Upgrade to openssl-0.9.8k.
The source tree (and the size of the compiled library)
can be reduced further. This will be done in a future
commit.
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index de94c0d..ed4ddbb 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -124,7 +124,9 @@
#include "e_os.h"
#include <openssl/buffer.h>
+#ifndef OPENSSL_NO_COMP
#include <openssl/comp.h>
+#endif
#include <openssl/bio.h>
#include <openssl/stack.h>
#ifndef OPENSSL_NO_RSA
@@ -330,8 +332,9 @@
#define SSL_LOW 0x00000020L
#define SSL_MEDIUM 0x00000040L
#define SSL_HIGH 0x00000080L
+#define SSL_FIPS 0x00000100L
-/* we have used 000000ff - 24 bits left to go */
+/* we have used 000001ff - 23 bits left to go */
/*
* Macros to check the export status and cipher strength for export ciphers.
@@ -499,6 +502,7 @@
int (*alert_value)(int);
} SSL3_ENC_METHOD;
+#ifndef OPENSSL_NO_COMP
/* Used for holding the relevant compression methods loaded into SSL_CTX */
typedef struct ssl3_comp_st
{
@@ -506,6 +510,7 @@
char *name; /* Text name used for the compression type */
COMP_METHOD *method; /* The method :-) */
} SSL3_COMP;
+#endif
extern SSL3_ENC_METHOD ssl3_undef_enc_method;
OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[];
@@ -874,6 +879,7 @@
int ssl3_get_cert_status(SSL *s);
int ssl3_get_server_done(SSL *s);
int ssl3_send_client_verify(SSL *s);
+int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey);
int ssl3_send_client_certificate(SSL *s);
int ssl3_send_client_key_exchange(SSL *s);
int ssl3_get_key_exchange(SSL *s);