL) { 1845 } else { 1846 /* 1847 * Also provide those functions as macros for compatibility with 1848 * existing users. 1849 */ 1850 alias SSL_CTX_set0_chain = .SSL_CTX_set0_chain; 1851 alias SSL_CTX_set1_chain = .SSL_CTX_set1_chain; 1852 alias SSL_CTX_add0_chain_cert = .SSL_CTX_add0_chain_cert; 1853 alias SSL_CTX_add1_chain_cert = .SSL_CTX_add1_chain_cert; 1854 alias SSL_CTX_get0_chain_certs = .SSL_CTX_get0_chain_certs; 1855 alias SSL_CTX_clear_chain_certs = .SSL_CTX_clear_chain_certs; 1856 1857 alias SSL_add0_chain_cert = .SSL_add0_chain_cert; 1858 alias SSL_add1_chain_cert = .SSL_add1_chain_cert; 1859 alias SSL_set0_chain = .SSL_set0_chain; 1860 alias SSL_set1_chain = .SSL_set1_chain; 1861 alias SSL_get0_chain_certs = .SSL_get0_chain_certs; 1862 alias SSL_clear_chain_certs = .SSL_clear_chain_certs; 1863 1864 alias SSL_CTX_set1_groups = .SSL_CTX_set1_groups; 1865 alias SSL_CTX_set1_groups_list = .SSL_CTX_set1_groups_list; 1866 alias SSL_set1_groups = .SSL_set1_groups; 1867 alias SSL_set1_groups_list = .SSL_set1_groups_list; 1868 1869 alias SSL_CTX_get_min_proto_version = .SSL_CTX_get_min_proto_version; 1870 alias SSL_CTX_get_max_proto_version = .SSL_CTX_get_max_proto_version; 1871 alias SSL_CTX_set_min_proto_version = .SSL_CTX_set_min_proto_version; 1872 alias SSL_CTX_set_max_proto_version = .SSL_CTX_set_max_proto_version; 1873 1874 alias SSL_get_min_proto_version = .SSL_get_min_proto_version; 1875 alias SSL_get_max_proto_version = .SSL_get_max_proto_version; 1876 alias SSL_set_min_proto_version = .SSL_set_min_proto_version; 1877 alias SSL_set_max_proto_version = .SSL_set_max_proto_version; 1878 } 1879 1880 const (libressl_d.openssl.bio.BIO_METHOD)* BIO_f_ssl(); 1881 libressl_d.openssl.bio.BIO* BIO_new_ssl(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, int client); 1882 libressl_d.openssl.bio.BIO* BIO_new_ssl_connect(libressl_d.openssl.ossl_typ.SSL_CTX* ctx); 1883 libressl_d.openssl.bio.BIO* BIO_new_buffer_ssl_connect(libressl_d.openssl.ossl_typ.SSL_CTX* ctx); 1884 int BIO_ssl_copy_session_id(libressl_d.openssl.bio.BIO* to, libressl_d.openssl.bio.BIO* from); 1885 void BIO_ssl_shutdown(libressl_d.openssl.bio.BIO* ssl_bio); 1886 1887 .stack_st_SSL_CIPHER* SSL_CTX_get_ciphers(const (libressl_d.openssl.ossl_typ.SSL_CTX)* ctx); 1888 int SSL_CTX_set_cipher_list(libressl_d.openssl.ossl_typ.SSL_CTX*, const (char)* str); 1889 1890 static if ((libressl_d.openssl.opensslfeatures.LIBRESSL_HAS_TLS1_3) || (libressl_d.openssl.opensslfeatures.LIBRESSL_INTERNAL)) { 1891 int SSL_CTX_set_ciphersuites(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, const (char)* str); 1892 } 1893 1894 libressl_d.openssl.ossl_typ.SSL_CTX* SSL_CTX_new(const (.SSL_METHOD)* meth); 1895 void SSL_CTX_free(libressl_d.openssl.ossl_typ.SSL_CTX*); 1896 int SSL_CTX_up_ref(libressl_d.openssl.ossl_typ.SSL_CTX* ctx); 1897 core.stdc.config.c_long SSL_CTX_set_timeout(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, core.stdc.config.c_long t); 1898 core.stdc.config.c_long SSL_CTX_get_timeout(const (libressl_d.openssl.ossl_typ.SSL_CTX)* ctx); 1899 libressl_d.openssl.ossl_typ.X509_STORE* SSL_CTX_get_cert_store(const (libressl_d.openssl.ossl_typ.SSL_CTX)*); 1900 void SSL_CTX_set_cert_store(libressl_d.openssl.ossl_typ.SSL_CTX*, libressl_d.openssl.ossl_typ.X509_STORE*); 1901 libressl_d.openssl.ossl_typ.X509* SSL_CTX_get0_certificate(const (libressl_d.openssl.ossl_typ.SSL_CTX)* ctx); 1902 libressl_d.openssl.ossl_typ.EVP_PKEY* SSL_CTX_get0_privatekey(const (libressl_d.openssl.ossl_typ.SSL_CTX)* ctx); 1903 int SSL_want(const (libressl_d.openssl.ossl_typ.SSL)* s); 1904 int SSL_clear(libressl_d.openssl.ossl_typ.SSL* s); 1905 1906 void SSL_CTX_flush_sessions(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, core.stdc.config.c_long tm); 1907 1908 const (.SSL_CIPHER)* SSL_get_current_cipher(const (libressl_d.openssl.ossl_typ.SSL)* s); 1909 const (.SSL_CIPHER)* SSL_CIPHER_get_by_id(uint id); 1910 const (.SSL_CIPHER)* SSL_CIPHER_get_by_value(core.stdc.stdint.uint16_t value); 1911 int SSL_CIPHER_get_bits(const (.SSL_CIPHER)* c, int* alg_bits); 1912 const (char)* SSL_CIPHER_get_version(const (.SSL_CIPHER)* c); 1913 const (char)* SSL_CIPHER_get_name(const (.SSL_CIPHER)* c); 1914 core.stdc.config.c_ulong SSL_CIPHER_get_id(const (.SSL_CIPHER)* c); 1915 core.stdc.stdint.uint16_t SSL_CIPHER_get_value(const (.SSL_CIPHER)* c); 1916 const (.SSL_CIPHER)* SSL_CIPHER_find(libressl_d.openssl.ossl_typ.SSL* ssl, const (ubyte)* ptr); 1917 int SSL_CIPHER_get_cipher_nid(const (.SSL_CIPHER)* c); 1918 int SSL_CIPHER_get_digest_nid(const (.SSL_CIPHER)* c); 1919 int SSL_CIPHER_get_kx_nid(const (.SSL_CIPHER)* c); 1920 int SSL_CIPHER_get_auth_nid(const (.SSL_CIPHER)* c); 1921 int SSL_CIPHER_is_aead(const (.SSL_CIPHER)* c); 1922 1923 int SSL_get_fd(const (libressl_d.openssl.ossl_typ.SSL)* s); 1924 int SSL_get_rfd(const (libressl_d.openssl.ossl_typ.SSL)* s); 1925 int SSL_get_wfd(const (libressl_d.openssl.ossl_typ.SSL)* s); 1926 const (char)* SSL_get_cipher_list(const (libressl_d.openssl.ossl_typ.SSL)* s, int n); 1927 char* SSL_get_shared_ciphers(const (libressl_d.openssl.ossl_typ.SSL)* s, char* buf, int len); 1928 int SSL_get_read_ahead(const (libressl_d.openssl.ossl_typ.SSL)* s); 1929 int SSL_pending(const (libressl_d.openssl.ossl_typ.SSL)* s); 1930 int SSL_set_fd(libressl_d.openssl.ossl_typ.SSL* s, int fd); 1931 int SSL_set_rfd(libressl_d.openssl.ossl_typ.SSL* s, int fd); 1932 int SSL_set_wfd(libressl_d.openssl.ossl_typ.SSL* s, int fd); 1933 void SSL_set_bio(libressl_d.openssl.ossl_typ.SSL* s, libressl_d.openssl.bio.BIO* rbio, libressl_d.openssl.bio.BIO* wbio); 1934 libressl_d.openssl.bio.BIO* SSL_get_rbio(const (libressl_d.openssl.ossl_typ.SSL)* s); 1935 void SSL_set0_rbio(libressl_d.openssl.ossl_typ.SSL* s, libressl_d.openssl.bio.BIO* rbio); 1936 libressl_d.openssl.bio.BIO* SSL_get_wbio(const (libressl_d.openssl.ossl_typ.SSL)* s); 1937 int SSL_set_cipher_list(libressl_d.openssl.ossl_typ.SSL* s, const (char)* str); 1938 1939 static if ((libressl_d.openssl.opensslfeatures.LIBRESSL_HAS_TLS1_3) || (libressl_d.openssl.opensslfeatures.LIBRESSL_INTERNAL)) { 1940 int SSL_set_ciphersuites(libressl_d.openssl.ossl_typ.SSL* s, const (char)* str); 1941 } 1942 1943 void SSL_set_read_ahead(libressl_d.openssl.ossl_typ.SSL* s, int yes); 1944 int SSL_get_verify_mode(const (libressl_d.openssl.ossl_typ.SSL)* s); 1945 int SSL_get_verify_depth(const (libressl_d.openssl.ossl_typ.SSL)* s); 1946 //int (*SSL_get_verify_callback(const (libressl_d.openssl.ossl_typ.SSL)* s))(int, libressl_d.openssl.ossl_typ.X509_STORE_CTX*); 1947 void SSL_set_verify(libressl_d.openssl.ossl_typ.SSL* s, int mode, int function(int ok, libressl_d.openssl.ossl_typ.X509_STORE_CTX* ctx) callback); 1948 void SSL_set_verify_depth(libressl_d.openssl.ossl_typ.SSL* s, int depth); 1949 int SSL_use_RSAPrivateKey(libressl_d.openssl.ossl_typ.SSL* ssl, libressl_d.openssl.ossl_typ.RSA* rsa); 1950 int SSL_use_RSAPrivateKey_ASN1(libressl_d.openssl.ossl_typ.SSL* ssl, const (ubyte)* d, core.stdc.config.c_long len); 1951 int SSL_use_PrivateKey(libressl_d.openssl.ossl_typ.SSL* ssl, libressl_d.openssl.ossl_typ.EVP_PKEY* pkey); 1952 int SSL_use_PrivateKey_ASN1(int pk, libressl_d.openssl.ossl_typ.SSL* ssl, const (ubyte)* d, core.stdc.config.c_long len); 1953 int SSL_use_certificate(libressl_d.openssl.ossl_typ.SSL* ssl, libressl_d.openssl.ossl_typ.X509* x); 1954 int SSL_use_certificate_ASN1(libressl_d.openssl.ossl_typ.SSL* ssl, const (ubyte)* d, int len); 1955 1956 int SSL_use_RSAPrivateKey_file(libressl_d.openssl.ossl_typ.SSL* ssl, const (char)* file, int type); 1957 int SSL_use_PrivateKey_file(libressl_d.openssl.ossl_typ.SSL* ssl, const (char)* file, int type); 1958 int SSL_use_certificate_file(libressl_d.openssl.ossl_typ.SSL* ssl, const (char)* file, int type); 1959 int SSL_use_certificate_chain_file(libressl_d.openssl.ossl_typ.SSL* ssl, const (char)* file); 1960 int SSL_CTX_use_RSAPrivateKey_file(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, const (char)* file, int type); 1961 int SSL_CTX_use_PrivateKey_file(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, const (char)* file, int type); 1962 int SSL_CTX_use_certificate_file(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, const (char)* file, int type); 1963 1964 /** 1965 * PEM type 1966 */ 1967 int SSL_CTX_use_certificate_chain_file(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, const (char)* file); 1968 1969 int SSL_CTX_use_certificate_chain_mem(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, void* buf, int len); 1970 libressl_d.openssl.x509.stack_st_X509_NAME* SSL_load_client_CA_file(const (char)* file); 1971 int SSL_add_file_cert_subjects_to_stack(libressl_d.openssl.x509.stack_st_X509_NAME* stackCAs, const (char)* file); 1972 int SSL_add_dir_cert_subjects_to_stack(libressl_d.openssl.x509.stack_st_X509_NAME* stackCAs, const (char)* dir); 1973 1974 void SSL_load_error_strings(); 1975 const (char)* SSL_state_string(const (libressl_d.openssl.ossl_typ.SSL)* s); 1976 const (char)* SSL_rstate_string(const (libressl_d.openssl.ossl_typ.SSL)* s); 1977 const (char)* SSL_state_string_long(const (libressl_d.openssl.ossl_typ.SSL)* s); 1978 const (char)* SSL_rstate_string_long(const (libressl_d.openssl.ossl_typ.SSL)* s); 1979 const (.SSL_CIPHER)* SSL_SESSION_get0_cipher(const (.SSL_SESSION)* ss); 1980 size_t SSL_SESSION_get_master_key(const (.SSL_SESSION)* ss, ubyte* out_, size_t max_out); 1981 int SSL_SESSION_get_protocol_version(const (.SSL_SESSION)* s); 1982 core.stdc.config.c_long SSL_SESSION_get_time(const (.SSL_SESSION)* s); 1983 core.stdc.config.c_long SSL_SESSION_set_time(.SSL_SESSION* s, core.stdc.config.c_long t); 1984 core.stdc.config.c_long SSL_SESSION_get_timeout(const (.SSL_SESSION)* s); 1985 core.stdc.config.c_long SSL_SESSION_set_timeout(.SSL_SESSION* s, core.stdc.config.c_long t); 1986 int SSL_copy_session_id(libressl_d.openssl.ossl_typ.SSL* to, const (libressl_d.openssl.ossl_typ.SSL)* from); 1987 libressl_d.openssl.ossl_typ.X509* SSL_SESSION_get0_peer(.SSL_SESSION* s); 1988 int SSL_SESSION_set1_id(.SSL_SESSION* s, const (ubyte)* sid, uint sid_len); 1989 int SSL_SESSION_set1_id_context(.SSL_SESSION* s, const (ubyte)* sid_ctx, uint sid_ctx_len); 1990 1991 static if ((libressl_d.openssl.opensslfeatures.LIBRESSL_HAS_TLS1_3) || (libressl_d.openssl.opensslfeatures.LIBRESSL_INTERNAL)) { 1992 int SSL_SESSION_is_resumable(const (.SSL_SESSION)* s); 1993 } 1994 1995 .SSL_SESSION* SSL_SESSION_new(); 1996 void SSL_SESSION_free(.SSL_SESSION* ses); 1997 int SSL_SESSION_up_ref(.SSL_SESSION* ss); 1998 const (ubyte)* SSL_SESSION_get_id(const (.SSL_SESSION)* ss, uint* len); 1999 const (ubyte)* SSL_SESSION_get0_id_context(const (.SSL_SESSION)* ss, uint* len); 2000 2001 static if ((libressl_d.openssl.opensslfeatures.LIBRESSL_HAS_TLS1_3) || (libressl_d.openssl.opensslfeatures.LIBRESSL_INTERNAL)) { 2002 core.stdc.stdint.uint32_t SSL_SESSION_get_max_early_data(const (.SSL_SESSION)* sess); 2003 int SSL_SESSION_set_max_early_data(.SSL_SESSION* sess, core.stdc.stdint.uint32_t max_early_data); 2004 } 2005 2006 core.stdc.config.c_ulong SSL_SESSION_get_ticket_lifetime_hint(const (.SSL_SESSION)* s); 2007 int SSL_SESSION_has_ticket(const (.SSL_SESSION)* s); 2008 uint SSL_SESSION_get_compress_id(const (.SSL_SESSION)* ss); 2009 int SSL_SESSION_print_fp(libressl_d.compat.stdio.FILE* fp, const (.SSL_SESSION)* ses); 2010 int SSL_SESSION_print(libressl_d.openssl.bio.BIO* fp, const (.SSL_SESSION)* ses); 2011 int i2d_SSL_SESSION(.SSL_SESSION* in_, ubyte** pp); 2012 int SSL_set_session(libressl_d.openssl.ossl_typ.SSL* to, .SSL_SESSION* session); 2013 int SSL_CTX_add_session(libressl_d.openssl.ossl_typ.SSL_CTX* s, .SSL_SESSION* c); 2014 int SSL_CTX_remove_session(libressl_d.openssl.ossl_typ.SSL_CTX*, .SSL_SESSION* c); 2015 int SSL_CTX_set_generate_session_id(libressl_d.openssl.ossl_typ.SSL_CTX*, .GEN_SESSION_CB); 2016 int SSL_set_generate_session_id(libressl_d.openssl.ossl_typ.SSL*, .GEN_SESSION_CB); 2017 int SSL_has_matching_session_id(const (libressl_d.openssl.ossl_typ.SSL)* ssl, const (ubyte)* id, uint id_len); 2018 .SSL_SESSION* d2i_SSL_SESSION(.SSL_SESSION** a, const (ubyte)** pp, core.stdc.config.c_long length_); 2019 2020 static assert(libressl_d.openssl.x509.HEADER_X509_H); 2021 libressl_d.openssl.ossl_typ.X509* SSL_get_peer_certificate(const (libressl_d.openssl.ossl_typ.SSL)* s); 2022 2023 libressl_d.openssl.x509.stack_st_X509* SSL_get_peer_cert_chain(const (libressl_d.openssl.ossl_typ.SSL)* s); 2024 2025 int SSL_CTX_get_verify_mode(const (libressl_d.openssl.ossl_typ.SSL_CTX)* ctx); 2026 int SSL_CTX_get_verify_depth(const (libressl_d.openssl.ossl_typ.SSL_CTX)* ctx); 2027 //int (*SSL_CTX_get_verify_callback(const (libressl_d.openssl.ossl_typ.SSL_CTX)* ctx))(int, libressl_d.openssl.ossl_typ.X509_STORE_CTX*); 2028 void SSL_CTX_set_verify(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, int mode, int function(int, libressl_d.openssl.ossl_typ.X509_STORE_CTX*) callback); 2029 void SSL_CTX_set_verify_depth(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, int depth); 2030 void SSL_CTX_set_cert_verify_callback(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, int function(libressl_d.openssl.ossl_typ.X509_STORE_CTX*, void*) cb, void* arg); 2031 int SSL_CTX_use_RSAPrivateKey(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, libressl_d.openssl.ossl_typ.RSA* rsa); 2032 int SSL_CTX_use_RSAPrivateKey_ASN1(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, const (ubyte)* d, core.stdc.config.c_long len); 2033 int SSL_CTX_use_PrivateKey(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, libressl_d.openssl.ossl_typ.EVP_PKEY* pkey); 2034 int SSL_CTX_use_PrivateKey_ASN1(int pk, libressl_d.openssl.ossl_typ.SSL_CTX* ctx, const (ubyte)* d, core.stdc.config.c_long len); 2035 int SSL_CTX_use_certificate(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, libressl_d.openssl.ossl_typ.X509* x); 2036 int SSL_CTX_use_certificate_ASN1(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, int len, const (ubyte)* d); 2037 2038 libressl_d.openssl.pem.pem_password_cb* SSL_CTX_get_default_passwd_cb(libressl_d.openssl.ossl_typ.SSL_CTX* ctx); 2039 void SSL_CTX_set_default_passwd_cb(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, libressl_d.openssl.pem.pem_password_cb* cb); 2040 void* SSL_CTX_get_default_passwd_cb_userdata(libressl_d.openssl.ossl_typ.SSL_CTX* ctx); 2041 void SSL_CTX_set_default_passwd_cb_userdata(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, void* u); 2042 2043 int SSL_CTX_check_private_key(const (libressl_d.openssl.ossl_typ.SSL_CTX)* ctx); 2044 int SSL_check_private_key(const (libressl_d.openssl.ossl_typ.SSL)* ctx); 2045 2046 int SSL_CTX_set_session_id_context(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, const (ubyte)* sid_ctx, uint sid_ctx_len); 2047 2048 int SSL_set_session_id_context(libressl_d.openssl.ossl_typ.SSL* ssl, const (ubyte)* sid_ctx, uint sid_ctx_len); 2049 2050 int SSL_CTX_set_purpose(libressl_d.openssl.ossl_typ.SSL_CTX* s, int purpose); 2051 int SSL_set_purpose(libressl_d.openssl.ossl_typ.SSL* s, int purpose); 2052 int SSL_CTX_set_trust(libressl_d.openssl.ossl_typ.SSL_CTX* s, int trust); 2053 int SSL_set_trust(libressl_d.openssl.ossl_typ.SSL* s, int trust); 2054 int SSL_set1_host(libressl_d.openssl.ossl_typ.SSL* s, const (char)* hostname); 2055 void SSL_set_hostflags(libressl_d.openssl.ossl_typ.SSL* s, uint flags); 2056 const (char)* SSL_get0_peername(libressl_d.openssl.ossl_typ.SSL* s); 2057 2058 libressl_d.openssl.x509_vfy.X509_VERIFY_PARAM* SSL_CTX_get0_param(libressl_d.openssl.ossl_typ.SSL_CTX* ctx); 2059 int SSL_CTX_set1_param(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, libressl_d.openssl.x509_vfy.X509_VERIFY_PARAM* vpm); 2060 libressl_d.openssl.x509_vfy.X509_VERIFY_PARAM* SSL_get0_param(libressl_d.openssl.ossl_typ.SSL* ssl); 2061 int SSL_set1_param(libressl_d.openssl.ossl_typ.SSL* ssl, libressl_d.openssl.x509_vfy.X509_VERIFY_PARAM* vpm); 2062 2063 libressl_d.openssl.ossl_typ.SSL* SSL_new(libressl_d.openssl.ossl_typ.SSL_CTX* ctx); 2064 void SSL_free(libressl_d.openssl.ossl_typ.SSL* ssl); 2065 int SSL_up_ref(libressl_d.openssl.ossl_typ.SSL* ssl); 2066 int SSL_accept(libressl_d.openssl.ossl_typ.SSL* ssl); 2067 int SSL_connect(libressl_d.openssl.ossl_typ.SSL* ssl); 2068 int SSL_is_dtls(const (libressl_d.openssl.ossl_typ.SSL)* s); 2069 int SSL_is_server(const (libressl_d.openssl.ossl_typ.SSL)* s); 2070 int SSL_read(libressl_d.openssl.ossl_typ.SSL* ssl, void* buf, int num); 2071 int SSL_peek(libressl_d.openssl.ossl_typ.SSL* ssl, void* buf, int num); 2072 int SSL_write(libressl_d.openssl.ossl_typ.SSL* ssl, const (void)* buf, int num); 2073 2074 static if ((libressl_d.openssl.opensslfeatures.LIBRESSL_HAS_TLS1_3) || (libressl_d.openssl.opensslfeatures.LIBRESSL_INTERNAL)) { 2075 core.stdc.stdint.uint32_t SSL_CTX_get_max_early_data(const (libressl_d.openssl.ossl_typ.SSL_CTX)* ctx); 2076 int SSL_CTX_set_max_early_data(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, core.stdc.stdint.uint32_t max_early_data); 2077 2078 core.stdc.stdint.uint32_t SSL_get_max_early_data(const (libressl_d.openssl.ossl_typ.SSL)* s); 2079 int SSL_set_max_early_data(libressl_d.openssl.ossl_typ.SSL* s, core.stdc.stdint.uint32_t max_early_data); 2080 2081 enum SSL_EARLY_DATA_NOT_SENT = 0; 2082 enum SSL_EARLY_DATA_REJECTED = 1; 2083 enum SSL_EARLY_DATA_ACCEPTED = 2; 2084 int SSL_get_early_data_status(const (libressl_d.openssl.ossl_typ.SSL)* s); 2085 2086 enum SSL_READ_EARLY_DATA_ERROR = 0; 2087 enum SSL_READ_EARLY_DATA_SUCCESS = 1; 2088 enum SSL_READ_EARLY_DATA_FINISH = 2; 2089 int SSL_read_early_data(libressl_d.openssl.ossl_typ.SSL* s, void* buf, size_t num, size_t* readbytes); 2090 int SSL_write_early_data(libressl_d.openssl.ossl_typ.SSL* s, const (void)* buf, size_t num, size_t* written); 2091 } 2092 2093 core.stdc.config.c_long SSL_ctrl(libressl_d.openssl.ossl_typ.SSL* ssl, int cmd, core.stdc.config.c_long larg, void* parg); 2094 core.stdc.config.c_long SSL_callback_ctrl(libressl_d.openssl.ossl_typ.SSL*, int, void function()); 2095 core.stdc.config.c_long SSL_CTX_ctrl(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, int cmd, core.stdc.config.c_long larg, void* parg); 2096 core.stdc.config.c_long SSL_CTX_callback_ctrl(libressl_d.openssl.ossl_typ.SSL_CTX*, int, void function()); 2097 2098 int SSL_get_error(const (libressl_d.openssl.ossl_typ.SSL)* s, int ret_code); 2099 const (char)* SSL_get_version(const (libressl_d.openssl.ossl_typ.SSL)* s); 2100 2101 /* This sets the 'default' SSL version that SSL_new() will create */ 2102 int SSL_CTX_set_ssl_version(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, const (.SSL_METHOD)* meth); 2103 2104 /** 2105 * SSLv3 or TLSv1.* 2106 */ 2107 const (.SSL_METHOD)* SSLv23_method(); 2108 2109 ///Ditto 2110 const (.SSL_METHOD)* SSLv23_server_method(); 2111 2112 ///Ditto 2113 const (.SSL_METHOD)* SSLv23_client_method(); 2114 2115 /** 2116 * TLSv1.0 2117 */ 2118 const (.SSL_METHOD)* TLSv1_method(); 2119 2120 ///Ditto 2121 const (.SSL_METHOD)* TLSv1_server_method(); 2122 2123 ///Ditto 2124 const (.SSL_METHOD)* TLSv1_client_method(); 2125 2126 /** 2127 * TLSv1.1 2128 */ 2129 const (.SSL_METHOD)* TLSv1_1_method(); 2130 2131 ///Ditto 2132 const (.SSL_METHOD)* TLSv1_1_server_method(); 2133 2134 ///Ditto 2135 const (.SSL_METHOD)* TLSv1_1_client_method(); 2136 2137 /** 2138 * TLSv1.2 2139 */ 2140 const (.SSL_METHOD)* TLSv1_2_method(); 2141 2142 ///Ditto 2143 const (.SSL_METHOD)* TLSv1_2_server_method(); 2144 2145 ///Ditto 2146 const (.SSL_METHOD)* TLSv1_2_client_method(); 2147 2148 /** 2149 * TLS v1.0 or later 2150 */ 2151 const (.SSL_METHOD)* TLS_method(); 2152 2153 ///Ditto 2154 const (.SSL_METHOD)* TLS_server_method(); 2155 2156 ///Ditto 2157 const (.SSL_METHOD)* TLS_client_method(); 2158 2159 /** 2160 * DTLSv1.0 2161 */ 2162 const (.SSL_METHOD)* DTLSv1_method(); 2163 2164 ///Ditto 2165 const (.SSL_METHOD)* DTLSv1_server_method(); 2166 2167 ///Ditto 2168 const (.SSL_METHOD)* DTLSv1_client_method(); 2169 2170 /** 2171 * DTLSv1.2 2172 */ 2173 const (.SSL_METHOD)* DTLSv1_2_method(); 2174 2175 ///Ditto 2176 const (.SSL_METHOD)* DTLSv1_2_server_method(); 2177 2178 ///Ditto 2179 const (.SSL_METHOD)* DTLSv1_2_client_method(); 2180 2181 /** 2182 * DTLS v1.0 or later 2183 */ 2184 const (.SSL_METHOD)* DTLS_method(); 2185 2186 ///Ditto 2187 const (.SSL_METHOD)* DTLS_server_method(); 2188 2189 ///Ditto 2190 const (.SSL_METHOD)* DTLS_client_method(); 2191 2192 .stack_st_SSL_CIPHER* SSL_get_ciphers(const (libressl_d.openssl.ossl_typ.SSL)* s); 2193 .stack_st_SSL_CIPHER* SSL_get_client_ciphers(const (libressl_d.openssl.ossl_typ.SSL)* s); 2194 .stack_st_SSL_CIPHER* SSL_get1_supported_ciphers(libressl_d.openssl.ossl_typ.SSL* s); 2195 2196 int SSL_do_handshake(libressl_d.openssl.ossl_typ.SSL* s); 2197 int SSL_renegotiate(libressl_d.openssl.ossl_typ.SSL* s); 2198 int SSL_renegotiate_abbreviated(libressl_d.openssl.ossl_typ.SSL* s); 2199 int SSL_renegotiate_pending(libressl_d.openssl.ossl_typ.SSL* s); 2200 int SSL_shutdown(libressl_d.openssl.ossl_typ.SSL* s); 2201 2202 const (.SSL_METHOD)* SSL_get_ssl_method(libressl_d.openssl.ossl_typ.SSL* s); 2203 int SSL_set_ssl_method(libressl_d.openssl.ossl_typ.SSL* s, const (.SSL_METHOD)* method); 2204 const (char)* SSL_alert_type_string_long(int value); 2205 const (char)* SSL_alert_type_string(int value); 2206 const (char)* SSL_alert_desc_string_long(int value); 2207 const (char)* SSL_alert_desc_string(int value); 2208 2209 void SSL_set_client_CA_list(libressl_d.openssl.ossl_typ.SSL* s, libressl_d.openssl.x509.stack_st_X509_NAME* name_list); 2210 void SSL_CTX_set_client_CA_list(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, libressl_d.openssl.x509.stack_st_X509_NAME* name_list); 2211 libressl_d.openssl.x509.stack_st_X509_NAME* SSL_get_client_CA_list(const (libressl_d.openssl.ossl_typ.SSL)* s); 2212 libressl_d.openssl.x509.stack_st_X509_NAME* SSL_CTX_get_client_CA_list(const (libressl_d.openssl.ossl_typ.SSL_CTX)* s); 2213 int SSL_add_client_CA(libressl_d.openssl.ossl_typ.SSL* ssl, libressl_d.openssl.ossl_typ.X509* x); 2214 int SSL_CTX_add_client_CA(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, libressl_d.openssl.ossl_typ.X509* x); 2215 2216 void SSL_set_connect_state(libressl_d.openssl.ossl_typ.SSL* s); 2217 void SSL_set_accept_state(libressl_d.openssl.ossl_typ.SSL* s); 2218 2219 core.stdc.config.c_long SSL_get_default_timeout(const (libressl_d.openssl.ossl_typ.SSL)* s); 2220 2221 int SSL_library_init(); 2222 2223 char* SSL_CIPHER_description(const (.SSL_CIPHER)*, char* buf, int size); 2224 libressl_d.openssl.x509.stack_st_X509_NAME* SSL_dup_CA_list(const (libressl_d.openssl.x509.stack_st_X509_NAME)* sk); 2225 2226 libressl_d.openssl.ossl_typ.SSL* SSL_dup(libressl_d.openssl.ossl_typ.SSL* ssl); 2227 2228 libressl_d.openssl.ossl_typ.X509* SSL_get_certificate(const (libressl_d.openssl.ossl_typ.SSL)* ssl); 2229 2230 /* libressl_d.openssl.ossl_typ.EVP_PKEY */ 2231 libressl_d.openssl.evp.evp_pkey_st* SSL_get_privatekey(const (libressl_d.openssl.ossl_typ.SSL)* ssl); 2232 2233 void SSL_CTX_set_quiet_shutdown(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, int mode); 2234 int SSL_CTX_get_quiet_shutdown(const (libressl_d.openssl.ossl_typ.SSL_CTX)* ctx); 2235 void SSL_set_quiet_shutdown(libressl_d.openssl.ossl_typ.SSL* ssl, int mode); 2236 int SSL_get_quiet_shutdown(const (libressl_d.openssl.ossl_typ.SSL)* ssl); 2237 void SSL_set_shutdown(libressl_d.openssl.ossl_typ.SSL* ssl, int mode); 2238 int SSL_get_shutdown(const (libressl_d.openssl.ossl_typ.SSL)* ssl); 2239 int SSL_version(const (libressl_d.openssl.ossl_typ.SSL)* ssl); 2240 int SSL_CTX_set_default_verify_paths(libressl_d.openssl.ossl_typ.SSL_CTX* ctx); 2241 int SSL_CTX_load_verify_locations(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, const (char)* CAfile, const (char)* CApath); 2242 int SSL_CTX_load_verify_mem(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, void* buf, int len); 2243 2244 /** 2245 * just peek at pointer 2246 */ 2247 alias SSL_get0_session = .SSL_get_session; 2248 2249 .SSL_SESSION* SSL_get_session(const (libressl_d.openssl.ossl_typ.SSL)* ssl); 2250 2251 /** 2252 * obtain a reference count 2253 */ 2254 .SSL_SESSION* SSL_get1_session(libressl_d.openssl.ossl_typ.SSL* ssl); 2255 2256 libressl_d.openssl.ossl_typ.SSL_CTX* SSL_get_SSL_CTX(const (libressl_d.openssl.ossl_typ.SSL)* ssl); 2257 libressl_d.openssl.ossl_typ.SSL_CTX* SSL_set_SSL_CTX(libressl_d.openssl.ossl_typ.SSL* ssl, libressl_d.openssl.ossl_typ.SSL_CTX* ctx); 2258 void SSL_set_info_callback(libressl_d.openssl.ossl_typ.SSL* ssl, void function(const (libressl_d.openssl.ossl_typ.SSL)* ssl, int type, int val) cb); 2259 //void (*SSL_get_info_callback(const (libressl_d.openssl.ossl_typ.SSL)* ssl))(const (libressl_d.openssl.ossl_typ.SSL)* ssl, int type, int val); 2260 int SSL_state(const (libressl_d.openssl.ossl_typ.SSL)* ssl); 2261 void SSL_set_state(libressl_d.openssl.ossl_typ.SSL* ssl, int state); 2262 2263 void SSL_set_verify_result(libressl_d.openssl.ossl_typ.SSL* ssl, core.stdc.config.c_long v); 2264 core.stdc.config.c_long SSL_get_verify_result(const (libressl_d.openssl.ossl_typ.SSL)* ssl); 2265 2266 int SSL_set_ex_data(libressl_d.openssl.ossl_typ.SSL* ssl, int idx, void* data); 2267 void* SSL_get_ex_data(const (libressl_d.openssl.ossl_typ.SSL)* ssl, int idx); 2268 int SSL_get_ex_new_index(core.stdc.config.c_long argl, void* argp, libressl_d.openssl.ossl_typ.CRYPTO_EX_new* new_func, libressl_d.openssl.ossl_typ.CRYPTO_EX_dup* dup_func, libressl_d.openssl.ossl_typ.CRYPTO_EX_free* free_func); 2269 2270 int SSL_SESSION_set_ex_data(.SSL_SESSION* ss, int idx, void* data); 2271 void* SSL_SESSION_get_ex_data(const (.SSL_SESSION)* ss, int idx); 2272 int SSL_SESSION_get_ex_new_index(core.stdc.config.c_long argl, void* argp, libressl_d.openssl.ossl_typ.CRYPTO_EX_new* new_func, libressl_d.openssl.ossl_typ.CRYPTO_EX_dup* dup_func, libressl_d.openssl.ossl_typ.CRYPTO_EX_free* free_func); 2273 2274 int SSL_CTX_set_ex_data(libressl_d.openssl.ossl_typ.SSL_CTX* ssl, int idx, void* data); 2275 void* SSL_CTX_get_ex_data(const (libressl_d.openssl.ossl_typ.SSL_CTX)* ssl, int idx); 2276 int SSL_CTX_get_ex_new_index(core.stdc.config.c_long argl, void* argp, libressl_d.openssl.ossl_typ.CRYPTO_EX_new* new_func, libressl_d.openssl.ossl_typ.CRYPTO_EX_dup* dup_func, libressl_d.openssl.ossl_typ.CRYPTO_EX_free* free_func); 2277 2278 int SSL_get_ex_data_X509_STORE_CTX_idx(); 2279 2280 pragma(inline, true) 2281 core.stdc.config.c_long SSL_CTX_sess_set_cache_size(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, core.stdc.config.c_long t) 2282 2283 do 2284 { 2285 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SET_SESS_CACHE_SIZE, t, null); 2286 } 2287 2288 pragma(inline, true) 2289 core.stdc.config.c_long SSL_CTX_sess_get_cache_size(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 2290 2291 do 2292 { 2293 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_GET_SESS_CACHE_SIZE, 0, null); 2294 } 2295 2296 pragma(inline, true) 2297 core.stdc.config.c_long SSL_CTX_set_session_cache_mode(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, core.stdc.config.c_long m) 2298 2299 do 2300 { 2301 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SET_SESS_CACHE_MODE, m, null); 2302 } 2303 2304 pragma(inline, true) 2305 core.stdc.config.c_long SSL_CTX_get_session_cache_mode(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 2306 2307 do 2308 { 2309 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_GET_SESS_CACHE_MODE, 0, null); 2310 } 2311 2312 alias SSL_CTX_get_default_read_ahead = .SSL_CTX_get_read_ahead; 2313 alias SSL_CTX_set_default_read_ahead = .SSL_CTX_set_read_ahead; 2314 2315 pragma(inline, true) 2316 core.stdc.config.c_long SSL_CTX_get_read_ahead(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 2317 2318 do 2319 { 2320 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_GET_READ_AHEAD, 0, null); 2321 } 2322 2323 pragma(inline, true) 2324 core.stdc.config.c_long SSL_CTX_set_read_ahead(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, core.stdc.config.c_long m) 2325 2326 do 2327 { 2328 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SET_READ_AHEAD, m, null); 2329 } 2330 2331 pragma(inline, true) 2332 core.stdc.config.c_long SSL_CTX_get_max_cert_list(libressl_d.openssl.ossl_typ.SSL_CTX* ctx) 2333 2334 do 2335 { 2336 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_GET_MAX_CERT_LIST, 0, null); 2337 } 2338 2339 pragma(inline, true) 2340 core.stdc.config.c_long SSL_CTX_set_max_cert_list(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, core.stdc.config.c_long m) 2341 2342 do 2343 { 2344 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SET_MAX_CERT_LIST, m, null); 2345 } 2346 2347 pragma(inline, true) 2348 core.stdc.config.c_long SSL_get_max_cert_list(libressl_d.openssl.ossl_typ.SSL* ssl) 2349 2350 do 2351 { 2352 return .SSL_ctrl(ssl, .SSL_CTRL_GET_MAX_CERT_LIST, 0, null); 2353 } 2354 2355 pragma(inline, true) 2356 core.stdc.config.c_long SSL_set_max_cert_list(libressl_d.openssl.ossl_typ.SSL* ssl, core.stdc.config.c_long m) 2357 2358 do 2359 { 2360 return .SSL_ctrl(ssl, .SSL_CTRL_SET_MAX_CERT_LIST, m, null); 2361 } 2362 2363 pragma(inline, true) 2364 core.stdc.config.c_long SSL_CTX_set_max_send_fragment(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, core.stdc.config.c_long m) 2365 2366 do 2367 { 2368 return .SSL_CTX_ctrl(ctx, .SSL_CTRL_SET_MAX_SEND_FRAGMENT, m, null); 2369 } 2370 2371 pragma(inline, true) 2372 core.stdc.config.c_long SSL_set_max_send_fragment(libressl_d.openssl.ossl_typ.SSL* ssl, core.stdc.config.c_long m) 2373 2374 do 2375 { 2376 return .SSL_ctrl(ssl, .SSL_CTRL_SET_MAX_SEND_FRAGMENT, m, null); 2377 } 2378 2379 /* NB: the keylength is only applicable when is_export is true */ 2380 void SSL_CTX_set_tmp_rsa_callback(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, libressl_d.openssl.ossl_typ.RSA* function(libressl_d.openssl.ossl_typ.SSL* ssl, int is_export, int keylength) cb); 2381 2382 void SSL_set_tmp_rsa_callback(libressl_d.openssl.ossl_typ.SSL* ssl, libressl_d.openssl.ossl_typ.RSA* function(libressl_d.openssl.ossl_typ.SSL* ssl, int is_export, int keylength) cb); 2383 void SSL_CTX_set_tmp_dh_callback(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, libressl_d.openssl.ossl_typ.DH* function(libressl_d.openssl.ossl_typ.SSL* ssl, int is_export, int keylength) dh); 2384 void SSL_set_tmp_dh_callback(libressl_d.openssl.ossl_typ.SSL* ssl, libressl_d.openssl.ossl_typ.DH* function(libressl_d.openssl.ossl_typ.SSL* ssl, int is_export, int keylength) dh); 2385 void SSL_CTX_set_tmp_ecdh_callback(libressl_d.openssl.ossl_typ.SSL_CTX* ctx, libressl_d.openssl.ec.EC_KEY* function(libressl_d.openssl.ossl_typ.SSL* ssl, int is_export, int keylength) ecdh); 2386 void SSL_set_tmp_ecdh_callback(libressl_d.openssl.ossl_typ.SSL* ssl, libressl_d.openssl.ec.EC_KEY* function(libressl_d.openssl.ossl_typ.SSL* ssl, int is_export, int keylength) ecdh); 2387 2388 size_t SSL_get_client_random(const (libressl_d.openssl.ossl_typ.SSL)* s, ubyte* out_, size_t max_out); 2389 size_t SSL_get_server_random(const (libressl_d.openssl.ossl_typ.SSL)* s, ubyte* out_, size_t max_out); 2390 2391 const (void)* SSL_get_current_compression(libressl_d.openssl.ossl_typ.SSL* s); 2392 const (void)* SSL_get_current_expansion(libressl_d.openssl.ossl_typ.SSL* s); 2393 2394 const (char)* SSL_COMP_get_name(const (void)* comp); 2395 void* SSL_COMP_get_compression_methods(); 2396 int SSL_COMP_add_compression_method(int id, void* cm); 2397 2398 /* TLS extensions functions */ 2399 int SSL_set_session_ticket_ext(libressl_d.openssl.ossl_typ.SSL* s, void* ext_data, int ext_len); 2400 2401 int SSL_set_session_ticket_ext_cb(libressl_d.openssl.ossl_typ.SSL* s, .tls_session_ticket_ext_cb_fn cb, void* arg); 2402 2403 /* Pre-shared secret session resumption functions */ 2404 int SSL_set_session_secret_cb(libressl_d.openssl.ossl_typ.SSL* s, .tls_session_secret_cb_fn tls_session_secret_cb, void* arg); 2405 2406 void SSL_set_debug(libressl_d.openssl.ossl_typ.SSL* s, int debug_); 2407 int SSL_cache_hit(libressl_d.openssl.ossl_typ.SSL* s); 2408 2409 /* BEGIN ERROR CODES */ 2410 /* 2411 * The following lines are auto generated by the script mkerr.pl. Any changes 2412 * made after this point may be overwritten when the script is next run. 2413 */ 2414 void ERR_load_SSL_strings(); 2415 2416 /* Error codes for the SSL functions. */ 2417 2418 /* Function codes. */ 2419 enum SSL_F_CLIENT_CERTIFICATE = 100; 2420 enum SSL_F_CLIENT_FINISHED = 167; 2421 enum SSL_F_CLIENT_HELLO = 101; 2422 enum SSL_F_CLIENT_MASTER_KEY = 102; 2423 enum SSL_F_D2I_SSL_SESSION = 103; 2424 enum SSL_F_DO_DTLS1_WRITE = 245; 2425 enum SSL_F_DO_SSL3_WRITE = 104; 2426 enum SSL_F_DTLS1_ACCEPT = 246; 2427 enum SSL_F_DTLS1_ADD_CERT_TO_BUF = 295; 2428 enum SSL_F_DTLS1_BUFFER_RECORD = 247; 2429 enum SSL_F_DTLS1_CHECK_TIMEOUT_NUM = 316; 2430 enum SSL_F_DTLS1_CLIENT_HELLO = 248; 2431 enum SSL_F_DTLS1_CONNECT = 249; 2432 enum SSL_F_DTLS1_ENC = 250; 2433 enum SSL_F_DTLS1_GET_HELLO_VERIFY = 251; 2434 enum SSL_F_DTLS1_GET_MESSAGE = 252; 2435 enum SSL_F_DTLS1_GET_MESSAGE_FRAGMENT = 253; 2436 enum SSL_F_DTLS1_GET_RECORD = 254; 2437 enum SSL_F_DTLS1_HANDLE_TIMEOUT = 297; 2438 enum SSL_F_DTLS1_HEARTBEAT = 305; 2439 enum SSL_F_DTLS1_OUTPUT_CERT_CHAIN = 255; 2440 enum SSL_F_DTLS1_PREPROCESS_FRAGMENT = 288; 2441 enum SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE = 256; 2442 enum SSL_F_DTLS1_PROCESS_RECORD = 257; 2443 enum SSL_F_DTLS1_READ_BYTES = 258; 2444 enum SSL_F_DTLS1_READ_FAILED = 259; 2445 enum SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST = 260; 2446 enum SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE = 261; 2447 enum SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE = 262; 2448 enum SSL_F_DTLS1_SEND_CLIENT_VERIFY = 263; 2449 enum SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST = 264; 2450 enum SSL_F_DTLS1_SEND_SERVER_CERTIFICATE = 265; 2451 enum SSL_F_DTLS1_SEND_SERVER_HELLO = 266; 2452 enum SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE = 267; 2453 enum SSL_F_DTLS1_WRITE_APP_DATA_BYTES = 268; 2454 enum SSL_F_GET_CLIENT_FINISHED = 105; 2455 enum SSL_F_GET_CLIENT_HELLO = 106; 2456 enum SSL_F_GET_CLIENT_MASTER_KEY = 107; 2457 enum SSL_F_GET_SERVER_FINISHED = 108; 2458 enum SSL_F_GET_SERVER_HELLO = 109; 2459 enum SSL_F_GET_SERVER_VERIFY = 110; 2460 enum SSL_F_I2D_SSL_SESSION = 111; 2461 enum SSL_F_READ_N = 112; 2462 enum SSL_F_REQUEST_CERTIFICATE = 113; 2463 enum SSL_F_SERVER_FINISH = 239; 2464 enum SSL_F_SERVER_HELLO = 114; 2465 enum SSL_F_SERVER_VERIFY = 240; 2466 enum SSL_F_SSL23_ACCEPT = 115; 2467 enum SSL_F_SSL23_CLIENT_HELLO = 116; 2468 enum SSL_F_SSL23_CONNECT = 117; 2469 enum SSL_F_SSL23_GET_CLIENT_HELLO = 118; 2470 enum SSL_F_SSL23_GET_SERVER_HELLO = 119; 2471 enum SSL_F_SSL23_PEEK = 237; 2472 enum SSL_F_SSL23_READ = 120; 2473 enum SSL_F_SSL23_WRITE = 121; 2474 enum SSL_F_SSL2_ACCEPT = 122; 2475 enum SSL_F_SSL2_CONNECT = 123; 2476 enum SSL_F_SSL2_ENC_INIT = 124; 2477 enum SSL_F_SSL2_GENERATE_KEY_MATERIAL = 241; 2478 enum SSL_F_SSL2_PEEK = 234; 2479 enum SSL_F_SSL2_READ = 125; 2480 enum SSL_F_SSL2_READ_INTERNAL = 236; 2481 enum SSL_F_SSL2_SET_CERTIFICATE = 126; 2482 enum SSL_F_SSL2_WRITE = 127; 2483 enum SSL_F_SSL3_ACCEPT = 128; 2484 enum SSL_F_SSL3_ADD_CERT_TO_BUF = 296; 2485 enum SSL_F_SSL3_CALLBACK_CTRL = 233; 2486 enum SSL_F_SSL3_CHANGE_CIPHER_STATE = 129; 2487 enum SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM = 130; 2488 enum SSL_F_SSL3_CHECK_CLIENT_HELLO = 304; 2489 enum SSL_F_SSL3_CLIENT_HELLO = 131; 2490 enum SSL_F_SSL3_CONNECT = 132; 2491 enum SSL_F_SSL3_CTRL = 213; 2492 enum SSL_F_SSL3_CTX_CTRL = 133; 2493 enum SSL_F_SSL3_DIGEST_CACHED_RECORDS = 293; 2494 enum SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC = 292; 2495 enum SSL_F_SSL3_ENC = 134; 2496 enum SSL_F_SSL3_GENERATE_KEY_BLOCK = 238; 2497 enum SSL_F_SSL3_GET_CERTIFICATE_REQUEST = 135; 2498 enum SSL_F_SSL3_GET_CERT_STATUS = 289; 2499 enum SSL_F_SSL3_GET_CERT_VERIFY = 136; 2500 enum SSL_F_SSL3_GET_CLIENT_CERTIFICATE = 137; 2501 enum SSL_F_SSL3_GET_CLIENT_HELLO = 138; 2502 enum SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE = 139; 2503 enum SSL_F_SSL3_GET_FINISHED = 140; 2504 enum SSL_F_SSL3_GET_KEY_EXCHANGE = 141; 2505 enum SSL_F_SSL3_GET_MESSAGE = 142; 2506 enum SSL_F_SSL3_GET_NEW_SESSION_TICKET = 283; 2507 enum SSL_F_SSL3_GET_NEXT_PROTO = 306; 2508 enum SSL_F_SSL3_GET_RECORD = 143; 2509 enum SSL_F_SSL3_GET_SERVER_CERTIFICATE = 144; 2510 enum SSL_F_SSL3_GET_SERVER_DONE = 145; 2511 enum SSL_F_SSL3_GET_SERVER_HELLO = 146; 2512 enum SSL_F_SSL3_HANDSHAKE_MAC = 285; 2513 enum SSL_F_SSL3_NEW_SESSION_TICKET = 287; 2514 enum SSL_F_SSL3_OUTPUT_CERT_CHAIN = 147; 2515 enum SSL_F_SSL3_PEEK = 235; 2516 enum SSL_F_SSL3_READ_BYTES = 148; 2517 enum SSL_F_SSL3_READ_N = 149; 2518 enum SSL_F_SSL3_SEND_CERTIFICATE_REQUEST = 150; 2519 enum SSL_F_SSL3_SEND_CLIENT_CERTIFICATE = 151; 2520 enum SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE = 152; 2521 enum SSL_F_SSL3_SEND_CLIENT_VERIFY = 153; 2522 enum SSL_F_SSL3_SEND_SERVER_CERTIFICATE = 154; 2523 enum SSL_F_SSL3_SEND_SERVER_HELLO = 242; 2524 enum SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE = 155; 2525 enum SSL_F_SSL3_SETUP_KEY_BLOCK = 157; 2526 enum SSL_F_SSL3_SETUP_READ_BUFFER = 156; 2527 enum SSL_F_SSL3_SETUP_WRITE_BUFFER = 291; 2528 enum SSL_F_SSL3_WRITE_BYTES = 158; 2529 enum SSL_F_SSL3_WRITE_PENDING = 159; 2530 enum SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT = 298; 2531 enum SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT = 277; 2532 enum SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT = 307; 2533 enum SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK = 215; 2534 enum SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK = 216; 2535 enum SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT = 299; 2536 enum SSL_F_SSL_ADD_SERVERHELLO_TLSEXT = 278; 2537 enum SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT = 308; 2538 enum SSL_F_SSL_BAD_METHOD = 160; 2539 enum SSL_F_SSL_BYTES_TO_CIPHER_LIST = 161; 2540 enum SSL_F_SSL_CERT_DUP = 221; 2541 enum SSL_F_SSL_CERT_INST = 222; 2542 enum SSL_F_SSL_CERT_INSTANTIATE = 214; 2543 enum SSL_F_SSL_CERT_NEW = 162; 2544 enum SSL_F_SSL_CHECK_PRIVATE_KEY = 163; 2545 enum SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT = 280; 2546 enum SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG = 279; 2547 enum SSL_F_SSL_CIPHER_PROCESS_RULESTR = 230; 2548 enum SSL_F_SSL_CIPHER_STRENGTH_SORT = 231; 2549 enum SSL_F_SSL_CLEAR = 164; 2550 enum SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD = 165; 2551 enum SSL_F_SSL_CREATE_CIPHER_LIST = 166; 2552 enum SSL_F_SSL_CTRL = 232; 2553 enum SSL_F_SSL_CTX_CHECK_PRIVATE_KEY = 168; 2554 enum SSL_F_SSL_CTX_MAKE_PROFILES = 309; 2555 enum SSL_F_SSL_CTX_NEW = 169; 2556 enum SSL_F_SSL_CTX_SET_CIPHER_LIST = 269; 2557 enum SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE = 290; 2558 enum SSL_F_SSL_CTX_SET_PURPOSE = 226; 2559 enum SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT = 219; 2560 enum SSL_F_SSL_CTX_SET_SSL_VERSION = 170; 2561 enum SSL_F_SSL_CTX_SET_TRUST = 229; 2562 enum SSL_F_SSL_CTX_USE_CERTIFICATE = 171; 2563 enum SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 = 172; 2564 enum SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE = 220; 2565 enum SSL_F_SSL_CTX_USE_CERTIFICATE_FILE = 173; 2566 enum SSL_F_SSL_CTX_USE_PRIVATEKEY = 174; 2567 enum SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 = 175; 2568 enum SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE = 176; 2569 enum SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT = 272; 2570 enum SSL_F_SSL_CTX_USE_RSAPRIVATEKEY = 177; 2571 enum SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 = 178; 2572 enum SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE = 179; 2573 enum SSL_F_SSL_DO_HANDSHAKE = 180; 2574 enum SSL_F_SSL_GET_NEW_SESSION = 181; 2575 enum SSL_F_SSL_GET_PREV_SESSION = 217; 2576 enum SSL_F_SSL_GET_SERVER_SEND_CERT = 182; 2577 enum SSL_F_SSL_GET_SERVER_SEND_PKEY = 317; 2578 enum SSL_F_SSL_GET_SIGN_PKEY = 183; 2579 enum SSL_F_SSL_INIT_WBIO_BUFFER = 184; 2580 enum SSL_F_SSL_LOAD_CLIENT_CA_FILE = 185; 2581 enum SSL_F_SSL_NEW = 186; 2582 enum SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT = 300; 2583 enum SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT = 302; 2584 enum SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT = 310; 2585 enum SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT = 301; 2586 enum SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT = 303; 2587 enum SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT = 311; 2588 enum SSL_F_SSL_PEEK = 270; 2589 enum SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT = 281; 2590 enum SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT = 282; 2591 enum SSL_F_SSL_READ = 223; 2592 enum SSL_F_SSL_RSA_PRIVATE_DECRYPT = 187; 2593 enum SSL_F_SSL_RSA_PUBLIC_ENCRYPT = 188; 2594 enum SSL_F_SSL_SESSION_NEW = 189; 2595 enum SSL_F_SSL_SESSION_PRINT_FP = 190; 2596 enum SSL_F_SSL_SESSION_SET1_ID_CONTEXT = 312; 2597 enum SSL_F_SSL_SESS_CERT_NEW = 225; 2598 enum SSL_F_SSL_SET_CERT = 191; 2599 enum SSL_F_SSL_SET_CIPHER_LIST = 271; 2600 enum SSL_F_SSL_SET_FD = 192; 2601 enum SSL_F_SSL_SET_PKEY = 193; 2602 enum SSL_F_SSL_SET_PURPOSE = 227; 2603 enum SSL_F_SSL_SET_RFD = 194; 2604 enum SSL_F_SSL_SET_SESSION = 195; 2605 enum SSL_F_SSL_SET_SESSION_ID_CONTEXT = 218; 2606 enum SSL_F_SSL_SET_SESSION_TICKET_EXT = 294; 2607 enum SSL_F_SSL_SET_TRUST = 228; 2608 enum SSL_F_SSL_SET_WFD = 196; 2609 enum SSL_F_SSL_SHUTDOWN = 224; 2610 enum SSL_F_SSL_SRP_CTX_INIT = 313; 2611 enum SSL_F_SSL_UNDEFINED_CONST_FUNCTION = 243; 2612 enum SSL_F_SSL_UNDEFINED_FUNCTION = 197; 2613 enum SSL_F_SSL_UNDEFINED_VOID_FUNCTION = 244; 2614 enum SSL_F_SSL_USE_CERTIFICATE = 198; 2615 enum SSL_F_SSL_USE_CERTIFICATE_ASN1 = 199; 2616 enum SSL_F_SSL_USE_CERTIFICATE_FILE = 200; 2617 enum SSL_F_SSL_USE_PRIVATEKEY = 201; 2618 enum SSL_F_SSL_USE_PRIVATEKEY_ASN1 = 202; 2619 enum SSL_F_SSL_USE_PRIVATEKEY_FILE = 203; 2620 enum SSL_F_SSL_USE_PSK_IDENTITY_HINT = 273; 2621 enum SSL_F_SSL_USE_RSAPRIVATEKEY = 204; 2622 enum SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 = 205; 2623 enum SSL_F_SSL_USE_RSAPRIVATEKEY_FILE = 206; 2624 enum SSL_F_SSL_VERIFY_CERT_CHAIN = 207; 2625 enum SSL_F_SSL_WRITE = 208; 2626 enum SSL_F_TLS1_AEAD_CTX_INIT = 339; 2627 enum SSL_F_TLS1_CERT_VERIFY_MAC = 286; 2628 enum SSL_F_TLS1_CHANGE_CIPHER_STATE = 209; 2629 enum SSL_F_TLS1_CHANGE_CIPHER_STATE_AEAD = 340; 2630 enum SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER = 338; 2631 enum SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT = 274; 2632 enum SSL_F_TLS1_ENC = 210; 2633 enum SSL_F_TLS1_EXPORT_KEYING_MATERIAL = 314; 2634 enum SSL_F_TLS1_HEARTBEAT = 315; 2635 enum SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT = 275; 2636 enum SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT = 276; 2637 enum SSL_F_TLS1_PRF = 284; 2638 enum SSL_F_TLS1_SETUP_KEY_BLOCK = 211; 2639 enum SSL_F_WRITE_PENDING = 212; 2640 2641 /* Reason codes. */ 2642 enum SSL_R_APP_DATA_IN_HANDSHAKE = 100; 2643 enum SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT = 272; 2644 enum SSL_R_BAD_ALERT_RECORD = 101; 2645 enum SSL_R_BAD_AUTHENTICATION_TYPE = 102; 2646 enum SSL_R_BAD_CHANGE_CIPHER_SPEC = 103; 2647 enum SSL_R_BAD_CHECKSUM = 104; 2648 enum SSL_R_BAD_DATA_RETURNED_BY_CALLBACK = 106; 2649 enum SSL_R_BAD_DECOMPRESSION = 107; 2650 enum SSL_R_BAD_DH_G_LENGTH = 108; 2651 enum SSL_R_BAD_DH_PUB_KEY_LENGTH = 109; 2652 enum SSL_R_BAD_DH_P_LENGTH = 110; 2653 enum SSL_R_BAD_DIGEST_LENGTH = 111; 2654 enum SSL_R_BAD_DSA_SIGNATURE = 112; 2655 enum SSL_R_BAD_ECC_CERT = 304; 2656 enum SSL_R_BAD_ECDSA_SIGNATURE = 305; 2657 enum SSL_R_BAD_ECPOINT = 306; 2658 enum SSL_R_BAD_HANDSHAKE_LENGTH = 332; 2659 enum SSL_R_BAD_HELLO_REQUEST = 105; 2660 enum SSL_R_BAD_LENGTH = 271; 2661 enum SSL_R_BAD_MAC_DECODE = 113; 2662 enum SSL_R_BAD_MAC_LENGTH = 333; 2663 enum SSL_R_BAD_MESSAGE_TYPE = 114; 2664 enum SSL_R_BAD_PACKET_LENGTH = 115; 2665 enum SSL_R_BAD_PROTOCOL_VERSION_NUMBER = 116; 2666 enum SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH = 316; 2667 enum SSL_R_BAD_RESPONSE_ARGUMENT = 117; 2668 enum SSL_R_BAD_RSA_DECRYPT = 118; 2669 enum SSL_R_BAD_RSA_ENCRYPT = 119; 2670 enum SSL_R_BAD_RSA_E_LENGTH = 120; 2671 enum SSL_R_BAD_RSA_MODULUS_LENGTH = 121; 2672 enum SSL_R_BAD_RSA_SIGNATURE = 122; 2673 enum SSL_R_BAD_SIGNATURE = 123; 2674 enum SSL_R_BAD_SRP_A_LENGTH = 347; 2675 enum SSL_R_BAD_SRP_B_LENGTH = 348; 2676 enum SSL_R_BAD_SRP_G_LENGTH = 349; 2677 enum SSL_R_BAD_SRP_N_LENGTH = 350; 2678 enum SSL_R_BAD_SRP_S_LENGTH = 351; 2679 enum SSL_R_BAD_SRTP_MKI_VALUE = 352; 2680 enum SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST = 353; 2681 enum SSL_R_BAD_SSL_FILETYPE = 124; 2682 enum SSL_R_BAD_SSL_SESSION_ID_LENGTH = 125; 2683 enum SSL_R_BAD_STATE = 126; 2684 enum SSL_R_BAD_WRITE_RETRY = 127; 2685 enum SSL_R_BIO_NOT_SET = 128; 2686 enum SSL_R_BLOCK_CIPHER_PAD_IS_WRONG = 129; 2687 enum SSL_R_BN_LIB = 130; 2688 enum SSL_R_CA_DN_LENGTH_MISMATCH = 131; 2689 enum SSL_R_CA_DN_TOO_LONG = 132; 2690 enum SSL_R_CCS_RECEIVED_EARLY = 133; 2691 enum SSL_R_CERTIFICATE_VERIFY_FAILED = 134; 2692 enum SSL_R_CERT_LENGTH_MISMATCH = 135; 2693 enum SSL_R_CHALLENGE_IS_DIFFERENT = 136; 2694 enum SSL_R_CIPHER_CODE_WRONG_LENGTH = 137; 2695 enum SSL_R_CIPHER_COMPRESSION_UNAVAILABLE = 371; 2696 enum SSL_R_CIPHER_OR_HASH_UNAVAILABLE = 138; 2697 enum SSL_R_CIPHER_TABLE_SRC_ERROR = 139; 2698 enum SSL_R_CLIENTHELLO_TLSEXT = 226; 2699 enum SSL_R_COMPRESSED_LENGTH_TOO_LONG = 140; 2700 enum SSL_R_COMPRESSION_DISABLED = 343; 2701 enum SSL_R_COMPRESSION_FAILURE = 141; 2702 enum SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE = 307; 2703 enum SSL_R_COMPRESSION_LIBRARY_ERROR = 142; 2704 enum SSL_R_CONNECTION_ID_IS_DIFFERENT = 143; 2705 enum SSL_R_CONNECTION_TYPE_NOT_SET = 144; 2706 enum SSL_R_COOKIE_MISMATCH = 308; 2707 enum SSL_R_DATA_BETWEEN_CCS_AND_FINISHED = 145; 2708 enum SSL_R_DATA_LENGTH_TOO_LONG = 146; 2709 enum SSL_R_DECRYPTION_FAILED = 147; 2710 enum SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC = 281; 2711 enum SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG = 148; 2712 enum SSL_R_DIGEST_CHECK_FAILED = 149; 2713 enum SSL_R_DTLS_MESSAGE_TOO_BIG = 334; 2714 enum SSL_R_DUPLICATE_COMPRESSION_ID = 309; 2715 enum SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT = 317; 2716 enum SSL_R_ECC_CERT_NOT_FOR_SIGNING = 318; 2717 enum SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE = 322; 2718 enum SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE = 323; 2719 enum SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER = 310; 2720 enum SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST = 354; 2721 enum SSL_R_ENCRYPTED_LENGTH_TOO_LONG = 150; 2722 enum SSL_R_ERROR_GENERATING_TMP_RSA_KEY = 282; 2723 enum SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST = 151; 2724 enum SSL_R_EXCESSIVE_MESSAGE_SIZE = 152; 2725 enum SSL_R_EXTRA_DATA_IN_MESSAGE = 153; 2726 enum SSL_R_GOT_A_FIN_BEFORE_A_CCS = 154; 2727 enum SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS = 355; 2728 enum SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION = 356; 2729 enum SSL_R_HTTPS_PROXY_REQUEST = 155; 2730 enum SSL_R_HTTP_REQUEST = 156; 2731 enum SSL_R_ILLEGAL_PADDING = 283; 2732 enum SSL_R_INAPPROPRIATE_FALLBACK = 373; 2733 enum SSL_R_INCONSISTENT_COMPRESSION = 340; 2734 enum SSL_R_INVALID_CHALLENGE_LENGTH = 158; 2735 enum SSL_R_INVALID_COMMAND = 280; 2736 enum SSL_R_INVALID_COMPRESSION_ALGORITHM = 341; 2737 enum SSL_R_INVALID_PURPOSE = 278; 2738 enum SSL_R_INVALID_SRP_USERNAME = 357; 2739 enum SSL_R_INVALID_STATUS_RESPONSE = 328; 2740 enum SSL_R_INVALID_TICKET_KEYS_LENGTH = 325; 2741 enum SSL_R_INVALID_TRUST = 279; 2742 enum SSL_R_KEY_ARG_TOO_LONG = 284; 2743 enum SSL_R_KRB5 = 285; 2744 enum SSL_R_KRB5_C_CC_PRINC = 286; 2745 enum SSL_R_KRB5_C_GET_CRED = 287; 2746 enum SSL_R_KRB5_C_INIT = 288; 2747 enum SSL_R_KRB5_C_MK_REQ = 289; 2748 enum SSL_R_KRB5_S_BAD_TICKET = 290; 2749 enum SSL_R_KRB5_S_INIT = 291; 2750 enum SSL_R_KRB5_S_RD_REQ = 292; 2751 enum SSL_R_KRB5_S_TKT_EXPIRED = 293; 2752 enum SSL_R_KRB5_S_TKT_NYV = 294; 2753 enum SSL_R_KRB5_S_TKT_SKEW = 295; 2754 enum SSL_R_LENGTH_MISMATCH = 159; 2755 enum SSL_R_LENGTH_TOO_SHORT = 160; 2756 enum SSL_R_LIBRARY_BUG = 274; 2757 enum SSL_R_LIBRARY_HAS_NO_CIPHERS = 161; 2758 enum SSL_R_MESSAGE_TOO_LONG = 296; 2759 enum SSL_R_MISSING_DH_DSA_CERT = 162; 2760 enum SSL_R_MISSING_DH_KEY = 163; 2761 enum SSL_R_MISSING_DH_RSA_CERT = 164; 2762 enum SSL_R_MISSING_DSA_SIGNING_CERT = 165; 2763 enum SSL_R_MISSING_EXPORT_TMP_DH_KEY = 166; 2764 enum SSL_R_MISSING_EXPORT_TMP_RSA_KEY = 167; 2765 enum SSL_R_MISSING_RSA_CERTIFICATE = 168; 2766 enum SSL_R_MISSING_RSA_ENCRYPTING_CERT = 169; 2767 enum SSL_R_MISSING_RSA_SIGNING_CERT = 170; 2768 enum SSL_R_MISSING_SRP_PARAM = 358; 2769 enum SSL_R_MISSING_TMP_DH_KEY = 171; 2770 enum SSL_R_MISSING_TMP_ECDH_KEY = 311; 2771 enum SSL_R_MISSING_TMP_RSA_KEY = 172; 2772 enum SSL_R_MISSING_TMP_RSA_PKEY = 173; 2773 enum SSL_R_MISSING_VERIFY_MESSAGE = 174; 2774 enum SSL_R_MULTIPLE_SGC_RESTARTS = 346; 2775 enum SSL_R_NON_SSLV2_INITIAL_PACKET = 175; 2776 enum SSL_R_NO_APPLICATION_PROTOCOL = 235; 2777 enum SSL_R_NO_CERTIFICATES_RETURNED = 176; 2778 enum SSL_R_NO_CERTIFICATE_ASSIGNED = 177; 2779 enum SSL_R_NO_CERTIFICATE_RETURNED = 178; 2780 enum SSL_R_NO_CERTIFICATE_SET = 179; 2781 enum SSL_R_NO_CERTIFICATE_SPECIFIED = 180; 2782 enum SSL_R_NO_CIPHERS_AVAILABLE = 181; 2783 enum SSL_R_NO_CIPHERS_PASSED = 182; 2784 enum SSL_R_NO_CIPHERS_SPECIFIED = 183; 2785 enum SSL_R_NO_CIPHER_LIST = 184; 2786 enum SSL_R_NO_CIPHER_MATCH = 185; 2787 enum SSL_R_NO_CLIENT_CERT_METHOD = 331; 2788 enum SSL_R_NO_CLIENT_CERT_RECEIVED = 186; 2789 enum SSL_R_NO_COMPRESSION_SPECIFIED = 187; 2790 enum SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER = 330; 2791 enum SSL_R_NO_METHOD_SPECIFIED = 188; 2792 enum SSL_R_NO_PRIVATEKEY = 189; 2793 enum SSL_R_NO_PRIVATE_KEY_ASSIGNED = 190; 2794 enum SSL_R_NO_PROTOCOLS_AVAILABLE = 191; 2795 enum SSL_R_NO_PUBLICKEY = 192; 2796 enum SSL_R_NO_RENEGOTIATION = 339; 2797 enum SSL_R_NO_REQUIRED_DIGEST = 324; 2798 enum SSL_R_NO_SHARED_CIPHER = 193; 2799 enum SSL_R_NO_SRTP_PROFILES = 359; 2800 enum SSL_R_NO_VERIFY_CALLBACK = 194; 2801 enum SSL_R_NULL_SSL_CTX = 195; 2802 enum SSL_R_NULL_SSL_METHOD_PASSED = 196; 2803 enum SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED = 197; 2804 enum SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED = 344; 2805 enum SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE = 297; 2806 enum SSL_R_PACKET_LENGTH_TOO_LONG = 198; 2807 enum SSL_R_PARSE_TLSEXT = 227; 2808 enum SSL_R_PATH_TOO_LONG = 270; 2809 enum SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE = 199; 2810 enum SSL_R_PEER_ERROR = 200; 2811 enum SSL_R_PEER_ERROR_CERTIFICATE = 201; 2812 enum SSL_R_PEER_ERROR_NO_CERTIFICATE = 202; 2813 enum SSL_R_PEER_ERROR_NO_CIPHER = 203; 2814 enum SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE = 204; 2815 enum SSL_R_PRE_MAC_LENGTH_TOO_LONG = 205; 2816 enum SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS = 206; 2817 enum SSL_R_PROTOCOL_IS_SHUTDOWN = 207; 2818 enum SSL_R_PSK_IDENTITY_NOT_FOUND = 223; 2819 enum SSL_R_PSK_NO_CLIENT_CB = 224; 2820 enum SSL_R_PSK_NO_SERVER_CB = 225; 2821 enum SSL_R_PUBLIC_KEY_ENCRYPT_ERROR = 208; 2822 enum SSL_R_PUBLIC_KEY_IS_NOT_RSA = 209; 2823 enum SSL_R_PUBLIC_KEY_NOT_RSA = 210; 2824 enum SSL_R_READ_BIO_NOT_SET = 211; 2825 enum SSL_R_READ_TIMEOUT_EXPIRED = 312; 2826 enum SSL_R_READ_WRONG_PACKET_TYPE = 212; 2827 enum SSL_R_RECORD_LENGTH_MISMATCH = 213; 2828 enum SSL_R_RECORD_TOO_LARGE = 214; 2829 enum SSL_R_RECORD_TOO_SMALL = 298; 2830 enum SSL_R_RENEGOTIATE_EXT_TOO_LONG = 335; 2831 enum SSL_R_RENEGOTIATION_ENCODING_ERR = 336; 2832 enum SSL_R_RENEGOTIATION_MISMATCH = 337; 2833 enum SSL_R_REQUIRED_CIPHER_MISSING = 215; 2834 enum SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING = 342; 2835 enum SSL_R_REUSE_CERT_LENGTH_NOT_ZERO = 216; 2836 enum SSL_R_REUSE_CERT_TYPE_NOT_ZERO = 217; 2837 enum SSL_R_REUSE_CIPHER_LIST_NOT_ZERO = 218; 2838 enum SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING = 345; 2839 enum SSL_R_SERVERHELLO_TLSEXT = 275; 2840 enum SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED = 277; 2841 enum SSL_R_SHORT_READ = 219; 2842 enum SSL_R_SIGNATURE_ALGORITHMS_ERROR = 360; 2843 enum SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE = 220; 2844 enum SSL_R_SRP_A_CALC = 361; 2845 enum SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES = 362; 2846 enum SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG = 363; 2847 enum SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE = 364; 2848 enum SSL_R_SSL23_DOING_SESSION_ID_REUSE = 221; 2849 enum SSL_R_SSL2_CONNECTION_ID_TOO_LONG = 299; 2850 enum SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT = 321; 2851 enum SSL_R_SSL3_EXT_INVALID_SERVERNAME = 319; 2852 enum SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE = 320; 2853 enum SSL_R_SSL3_SESSION_ID_TOO_LONG = 300; 2854 enum SSL_R_SSL3_SESSION_ID_TOO_SHORT = 222; 2855 enum SSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 1042; 2856 enum SSL_R_SSLV3_ALERT_BAD_RECORD_MAC = 1020; 2857 enum SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED = 1045; 2858 enum SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED = 1044; 2859 enum SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 1046; 2860 enum SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE = 1030; 2861 enum SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE = 1040; 2862 enum SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER = 1047; 2863 enum SSL_R_SSLV3_ALERT_NO_CERTIFICATE = 1041; 2864 enum SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE = 1010; 2865 enum SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE = 1043; 2866 enum SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION = 228; 2867 enum SSL_R_SSL_HANDSHAKE_FAILURE = 229; 2868 enum SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS = 230; 2869 enum SSL_R_SSL_SESSION_ID_CALLBACK_FAILED = 301; 2870 enum SSL_R_SSL_SESSION_ID_CONFLICT = 302; 2871 enum SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG = 273; 2872 enum SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH = 303; 2873 enum SSL_R_SSL_SESSION_ID_IS_DIFFERENT = 231; 2874 enum SSL_R_SSL_SESSION_ID_TOO_LONG = 408; 2875 enum SSL_R_TLSV1_ALERT_ACCESS_DENIED = 1049; 2876 enum SSL_R_TLSV1_ALERT_DECODE_ERROR = 1050; 2877 enum SSL_R_TLSV1_ALERT_DECRYPTION_FAILED = 1021; 2878 enum SSL_R_TLSV1_ALERT_DECRYPT_ERROR = 1051; 2879 enum SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION = 1060; 2880 enum SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK = 1086; 2881 enum SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY = 1071; 2882 enum SSL_R_TLSV1_ALERT_INTERNAL_ERROR = 1080; 2883 enum SSL_R_TLSV1_ALERT_NO_RENEGOTIATION = 1100; 2884 enum SSL_R_TLSV1_ALERT_PROTOCOL_VERSION = 1070; 2885 enum SSL_R_TLSV1_ALERT_RECORD_OVERFLOW = 1022; 2886 enum SSL_R_TLSV1_ALERT_UNKNOWN_CA = 1048; 2887 enum SSL_R_TLSV1_ALERT_USER_CANCELLED = 1090; 2888 enum SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE = 1114; 2889 enum SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE = 1113; 2890 enum SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE = 1111; 2891 enum SSL_R_TLSV1_UNRECOGNIZED_NAME = 1112; 2892 enum SSL_R_TLSV1_UNSUPPORTED_EXTENSION = 1110; 2893 enum SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER = 232; 2894 enum SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT = 365; 2895 enum SSL_R_TLS_HEARTBEAT_PENDING = 366; 2896 enum SSL_R_TLS_ILLEGAL_EXPORTER_LABEL = 367; 2897 enum SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST = 157; 2898 enum SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST = 233; 2899 enum SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG = 234; 2900 enum SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER = 235; 2901 enum SSL_R_UNABLE_TO_DECODE_DH_CERTS = 236; 2902 enum SSL_R_UNABLE_TO_DECODE_ECDH_CERTS = 313; 2903 enum SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY = 237; 2904 enum SSL_R_UNABLE_TO_FIND_DH_PARAMETERS = 238; 2905 enum SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS = 314; 2906 enum SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS = 239; 2907 enum SSL_R_UNABLE_TO_FIND_SSL_METHOD = 240; 2908 enum SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES = 241; 2909 enum SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES = 242; 2910 enum SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES = 243; 2911 enum SSL_R_UNEXPECTED_MESSAGE = 244; 2912 enum SSL_R_UNEXPECTED_RECORD = 245; 2913 enum SSL_R_UNINITIALIZED = 276; 2914 enum SSL_R_UNKNOWN_ALERT_TYPE = 246; 2915 enum SSL_R_UNKNOWN_CERTIFICATE_TYPE = 247; 2916 enum SSL_R_UNKNOWN_CIPHER_RETURNED = 248; 2917 enum SSL_R_UNKNOWN_CIPHER_TYPE = 249; 2918 enum SSL_R_UNKNOWN_DIGEST = 368; 2919 enum SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE = 250; 2920 enum SSL_R_UNKNOWN_PKEY_TYPE = 251; 2921 enum SSL_R_UNKNOWN_PROTOCOL = 252; 2922 enum SSL_R_UNKNOWN_REMOTE_ERROR_TYPE = 253; 2923 enum SSL_R_UNKNOWN_SSL_VERSION = 254; 2924 enum SSL_R_UNKNOWN_STATE = 255; 2925 enum SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED = 338; 2926 enum SSL_R_UNSUPPORTED_CIPHER = 256; 2927 enum SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM = 257; 2928 enum SSL_R_UNSUPPORTED_DIGEST_TYPE = 326; 2929 enum SSL_R_UNSUPPORTED_ELLIPTIC_CURVE = 315; 2930 enum SSL_R_UNSUPPORTED_PROTOCOL = 258; 2931 enum SSL_R_UNSUPPORTED_SSL_VERSION = 259; 2932 enum SSL_R_UNSUPPORTED_STATUS_TYPE = 329; 2933 enum SSL_R_USE_SRTP_NOT_NEGOTIATED = 369; 2934 enum SSL_R_WRITE_BIO_NOT_SET = 260; 2935 enum SSL_R_WRONG_CIPHER_RETURNED = 261; 2936 enum SSL_R_WRONG_CURVE = 378; 2937 enum SSL_R_WRONG_MESSAGE_TYPE = 262; 2938 enum SSL_R_WRONG_NUMBER_OF_KEY_BITS = 263; 2939 enum SSL_R_WRONG_SIGNATURE_LENGTH = 264; 2940 enum SSL_R_WRONG_SIGNATURE_SIZE = 265; 2941 enum SSL_R_WRONG_SIGNATURE_TYPE = 370; 2942 enum SSL_R_WRONG_SSL_VERSION = 266; 2943 enum SSL_R_WRONG_VERSION_NUMBER = 267; 2944 enum SSL_R_X509_LIB = 268; 2945 enum SSL_R_X509_VERIFICATION_SETUP_PROBLEMS = 269; 2946 enum SSL_R_PEER_BEHAVING_BADLY = 666; 2947 enum SSL_R_UNKNOWN = 999; 2948 2949 /* 2950 * OpenSSL compatible OPENSSL_INIT options 2951 */ 2952 2953 /* 2954 * These are provided for compatibiliy, but have no effect 2955 * on how LibreSSL is initialized. 2956 */ 2957 enum OPENSSL_INIT_LOAD_SSL_STRINGS = libressl_d.openssl.crypto._OPENSSL_INIT_FLAG_NOOP; 2958 enum OPENSSL_INIT_SSL_DEFAULT = libressl_d.openssl.crypto._OPENSSL_INIT_FLAG_NOOP; 2959 2960 int OPENSSL_init_ssl(core.stdc.stdint.uint64_t opts, const (void)* settings);