search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
*** empty log message ***
[gnutls.git] / lib / gnutls_int.h
blobfe56cdbc6ab71d6ac81cde1f4d35b2279906d115
1 /*
2 * Copyright (C) 2000,2001,2002 Nikos Mavroyanopoulos
3 *
4 * This file is part of GNUTLS.
5 *
6 * The GNUTLS library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 *
20 */
21
22 #ifndef GNUTLS_INT_H
23
24 #define GNUTLS_INT_H
25
26 #include <defines.h>
27
28 /*
29 #define IO_DEBUG 3 // define this to check non blocking behaviour
30 #define BUFFERS_DEBUG
31 #define HARD_DEBUG
32 #define WRITE_DEBUG
33 #define READ_DEBUG
34 #define HANDSHAKE_DEBUG // Prints some information on handshake
35 #define X509_DEBUG
36 #define RECORD_DEBUG
37 #define DEBUG
38 */
39
40 /* It might be a good idea to replace int with void*
41 * here.
42 */
43 #define GNUTLS_TRANSPORT_PTR int
44
45 typedef const int* GNUTLS_LIST;
46
47 #define MIN_BITS 767
48
49 #define MAX32 4294967295
50 #define MAX24 16777215
51 #define MAX16 65535
52
53 /* The size of a handshake message should not
54 * be larger than this value.
55 */
56 #define MAX_HANDSHAKE_PACKET_SIZE 16*1024
57
58 #define TLS_RANDOM_SIZE 32
59 #define TLS_MAX_SESSION_ID_SIZE 32
60 #define TLS_MASTER_SIZE 48
61 #define MAX_HASH_SIZE 20
62
63 #define MAX_X509_CERT_SIZE 10*1024
64 #define MAX_LOG_SIZE 1024 /* maximum number of log message */
65 #define MAX_SRP_USERNAME 256
66
67 #define MAX_EXT_TYPES 16
68
69 /* The initial size of the receive
70 * buffer size. This will grow if larger
71 * packets are received.
72 */
73 #define INITIAL_RECV_BUFFER_SIZE 256
74
75 /* the default for TCP */
76 #define DEFAULT_LOWAT 1
77
78 /* expire time for resuming sessions */
79 #define DEFAULT_EXPIRE_TIME 3600
80
81 /* the maximum size of encrypted packets */
82 #define DEFAULT_MAX_RECORD_SIZE 16384
83 #define RECORD_HEADER_SIZE 5
84 #define MAX_RECORD_SIZE state->security_parameters.max_record_size
85 #define MAX_PAD_SIZE 255
86 #define EXTRA_COMP_SIZE 2048
87 #define MAX_RECORD_OVERHEAD MAX_PAD_SIZE+EXTRA_COMP_SIZE
88 #define MAX_RECV_SIZE MAX_RECORD_OVERHEAD+MAX_RECORD_SIZE+RECORD_HEADER_SIZE
89
90 #define HANDSHAKE_HEADER_SIZE 4
91
92 #include <gnutls_mem.h>
93 #include <gnutls_ui.h>
94
95 #define DECR_LEN(len, x) len-=x; if (len<0) {gnutls_assert(); return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;}
96 #define DECR_LENGTH_RET(len, x, RET) len-=x; if (len<0) {gnutls_assert(); return RET;}
97 #define DECR_LENGTH_COM(len, x, COM) len-=x; if (len<0) {gnutls_assert(); COM;}
98
99 typedef unsigned char opaque;
100 typedef struct { opaque pint[3]; } uint24;
101
102 # include <gnutls_mpi.h>
103
104 typedef enum crypt_algo { SRPSHA1_CRYPT, BLOWFISH_CRYPT=2 } crypt_algo;
105 typedef enum ChangeCipherSpecType { GNUTLS_TYPE_CHANGE_CIPHER_SPEC=1 } ChangeCipherSpecType;
106
107 typedef enum CertificateStatus {
108 GNUTLS_CERT_NOT_TRUSTED=2,
109 GNUTLS_CERT_INVALID=4,
110 GNUTLS_CERT_CORRUPTED=16,
111 GNUTLS_CERT_REVOKED=32
112 } CertificateStatus;
113 #define GNUTLS_CertificateStatus CertificateStatus
114
115 typedef enum CertificateRequest { GNUTLS_CERT_IGNORE,
116 GNUTLS_CERT_REQUEST=1, GNUTLS_CERT_REQUIRE
117 } CertificateRequest;
118 #define GNUTLS_CertificateRequest CertificateRequest
119
120 typedef enum GNUTLS_OpenPGPKeyStatus { GNUTLS_OPENPGP_KEY,
121 GNUTLS_OPENPGP_KEY_FINGERPRINT
122 } GNUTLS_OpenPGPKeyStatus;
123
124 typedef enum CloseRequest { GNUTLS_SHUT_RDWR=0, GNUTLS_SHUT_WR=1
125 } CloseRequest;
126 #define GNUTLS_CloseRequest CloseRequest
127
128 typedef enum HandshakeState { STATE0=0, STATE1, STATE2, STATE3, STATE4, STATE5,
129 STATE6, STATE7, STATE8, STATE9, STATE10, STATE11, STATE20=20, STATE21,
130 STATE30=30, STATE31, STATE50=50, STATE60=60, STATE61 } HandshakeState;
131
132 typedef enum HandshakeType { GNUTLS_HELLO_REQUEST, GNUTLS_CLIENT_HELLO, GNUTLS_SERVER_HELLO,
133 GNUTLS_CERTIFICATE_PKT=11, GNUTLS_SERVER_KEY_EXCHANGE,
134 GNUTLS_CERTIFICATE_REQUEST, GNUTLS_SERVER_HELLO_DONE,
135 GNUTLS_CERTIFICATE_VERIFY, GNUTLS_CLIENT_KEY_EXCHANGE,
136 GNUTLS_FINISHED=20 } HandshakeType;
137
138 typedef struct {
139 opaque * data;
140 int size;
141 } gnutls_datum;
142 typedef gnutls_datum gnutls_sdatum;
143
144 #define MAX_ALGOS 8
145 #define MAX_CIPHERSUITES 256
146
147 /* STATE */
148 typedef enum ConnectionEnd { GNUTLS_SERVER=1, GNUTLS_CLIENT
149 } ConnectionEnd;
150 #define GNUTLS_ConnectionEnd ConnectionEnd
151
152 typedef enum BulkCipherAlgorithm { GNUTLS_CIPHER_NULL=1,
153 GNUTLS_CIPHER_ARCFOUR, GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_RIJNDAEL_128_CBC,
154 GNUTLS_CIPHER_TWOFISH_128_CBC, GNUTLS_CIPHER_RIJNDAEL_256_CBC
155 } BulkCipherAlgorithm;
156 #define GNUTLS_BulkCipherAlgorithm BulkCipherAlgorithm
157
158 typedef enum Extensions { GNUTLS_EXTENSION_MAX_RECORD_SIZE=1, GNUTLS_EXTENSION_SRP=6, GNUTLS_EXTENSION_CERT_TYPE=7
159 } Extensions;
160
161 typedef enum KXAlgorithm { GNUTLS_KX_RSA=1, GNUTLS_KX_DHE_DSS,
162 GNUTLS_KX_DHE_RSA, GNUTLS_KX_ANON_DH, GNUTLS_KX_SRP
163 } KXAlgorithm;
164 #define GNUTLS_KXAlgorithm KXAlgorithm
165
166 typedef enum CertificateType { GNUTLS_CRT_X509=1, GNUTLS_CRT_OPENPGP
167 } CertificateType;
168 #define GNUTLS_CertificateType CertificateType
169
170 typedef enum CredType { GNUTLS_CRD_CERTIFICATE=1, GNUTLS_CRD_ANON, GNUTLS_CRD_SRP
171 } CredType;
172 #define GNUTLS_CredType CredType
173
174 typedef enum CipherType { CIPHER_STREAM, CIPHER_BLOCK } CipherType;
175
176 typedef enum CompressionMethod { GNUTLS_COMP_NULL=1, GNUTLS_COMP_ZLIB
177 } CompressionMethod;
178 #define GNUTLS_CompressionMethod CompressionMethod
179
180 typedef enum MACAlgorithm { GNUTLS_MAC_NULL=1, GNUTLS_MAC_MD5,
181 GNUTLS_MAC_SHA
182 } MACAlgorithm;
183 #define GNUTLS_MACAlgorithm MACAlgorithm
184
185 typedef enum ValidSession { VALID_TRUE, VALID_FALSE } ValidSession;
186 typedef enum ResumableSession { RESUME_TRUE, RESUME_FALSE } ResumableSession;
187
188 /* Record Protocol */
189 typedef enum ContentType { GNUTLS_CHANGE_CIPHER_SPEC=20, GNUTLS_ALERT,
190 GNUTLS_HANDSHAKE, GNUTLS_APPLICATION_DATA
191 } ContentType;
192
193 typedef enum GNUTLS_X509_CertificateFmt { GNUTLS_X509_FMT_DER,
194 GNUTLS_X509_FMT_PEM } GNUTLS_X509_CertificateFmt;
195
196 typedef enum PKAlgorithm { GNUTLS_PK_RSA = 1, GNUTLS_PK_DSA, /* sign only */
197 GNUTLS_PK_UNKNOWN
198 } PKAlgorithm;
199
200 #define GNUTLS_PKAlgorithm PKAlgorithm
201
202 /* STATE (stop) */
203
204
205 /* Pull & Push functions defines:
206 */
207 typedef ssize_t (*PULL_FUNC)(GNUTLS_TRANSPORT_PTR, void*, size_t);
208 typedef ssize_t (*PUSH_FUNC)(GNUTLS_TRANSPORT_PTR, const void*, size_t);
209 #define GNUTLS_PULL_FUNC PULL_FUNC
210 #define GNUTLS_PUSH_FUNC PUSH_FUNC
211
212 /* Store & Retrieve functions defines:
213 */
214 typedef int (*DB_STORE_FUNC)(void*, gnutls_datum key, gnutls_datum data);
215 typedef int (*DB_REMOVE_FUNC)(void*, gnutls_datum key);
216 typedef gnutls_datum (*DB_RETR_FUNC)(void*, gnutls_datum key);
217 #define GNUTLS_DB_STORE_FUNC DB_STORE_FUNC
218 #define GNUTLS_DB_REMOVE_FUNC DB_REMOVE_FUNC
219 #define GNUTLS_DB_RETR_FUNC DB_RETR_FUNC
220
221 typedef struct AUTH_CRED {
222 KXAlgorithm algorithm;
223 /* the type of credentials depends on algorithm */
224 void* credentials;
225 struct AUTH_CRED* next;
226 } AUTH_CRED;
227
228
229 struct GNUTLS_KEY_INT {
230 /* For DH KX */
231 gnutls_sdatum key;
232 MPI KEY;
233 MPI client_Y;
234 MPI client_g;
235 MPI client_p;
236 MPI dh_secret;
237 /* for SRP */
238 MPI A;
239 MPI B;
240 MPI u;
241 MPI b;
242 MPI a;
243 MPI x;
244
245 /* RSA: does not use these.
246 */
247
248 /* this is used to hold the peers authentication data
249 */
250 /* AUTH_INFO structures MAY contain malloced
251 * elements. Check gnutls_session_pack.c, and gnutls_auth.c.
252 * Rememember that this should be calloced!
253 */
254 void* auth_info;
255 CredType auth_info_type;
256 int auth_info_size; /* needed in order to store to db for restoring
257 */
258 uint8 crypt_algo;
259
260 AUTH_CRED* cred; /* used to specify keys/certificates etc */
261
262 int certificate_requested;
263 /* some ciphersuites use this
264 * to provide client authentication.
265 * 1 if client auth was requested
266 * by the peer, 0 otherwise
267 *** In case of a server this
268 * holds 1 if we should wait
269 * for a client certificate verify
270 */
271 };
272 typedef struct GNUTLS_KEY_INT* GNUTLS_KEY;
273
274
275 /* STATE (cont) */
276
277 #include <gnutls_hash_int.h>
278 #include <gnutls_cipher_int.h>
279 #include <gnutls_compress_int.h>
280 #include <gnutls_cert.h>
281
282 typedef struct {
283 uint8 CipherSuite[2];
284 } GNUTLS_CipherSuite;
285
286 /* Versions should be in order of the oldest
287 * (eg. SSL3 is before TLS1)
288 */
289 typedef enum GNUTLS_Version { GNUTLS_SSL3=1, GNUTLS_TLS1, GNUTLS_VERSION_UNKNOWN=0xff } GNUTLS_Version;
290
291 /* This structure holds parameters got from TLS extension
292 * mechanism. (some extensions may hold parameters in AUTH_INFO
293 * structures also - see SRP).
294 */
295
296 typedef struct {
297 opaque srp_username[MAX_SRP_USERNAME];
298 } TLSExtensions;
299
300 /* AUTH_INFO structures now MAY contain malloced
301 * elements.
302 */
303
304 /* This structure and AUTH_INFO, are stored in the resume database,
305 * and are restored, in case of resume.
306 * Holds all the required parameters to resume the current
307 * state.
308 */
309
310 /* if you add anything in Security_Parameters struct, then
311 * also modify CPY_COMMON in gnutls_constate.c
312 */
313 typedef struct {
314 ConnectionEnd entity;
315 KXAlgorithm kx_algorithm;
316 /* we've got separate write/read bulk/macs because
317 * there is a time in handshake where the peer has
318 * null cipher and we don't
319 */
320 BulkCipherAlgorithm read_bulk_cipher_algorithm;
321 MACAlgorithm read_mac_algorithm;
322 CompressionMethod read_compression_algorithm;
323
324 BulkCipherAlgorithm write_bulk_cipher_algorithm;
325 MACAlgorithm write_mac_algorithm;
326 CompressionMethod write_compression_algorithm;
327
328 /* this is the ciphersuite we are going to use
329 * moved here from gnutls_internals in order to be restored
330 * on resume;
331 */
332 GNUTLS_CipherSuite current_cipher_suite;
333 opaque master_secret[TLS_MASTER_SIZE];
334 opaque client_random[TLS_RANDOM_SIZE];
335 opaque server_random[TLS_RANDOM_SIZE];
336 opaque session_id[TLS_MAX_SESSION_ID_SIZE];
337 uint8 session_id_size;
338 time_t timestamp;
339 TLSExtensions extensions;
340 uint16 max_record_size;
341 /* holds the negotiated certificate type */
342 CertificateType cert_type;
343 GNUTLS_Version version; /* moved here */
344 } SecurityParameters;
345
346 /* This structure holds the generated keys
347 */
348 typedef struct {
349 gnutls_datum server_write_mac_secret;
350 gnutls_datum client_write_mac_secret;
351 gnutls_datum server_write_IV;
352 gnutls_datum client_write_IV;
353 gnutls_datum server_write_key;
354 gnutls_datum client_write_key;
355 int generated_keys; /* zero if keys have not
356 * been generated. Non zero
357 * otherwise.
358 */
359 } CipherSpecs;
360
361
362 typedef struct {
363 GNUTLS_CIPHER_HANDLE write_cipher_state;
364 GNUTLS_CIPHER_HANDLE read_cipher_state;
365 GNUTLS_COMP_HANDLE read_compression_state;
366 GNUTLS_COMP_HANDLE write_compression_state;
367 gnutls_datum read_mac_secret;
368 gnutls_datum write_mac_secret;
369 uint64 read_sequence_number;
370 uint64 write_sequence_number;
371 } ConnectionState;
372
373
374 typedef struct {
375 int algorithm_priority[MAX_ALGOS];
376 int algorithms;
377 } GNUTLS_Priority;
378
379 #define BulkCipherAlgorithm_Priority GNUTLS_Priority
380 #define MACAlgorithm_Priority GNUTLS_Priority
381 #define KXAlgorithm_Priority GNUTLS_Priority
382 #define CompressionMethod_Priority GNUTLS_Priority
383 #define Protocol_Priority GNUTLS_Priority
384 #define CertType_Priority GNUTLS_Priority
385
386 typedef int certificate_client_select_func(struct GNUTLS_STATE_INT*, const gnutls_datum *, int, const gnutls_datum *, int);
387 typedef int certificate_server_select_func(struct GNUTLS_STATE_INT*, const gnutls_datum *, int);
388 typedef int srp_server_select_func(struct GNUTLS_STATE_INT*, char**, char**, int);
389
390 typedef struct {
391 opaque header[HANDSHAKE_HEADER_SIZE];
392 /* this holds the number of bytes in the handshake_header[] */
393 int header_size;
394 /* this holds the length of the handshake packet */
395 int packet_length;
396 HandshakeType recv_type;
397 } HANDSHAKE_HEADER_BUFFER;
398
399 typedef struct {
400 gnutls_datum application_data_buffer; /* holds data to be delivered to application layer */
401 gnutls_datum handshake_hash_buffer; /* used to keep all handshake messages */
402 GNUTLS_MAC_HANDLE handshake_mac_handle_sha; /* hash of the handshake messages */
403 GNUTLS_MAC_HANDLE handshake_mac_handle_md5; /* hash of the handshake messages */
404
405 gnutls_datum handshake_data_buffer; /* this is a buffer that holds the current handshake message */
406 ResumableSession resumable; /* TRUE or FALSE - if we can resume that session */
407 HandshakeState handshake_state; /* holds
408 * a number which indicates where
409 * the handshake procedure has been
410 * interrupted. If it is 0 then
411 * no interruption has happened.
412 */
413
414 ValidSession valid_connection; /* true or FALSE - if this session is valid */
415
416 int may_read; /* if it's 0 then we can read/write, otherwise it's forbiden to read/write
417 */
418 int may_write;
419
420 int last_alert; /* last alert received */
421 /* this is the compression method we are going to use */
422 CompressionMethod compression_method;
423 /* priorities */
424 BulkCipherAlgorithm_Priority BulkCipherAlgorithmPriority;
425 MACAlgorithm_Priority MACAlgorithmPriority;
426 KXAlgorithm_Priority KXAlgorithmPriority;
427 CompressionMethod_Priority CompressionMethodPriority;
428 Protocol_Priority ProtocolPriority;
429 CertType_Priority cert_type_priority;
430
431 /* resumed session */
432 ResumableSession resumed; /* RESUME_TRUE or FALSE - if we are resuming a session */
433 SecurityParameters resumed_security_parameters;
434
435 /* sockets internals */
436 int lowat;
437
438 /* These buffers are used in the handshake
439 * protocol only. freed using _gnutls_handshake_io_buffer_clear();
440 */
441 gnutls_datum handshake_send_buffer;
442 size_t handshake_send_buffer_prev_size;
443 ContentType handshake_send_buffer_type;
444 HandshakeType handshake_send_buffer_htype;
445 ContentType handshake_recv_buffer_type;
446 HandshakeType handshake_recv_buffer_htype;
447 gnutls_datum handshake_recv_buffer;
448
449 /* this buffer holds a record packet -mostly used for
450 * non blocking IO.
451 */
452 gnutls_datum record_recv_buffer;
453 gnutls_datum record_send_buffer; /* holds cached data
454 * for the gnutls_io_write_buffered()
455 * function.
456 */
457 size_t record_send_buffer_prev_size; /* holds the
458 * data written in the previous runs.
459 */
460 size_t record_send_buffer_user_size; /* holds the
461 * size of the user specified data to
462 * send.
463 */
464
465 /* 0 if no peeked data was kept, 1 otherwise.
466 */
467 int have_peeked_data;
468
469 /* gdbm */
470 char* db_name;
471 int expire_time; /* after expire_time seconds this session will expire */
472 struct MOD_AUTH_STRUCT_INT* auth_struct; /* used in handshake packets and KX algorithms */
473 int v2_hello; /* 0 if the client hello is v3+.
474 * non-zero if we got a v2 hello.
475 */
476 #ifdef HAVE_LIBGDBM
477 GDBM_FILE db_reader;
478 #endif
479 /* keeps the headers of the handshake packet
480 */
481 HANDSHAKE_HEADER_BUFFER handshake_header_buffer;
482
483 /* this is the highest version available
484 * to the peer. (advertized version).
485 * This is obtained by the Handshake Client Hello
486 * message. (some implementations read the Record version)
487 */
488 uint8 adv_version_major;
489 uint8 adv_version_minor;
490
491 /* if this is non zero a certificate request message
492 * will be sent to the client. - only if the ciphersuite
493 * supports it.
494 */
495 int send_cert_req;
496
497 /* this is a callback function to call if no appropriate
498 * client certificates were found.
499 */
500 certificate_client_select_func* client_cert_callback;
501 certificate_server_select_func* server_cert_callback;
502
503 /* Callback to select the proper password file
504 */
505 srp_server_select_func* server_srp_callback;
506
507 /* bits to use for DHE and DHA
508 * use _gnutls_dh_get_prime_bits() and gnutls_dh_set_prime_bits()
509 * to access it.
510 */
511 int dh_prime_bits;
512
513 int max_handshake_data_buffer_size;
514
515 /* PUSH & PULL functions.
516 */
517 PULL_FUNC _gnutls_pull_func;
518 PUSH_FUNC _gnutls_push_func;
519 /* Holds the first argument of PUSH and PULL
520 * functions;
521 */
522 int transport_ptr;
523
524 /* STORE & RETRIEVE functions. Only used if other
525 * backend than gdbm is used.
526 */
527 DB_STORE_FUNC db_store_func;
528 DB_RETR_FUNC db_retrieve_func;
529 DB_REMOVE_FUNC db_remove_func;
530 void* db_ptr;
531
532 /* Holds the record size requested by the
533 * user.
534 */
535 uint16 proposed_record_size;
536
537 /* holds the index of the selected certificate.
538 * -1 if none.
539 */
540 int selected_cert_index;
541
542 /* holds the extensions we sent to the peer
543 * (in case of a client)
544 */
545 uint8 extensions_sent[MAX_EXT_TYPES];
546 uint8 extensions_sent_size;
547
548 /* is 0 if we are to send the whole PGP key, or non zero
549 * if the fingerprint is to be sent.
550 */
551 int pgp_fingerprint;
552
553 /* This holds the default version that our first
554 * record packet will have. */
555 GNUTLS_Version default_record_version;
556
557 int cbc_protection_hack;
558 int rsa_pms_check; /* 0 means enabled */
559
560 void* user_ptr;
561
562 /* If you add anything here, check _gnutls_handshake_internal_state_clear().
563 */
564 } GNUTLS_INTERNALS;
565
566 struct GNUTLS_STATE_INT {
567 SecurityParameters security_parameters;
568 CipherSpecs cipher_specs;
569 ConnectionState connection_state;
570 GNUTLS_INTERNALS gnutls_internals;
571 GNUTLS_KEY gnutls_key;
572 };
573
574 typedef struct GNUTLS_STATE_INT *GNUTLS_STATE;
575
576 typedef struct {
577 int bits;
578 MPI _prime;
579 MPI _generator;
580 gnutls_datum generator;
581 gnutls_datum prime;
582 int local; /* indicates if it is
583 * not malloced, !=0 indicates malloced
584 */
585 } _GNUTLS_DH_PARAMS;
586
587 #define GNUTLS_DH_PARAMS _GNUTLS_DH_PARAMS*
588
589 /* functions */
590 void _gnutls_set_current_version(GNUTLS_STATE state, GNUTLS_Version version);
591 GNUTLS_Version gnutls_protocol_get_version(GNUTLS_STATE state);
592 void _gnutls_free_auth_info( GNUTLS_STATE state);
593
594 /* These two macros return the advertized TLS version of
595 * the peer.
596 */
597 #define _gnutls_get_adv_version_major( state) \
598 state->gnutls_internals.adv_version_major
599
600 #define _gnutls_get_adv_version_minor( state) \
601 state->gnutls_internals.adv_version_minor
602
603 #define set_adv_version( state, major, minor) \
604 state->gnutls_internals.adv_version_major = major; \
605 state->gnutls_internals.adv_version_minor = minor
606
607 void _gnutls_set_adv_version( GNUTLS_STATE, GNUTLS_Version);
608 GNUTLS_Version _gnutls_get_adv_version( GNUTLS_STATE);
609
610 #endif /* GNUTLS_INT_H */
Implementation of the SSL/TLS protocol