[ffftp/ffftp.git] / contrib / openssl / include / openssl / dtls1.h

/* ssl/dtls1.h */\r
/*\r
 * DTLS implementation written by Nagendra Modadugu\r
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.\r
 */\r
/* ====================================================================\r
 * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.\r
 *\r
 * Redistribution and use in source and binary forms, with or without\r
 * modification, are permitted provided that the following conditions\r
 * are met:\r
 *\r
 * 1. Redistributions of source code must retain the above copyright\r
 *    notice, this list of conditions and the following disclaimer.\r
 *\r
 * 2. Redistributions in binary form must reproduce the above copyright\r
 *    notice, this list of conditions and the following disclaimer in\r
 *    the documentation and/or other materials provided with the\r
 *    distribution.\r
 *\r
 * 3. All advertising materials mentioning features or use of this\r
 *    software must display the following acknowledgment:\r
 *    "This product includes software developed by the OpenSSL Project\r
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"\r
 *\r
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to\r
 *    endorse or promote products derived from this software without\r
 *    prior written permission. For written permission, please contact\r
 *    openssl-core@OpenSSL.org.\r
 *\r
 * 5. Products derived from this software may not be called "OpenSSL"\r
 *    nor may "OpenSSL" appear in their names without prior written\r
 *    permission of the OpenSSL Project.\r
 *\r
 * 6. Redistributions of any form whatsoever must retain the following\r
 *    acknowledgment:\r
 *    "This product includes software developed by the OpenSSL Project\r
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"\r
 *\r
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY\r
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\r
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\r
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR\r
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\r
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\r
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;\r
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\r
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,\r
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED\r
 * OF THE POSSIBILITY OF SUCH DAMAGE.\r
 * ====================================================================\r
 *\r
 * This product includes cryptographic software written by Eric Young\r
 * (eay@cryptsoft.com).  This product includes software written by Tim\r
 * Hudson (tjh@cryptsoft.com).\r
 *\r
 */\r
\r
#ifndef HEADER_DTLS1_H\r
# define HEADER_DTLS1_H\r
\r
# include <openssl/buffer.h>\r
# include <openssl/pqueue.h>\r
# ifdef OPENSSL_SYS_VMS\r
#  include <resource.h>\r
#  include <sys/timeb.h>\r
# endif\r
# ifdef OPENSSL_SYS_WIN32\r
/* Needed for struct timeval */\r
#  include <winsock.h>\r
# elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)\r
#  include <sys/timeval.h>\r
# else\r
#  if defined(OPENSSL_SYS_VXWORKS)\r
#   include <sys/times.h>\r
#  else\r
#   include <sys/time.h>\r
#  endif\r
# endif\r
\r
#ifdef  __cplusplus\r
extern "C" {\r
#endif\r
\r
# define DTLS1_VERSION                   0xFEFF\r
# define DTLS1_2_VERSION                 0xFEFD\r
# define DTLS_MAX_VERSION                DTLS1_2_VERSION\r
# define DTLS1_VERSION_MAJOR             0xFE\r
\r
# define DTLS1_BAD_VER                   0x0100\r
\r
/* Special value for method supporting multiple versions */\r
# define DTLS_ANY_VERSION                0x1FFFF\r
\r
# if 0\r
/* this alert description is not specified anywhere... */\r
#  define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE    110\r
# endif\r
\r
/* lengths of messages */\r
# define DTLS1_COOKIE_LENGTH                     256\r
\r
# define DTLS1_RT_HEADER_LENGTH                  13\r
\r
# define DTLS1_HM_HEADER_LENGTH                  12\r
\r
# define DTLS1_HM_BAD_FRAGMENT                   -2\r
# define DTLS1_HM_FRAGMENT_RETRY                 -3\r
\r
# define DTLS1_CCS_HEADER_LENGTH                  1\r
\r
# ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE\r
#  define DTLS1_AL_HEADER_LENGTH                   7\r
# else\r
#  define DTLS1_AL_HEADER_LENGTH                   2\r
# endif\r
\r
# ifndef OPENSSL_NO_SSL_INTERN\r
\r
#  ifndef OPENSSL_NO_SCTP\r
#   define DTLS1_SCTP_AUTH_LABEL   "EXPORTER_DTLS_OVER_SCTP"\r
#  endif\r
\r
/* Max MTU overhead we know about so far is 40 for IPv6 + 8 for UDP */\r
#  define DTLS1_MAX_MTU_OVERHEAD                   48\r
\r
typedef struct dtls1_bitmap_st {\r
    unsigned long map;          /* track 32 packets on 32-bit systems and 64\r
                                 * - on 64-bit systems */\r
    unsigned char max_seq_num[8]; /* max record number seen so far, 64-bit\r
                                   * value in big-endian encoding */\r
} DTLS1_BITMAP;\r
\r
struct dtls1_retransmit_state {\r
    EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */\r
    EVP_MD_CTX *write_hash;     /* used for mac generation */\r
#  ifndef OPENSSL_NO_COMP\r
    COMP_CTX *compress;         /* compression */\r
#  else\r
    char *compress;\r
#  endif\r
    SSL_SESSION *session;\r
    unsigned short epoch;\r
};\r
\r
struct hm_header_st {\r
    unsigned char type;\r
    unsigned long msg_len;\r
    unsigned short seq;\r
    unsigned long frag_off;\r
    unsigned long frag_len;\r
    unsigned int is_ccs;\r
    struct dtls1_retransmit_state saved_retransmit_state;\r
};\r
\r
struct ccs_header_st {\r
    unsigned char type;\r
    unsigned short seq;\r
};\r
\r
struct dtls1_timeout_st {\r
    /* Number of read timeouts so far */\r
    unsigned int read_timeouts;\r
    /* Number of write timeouts so far */\r
    unsigned int write_timeouts;\r
    /* Number of alerts received so far */\r
    unsigned int num_alerts;\r
};\r
\r
typedef struct record_pqueue_st {\r
    unsigned short epoch;\r
    pqueue q;\r
} record_pqueue;\r
\r
typedef struct hm_fragment_st {\r
    struct hm_header_st msg_header;\r
    unsigned char *fragment;\r
    unsigned char *reassembly;\r
} hm_fragment;\r
\r
typedef struct dtls1_state_st {\r
    unsigned int send_cookie;\r
    unsigned char cookie[DTLS1_COOKIE_LENGTH];\r
    unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];\r
    unsigned int cookie_len;\r
    /*\r
     * The current data and handshake epoch.  This is initially\r
     * undefined, and starts at zero once the initial handshake is\r
     * completed\r
     */\r
    unsigned short r_epoch;\r
    unsigned short w_epoch;\r
    /* records being received in the current epoch */\r
    DTLS1_BITMAP bitmap;\r
    /* renegotiation starts a new set of sequence numbers */\r
    DTLS1_BITMAP next_bitmap;\r
    /* handshake message numbers */\r
    unsigned short handshake_write_seq;\r
    unsigned short next_handshake_write_seq;\r
    unsigned short handshake_read_seq;\r
    /* save last sequence number for retransmissions */\r
    unsigned char last_write_sequence[8];\r
    /* Received handshake records (processed and unprocessed) */\r
    record_pqueue unprocessed_rcds;\r
    record_pqueue processed_rcds;\r
    /* Buffered handshake messages */\r
    pqueue buffered_messages;\r
    /* Buffered (sent) handshake records */\r
    pqueue sent_messages;\r
    /*\r
     * Buffered application records. Only for records between CCS and\r
     * Finished to prevent either protocol violation or unnecessary message\r
     * loss.\r
     */\r
    record_pqueue buffered_app_data;\r
    /* Is set when listening for new connections with dtls1_listen() */\r
    unsigned int listen;\r
    unsigned int link_mtu;      /* max on-the-wire DTLS packet size */\r
    unsigned int mtu;           /* max DTLS packet size */\r
    struct hm_header_st w_msg_hdr;\r
    struct hm_header_st r_msg_hdr;\r
    struct dtls1_timeout_st timeout;\r
    /*\r
     * Indicates when the last handshake msg or heartbeat sent will timeout\r
     */\r
    struct timeval next_timeout;\r
    /* Timeout duration */\r
    unsigned short timeout_duration;\r
    /*\r
     * storage for Alert/Handshake protocol data received but not yet\r
     * processed by ssl3_read_bytes:\r
     */\r
    unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];\r
    unsigned int alert_fragment_len;\r
    unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];\r
    unsigned int handshake_fragment_len;\r
    unsigned int retransmitting;\r
    /*\r
     * Set when the handshake is ready to process peer's ChangeCipherSpec message.\r
     * Cleared after the message has been processed.\r
     */\r
    unsigned int change_cipher_spec_ok;\r
#  ifndef OPENSSL_NO_SCTP\r
    /* used when SSL_ST_XX_FLUSH is entered */\r
    int next_state;\r
    int shutdown_received;\r
#  endif\r
} DTLS1_STATE;\r
\r
typedef struct dtls1_record_data_st {\r
    unsigned char *packet;\r
    unsigned int packet_length;\r
    SSL3_BUFFER rbuf;\r
    SSL3_RECORD rrec;\r
#  ifndef OPENSSL_NO_SCTP\r
    struct bio_dgram_sctp_rcvinfo recordinfo;\r
#  endif\r
} DTLS1_RECORD_DATA;\r
\r
# endif\r
\r
/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */\r
# define DTLS1_TMO_READ_COUNT                      2\r
# define DTLS1_TMO_WRITE_COUNT                     2\r
\r
# define DTLS1_TMO_ALERT_COUNT                     12\r
\r
#ifdef  __cplusplus\r
}\r
#endif\r
#endif\r