aboutsummaryrefslogtreecommitdiff
path: root/ssl/ssl3.h
diff options
context:
space:
mode:
Diffstat (limited to 'ssl/ssl3.h')
-rw-r--r--ssl/ssl3.h13
1 files changed, 10 insertions, 3 deletions
diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index cba94345f3..6dc0817920 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -393,8 +393,12 @@ typedef struct ssl3_buffer_st
#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
#define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
#define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020
+/*
+ * Set when the handshake is ready to process peer's ChangeCipherSpec message.
+ * Cleared after the message has been processed.
+ */
#define SSL3_FLAGS_CCS_OK 0x0080
-
+
/* SSL3_FLAGS_SGC_RESTART_DONE is set when we
* restart a handshake because of MS SGC and so prevents us
* from restarting the handshake in a loop. It's reset on a
@@ -456,8 +460,11 @@ typedef struct ssl3_state_st
* and freed and MD_CTX-es for all required digests are stored in
* this array */
EVP_MD_CTX **handshake_dgst;
- /* this is set whenerver we see a change_cipher_spec message
- * come in when we are not looking for one */
+ /*
+ * Set whenever an expected ChangeCipherSpec message is processed.
+ * Unset when the peer's Finished message is received.
+ * Unexpected ChangeCipherSpec messages trigger a fatal alert.
+ */
int change_cipher_spec;
int warn_alert;
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-08 16:04:46 +0000