76 lines
3.2 KiB
Diff
76 lines
3.2 KiB
Diff
--- google_boringssl/ssl/internal.h 2021-02-03 18:29:04.000000000 -0800
|
|
+++ boringssl/ssl/internal.h 2021-02-03 20:24:49.000000000 -0800
|
|
@@ -138,6 +138,25 @@
|
|
* OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
|
|
* OTHERWISE.
|
|
*/
|
|
+/* ====================================================================
|
|
+ * Copyright 2020 Apple Inc.
|
|
+ *
|
|
+ * Permission is hereby granted, free of charge, to any person obtaining a
|
|
+ * copy of this software and associated documentation files (the “Software”),
|
|
+ * to deal in the Software without restriction, including without limitation
|
|
+ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
|
|
+ * and/or sell copies of the Software, and to permit persons to whom
|
|
+ * the Software is furnished to do so, subject to the following conditions:
|
|
+ * The above copyright notice and this permission notice shall be included in
|
|
+ * all copies or substantial portions of the Software.
|
|
+ * THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS
|
|
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
|
|
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
|
|
+ * IN THE SOFTWARE.
|
|
+ */
|
|
|
|
#ifndef OPENSSL_HEADER_SSL_INTERNAL_H
|
|
#define OPENSSL_HEADER_SSL_INTERNAL_H
|
|
@@ -1279,6 +1298,8 @@
|
|
// configured.
|
|
bool ssl_has_certificate(const SSL_HANDSHAKE *hs);
|
|
|
|
+bool ssl_has_raw_public_key_certificate(const SSL_HANDSHAKE *hs);
|
|
+
|
|
// ssl_parse_cert_chain parses a certificate list from |cbs| in the format used
|
|
// by a TLS Certificate message. On success, it advances |cbs| and returns
|
|
// true. Otherwise, it returns false and sets |*out_alert| to an alert to send
|
|
@@ -1687,6 +1708,8 @@
|
|
// |cert_compression_negotiated| is true.
|
|
uint16_t cert_compression_alg_id;
|
|
|
|
+ uint8_t server_certificate_type;
|
|
+
|
|
// ech_hpke_ctx is the HPKE context used in ECH. On the server, it is
|
|
// initialized if |ech_status| is |ssl_ech_accepted|. On the client, it is
|
|
// initialized if |selected_ech_config| is not nullptr.
|
|
@@ -1817,6 +1840,8 @@
|
|
// cert_compression_negotiated is true iff |cert_compression_alg_id| is valid.
|
|
bool cert_compression_negotiated : 1;
|
|
|
|
+ bool server_certificate_type_negotiated : 1;
|
|
+
|
|
// apply_jdk11_workaround is true if the peer is probably a JDK 11 client
|
|
// which implemented TLS 1.3 incorrectly.
|
|
bool apply_jdk11_workaround : 1;
|
|
@@ -2731,6 +2756,9 @@
|
|
// along with their corresponding ALPS values.
|
|
GrowableArray<ALPSConfig> alps_configs;
|
|
|
|
+ Array<uint8_t> server_certificate_type_list;
|
|
+ Array<uint8_t> server_raw_public_key_certificate;
|
|
+
|
|
// Contains the QUIC transport params that this endpoint will send.
|
|
Array<uint8_t> quic_transport_params;
|
|
|
|
@@ -3306,6 +3334,9 @@
|
|
// format.
|
|
bssl::Array<uint8_t> alpn_client_proto_list;
|
|
|
|
+ bssl::Array<uint8_t> server_certificate_type_list;
|
|
+ bssl::Array<uint8_t> server_raw_public_key_certificate;
|
|
+
|
|
// SRTP profiles we are willing to do from RFC 5764
|
|
bssl::UniquePtr<STACK_OF(SRTP_PROTECTION_PROFILE)> srtp_profiles;
|
|
|