diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2020-10-14 16:44:16 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2020-10-14 16:44:16 +0000 |
| commit | b2d6878925f9e9ffc52bd58774cf01d6b325662c (patch) | |
| tree | 04b6ea64edf5290d49a014ecd10a9b0accf14982 | |
| parent | 266b64f8cf429a92b55480c2d74b5b0d9769a76d (diff) | |
Mark DTLS methods as DTLS.
Rather than inferring DTLS from the method version, add a field that marks
a method as specifically being DTLS. Have SSL_IS_DTLS condition on this
rather than on version.
ok tb@
| -rw-r--r-- | lib/libssl/ssl_locl.h | 5 | ||||
| -rw-r--r-- | lib/libssl/ssl_methods.c | 8 |
2 files changed, 10 insertions, 3 deletions
diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h index f2e1cb97f8e..12838bf2945 100644 --- a/lib/libssl/ssl_locl.h +++ b/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.304 2020/10/11 12:45:52 guenther Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.305 2020/10/14 16:44:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -315,7 +315,7 @@ __BEGIN_HIDDEN_DECLS /* Check if an SSL structure is using DTLS. */ #define SSL_IS_DTLS(s) \ - (s->method->internal->version == DTLS1_VERSION) + (s->method->internal->dtls) /* See if we use signature algorithms extension. */ #define SSL_USE_SIGALGS(s) \ @@ -362,6 +362,7 @@ __BEGIN_HIDDEN_DECLS #define NAMED_CURVE_TYPE 3 typedef struct ssl_method_internal_st { + int dtls; int version; uint16_t min_version; diff --git a/lib/libssl/ssl_methods.c b/lib/libssl/ssl_methods.c index e2d5766e0f2..600aa89095f 100644 --- a/lib/libssl/ssl_methods.c +++ b/lib/libssl/ssl_methods.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_methods.c,v 1.19 2020/10/11 12:45:52 guenther Exp $ */ +/* $OpenBSD: ssl_methods.c,v 1.20 2020/10/14 16:44:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -60,6 +60,7 @@ #include "tls13_internal.h" static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = { + .dtls = 1, .version = DTLS1_VERSION, .min_version = DTLS1_VERSION, .max_version = DTLS1_VERSION, @@ -124,6 +125,7 @@ DTLS_server_method(void) #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER) static const SSL_METHOD_INTERNAL TLS_method_internal_data = { + .dtls = 0, .version = TLS1_3_VERSION, .min_version = TLS1_VERSION, .max_version = TLS1_3_VERSION, @@ -152,6 +154,7 @@ static const SSL_METHOD TLS_method_data = { #endif static const SSL_METHOD_INTERNAL TLS_legacy_method_internal_data = { + .dtls = 0, .version = TLS1_2_VERSION, .min_version = TLS1_VERSION, .max_version = TLS1_2_VERSION, @@ -179,6 +182,7 @@ static const SSL_METHOD TLS_legacy_method_data = { }; static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = { + .dtls = 0, .version = TLS1_VERSION, .min_version = TLS1_VERSION, .max_version = TLS1_VERSION, @@ -206,6 +210,7 @@ static const SSL_METHOD TLSv1_method_data = { }; static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = { + .dtls = 0, .version = TLS1_1_VERSION, .min_version = TLS1_1_VERSION, .max_version = TLS1_1_VERSION, @@ -233,6 +238,7 @@ static const SSL_METHOD TLSv1_1_method_data = { }; static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = { + .dtls = 0, .version = TLS1_2_VERSION, .min_version = TLS1_2_VERSION, .max_version = TLS1_2_VERSION, |