diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/Makefile.am | 15 | ||||
-rw-r--r-- | include/compat/sys/socket.h | 1 | ||||
-rw-r--r-- | include/compat/sys/types.h | 12 | ||||
-rw-r--r-- | include/compat/unistd.h | 4 | ||||
-rw-r--r-- | include/tls.h | 34 |
5 files changed, 29 insertions, 37 deletions
diff --git a/include/Makefile.am b/include/Makefile.am index aed6721..077637d 100644 --- a/include/Makefile.am +++ b/include/Makefile.am @@ -44,4 +44,19 @@ noinst_HEADERS += compat/sys/time.h noinst_HEADERS += compat/sys/types.h noinst_HEADERS += compat/sys/uio.h +noinst_HEADERS += arch/aarch64/opensslconf.h +noinst_HEADERS += arch/alpha/opensslconf.h +noinst_HEADERS += arch/amd64/opensslconf.h +noinst_HEADERS += arch/arm/opensslconf.h +noinst_HEADERS += arch/hppa/opensslconf.h +noinst_HEADERS += arch/i386/opensslconf.h +noinst_HEADERS += arch/m88k/opensslconf.h +noinst_HEADERS += arch/mips/opensslconf.h +noinst_HEADERS += arch/mips64/opensslconf.h +noinst_HEADERS += arch/powerpc/opensslconf.h +noinst_HEADERS += arch/powerpc64/opensslconf.h +noinst_HEADERS += arch/riscv64/opensslconf.h +noinst_HEADERS += arch/sh/opensslconf.h +noinst_HEADERS += arch/sparc64/opensslconf.h + include_HEADERS = tls.h diff --git a/include/compat/sys/socket.h b/include/compat/sys/socket.h index 10eb05f..2f0b197 100644 --- a/include/compat/sys/socket.h +++ b/include/compat/sys/socket.h @@ -10,6 +10,7 @@ #endif #if !defined(SOCK_NONBLOCK) || !defined(SOCK_CLOEXEC) +#define NEED_SOCKET_FLAGS #define SOCK_CLOEXEC 0x8000 /* set FD_CLOEXEC */ #define SOCK_NONBLOCK 0x4000 /* set O_NONBLOCK */ int bsd_socketpair(int domain, int type, int protocol, int socket_vector[2]); diff --git a/include/compat/sys/types.h b/include/compat/sys/types.h index 4967843..59664bc 100644 --- a/include/compat/sys/types.h +++ b/include/compat/sys/types.h @@ -45,18 +45,6 @@ typedef SSIZE_T ssize_t; #endif -#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__bounded__) -# define __bounded__(x, y, z) -#endif - -#if !defined(HAVE_ATTRIBUTE__DEAD) && !defined(__dead) -#ifdef _MSC_VER -#define __dead __declspec(noreturn) -#else -#define __dead __attribute__((__noreturn__)) -#endif -#endif - #ifdef _WIN32 #define __warn_references(sym,msg) #else diff --git a/include/compat/unistd.h b/include/compat/unistd.h index 5e6ab1d..2583a6e 100644 --- a/include/compat/unistd.h +++ b/include/compat/unistd.h @@ -64,6 +64,10 @@ int getentropy(void *buf, size_t buflen); #endif #endif +#ifndef HAVE_GETOPT +#include <getopt.h> +#endif + #ifndef HAVE_GETPAGESIZE int getpagesize(void); #endif diff --git a/include/tls.h b/include/tls.h index 429c171..59b2c4c 100644 --- a/include/tls.h +++ b/include/tls.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls.h,v 1.61 2022/02/01 17:18:38 jsing Exp $ */ +/* $OpenBSD: tls.h,v 1.63 2023/07/02 06:37:27 beck Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -36,14 +36,18 @@ typedef SSIZE_T ssize_t; #define TLS_API 20200120 -#define TLS_PROTOCOL_TLSv1_0 (1 << 1) -#define TLS_PROTOCOL_TLSv1_1 (1 << 2) +/* + * Deprecated versions of TLS. Using these effectively selects + * the minimum supported version. + */ +#define TLS_PROTOCOL_TLSv1_0 (1 << 3) +#define TLS_PROTOCOL_TLSv1_1 (1 << 3) +/* Supported versions of TLS */ #define TLS_PROTOCOL_TLSv1_2 (1 << 3) #define TLS_PROTOCOL_TLSv1_3 (1 << 4) #define TLS_PROTOCOL_TLSv1 \ - (TLS_PROTOCOL_TLSv1_0|TLS_PROTOCOL_TLSv1_1|\ - TLS_PROTOCOL_TLSv1_2|TLS_PROTOCOL_TLSv1_3) + (TLS_PROTOCOL_TLSv1_2|TLS_PROTOCOL_TLSv1_3) #define TLS_PROTOCOLS_ALL TLS_PROTOCOL_TLSv1 #define TLS_PROTOCOLS_DEFAULT (TLS_PROTOCOL_TLSv1_2|TLS_PROTOCOL_TLSv1_3) @@ -79,10 +83,6 @@ typedef SSIZE_T ssize_t; #define TLS_MAX_SESSION_ID_LENGTH 32 #define TLS_TICKET_KEY_SIZE 48 -#define TLS_PADDING_NONE 0 -#define TLS_PADDING_RSA_PKCS1 1 -#define TLS_PADDING_RSA_X9_31 2 - struct tls; struct tls_config; @@ -90,9 +90,6 @@ typedef ssize_t (*tls_read_cb)(struct tls *_ctx, void *_buf, size_t _buflen, void *_cb_arg); typedef ssize_t (*tls_write_cb)(struct tls *_ctx, const void *_buf, size_t _buflen, void *_cb_arg); -typedef int (*tls_sign_cb)(void *_cb_arg, const char *_pubkey_hash, - const uint8_t *_input, size_t _input_len, int _padding_type, - uint8_t **_out_signature, size_t *_out_signature_len); int tls_init(void); @@ -149,8 +146,6 @@ int tls_config_set_ocsp_staple_file(struct tls_config *_config, int tls_config_set_protocols(struct tls_config *_config, uint32_t _protocols); int tls_config_set_session_fd(struct tls_config *_config, int _session_fd); int tls_config_set_verify_depth(struct tls_config *_config, int _verify_depth); -int tls_config_set_sign_cb(struct tls_config *_config, tls_sign_cb _cb, - void *_cb_arg); void tls_config_prefer_ciphers_client(struct tls_config *_config); void tls_config_prefer_ciphers_server(struct tls_config *_config); @@ -228,17 +223,6 @@ time_t tls_peer_ocsp_revocation_time(struct tls *_ctx); time_t tls_peer_ocsp_this_update(struct tls *_ctx); const char *tls_peer_ocsp_url(struct tls *_ctx); -struct tls_signer* tls_signer_new(void); -void tls_signer_free(struct tls_signer * _signer); -const char *tls_signer_error(struct tls_signer * _signer); -int tls_signer_add_keypair_file(struct tls_signer *_signer, - const char *_cert_file, const char *_key_file); -int tls_signer_add_keypair_mem(struct tls_signer *_signer, const uint8_t *_cert, - size_t _cert_len, const uint8_t *_key, size_t _key_len); -int tls_signer_sign(struct tls_signer *_signer, const char *_pubkey_hash, - const uint8_t *_input, size_t _input_len, int _padding_type, - uint8_t **_out_signature, size_t *_out_signature_len); - #ifdef __cplusplus } #endif |