summaryrefslogtreecommitdiff
path: root/lib/libssl
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2014-07-12 19:45:54 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2014-07-12 19:45:54 +0000
commit30415c48dd85a36c2e3c2bf50146e554fecc1eb7 (patch)
tree8e20e46b2dc7a63f558978cc271dc0bb88f96679 /lib/libssl
parente1410ef852880b85a0c16b11df996af03094c694 (diff)
Provide ssl_version_string() function, which uses one of those modern C
constructs (a switch statement) and returns the appropriate string defined by SSL_TXT_* for the given version, including support for DTLSv1 and DTLSv1-bad. Use this function in SSL_get_version() and SSL_SESSION_print(). ok beck@
Diffstat (limited to 'lib/libssl')
-rw-r--r--lib/libssl/ssl.h4
-rw-r--r--lib/libssl/ssl_lib.c34
-rw-r--r--lib/libssl/ssl_locl.h3
-rw-r--r--lib/libssl/ssl_txt.c18
4 files changed, 31 insertions, 28 deletions
diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h
index 5ea440231a8..7547d05aa64 100644
--- a/lib/libssl/ssl.h
+++ b/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.61 2014/07/11 09:24:44 beck Exp $ */
+/* $OpenBSD: ssl.h,v 1.62 2014/07/12 19:45:53 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -293,6 +293,8 @@ extern "C" {
#define SSL_TXT_SHA256 "SHA256"
#define SSL_TXT_SHA384 "SHA384"
+#define SSL_TXT_DTLS1 "DTLSv1"
+#define SSL_TXT_DTLS1_BAD "DTLSv1-bad"
#define SSL_TXT_SSLV2 "SSLv2"
#define SSL_TXT_SSLV3 "SSLv3"
#define SSL_TXT_TLSV1 "TLSv1"
diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index db310de881b..b563071cdad 100644
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.76 2014/07/12 16:03:37 miod Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.77 2014/07/12 19:45:53 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -2410,18 +2410,30 @@ ssl_bad_method(int ver)
}
const char *
+ssl_version_string(int ver)
+{
+ switch (ver) {
+ case DTLS1_BAD_VER:
+ return (SSL_TXT_DTLS1_BAD);
+ case DTLS1_VERSION:
+ return (SSL_TXT_DTLS1);
+ case SSL3_VERSION:
+ return (SSL_TXT_SSLV3);
+ case TLS1_VERSION:
+ return (SSL_TXT_TLSV1);
+ case TLS1_1_VERSION:
+ return (SSL_TXT_TLSV1_1);
+ case TLS1_2_VERSION:
+ return (SSL_TXT_TLSV1_2);
+ default:
+ return ("unknown");
+ }
+}
+
+const char *
SSL_get_version(const SSL *s)
{
- if (s->version == TLS1_2_VERSION)
- return ("TLSv1.2");
- else if (s->version == TLS1_1_VERSION)
- return ("TLSv1.1");
- else if (s->version == TLS1_VERSION)
- return ("TLSv1");
- else if (s->version == SSL3_VERSION)
- return ("SSLv3");
- else
- return ("unknown");
+ return ssl_version_string(s->version);
}
SSL *
diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h
index 0d96ee5fe8b..22ba8d926e5 100644
--- a/lib/libssl/ssl_locl.h
+++ b/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.60 2014/07/12 13:11:53 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.61 2014/07/12 19:45:53 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -543,6 +543,7 @@ extern SSL3_ENC_METHOD ssl3_undef_enc_method;
extern SSL_CIPHER ssl3_ciphers[];
SSL_METHOD *ssl_bad_method(int ver);
+const char *ssl_version_string(int ver);
extern SSL3_ENC_METHOD TLSv1_enc_data;
extern SSL3_ENC_METHOD TLSv1_1_enc_data;
diff --git a/lib/libssl/ssl_txt.c b/lib/libssl/ssl_txt.c
index 950620d300b..3540bab3137 100644
--- a/lib/libssl/ssl_txt.c
+++ b/lib/libssl/ssl_txt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_txt.c,v 1.23 2014/07/11 09:24:44 beck Exp $ */
+/* $OpenBSD: ssl_txt.c,v 1.24 2014/07/12 19:45:53 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -112,20 +112,8 @@ SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
goto err;
if (BIO_puts(bp, "SSL-Session:\n") <= 0)
goto err;
- if (x->ssl_version == SSL3_VERSION)
- s = "SSLv3";
- else if (x->ssl_version == TLS1_2_VERSION)
- s = "TLSv1.2";
- else if (x->ssl_version == TLS1_1_VERSION)
- s = "TLSv1.1";
- else if (x->ssl_version == TLS1_VERSION)
- s = "TLSv1";
- else if (x->ssl_version == DTLS1_VERSION)
- s = "DTLSv1";
- else if (x->ssl_version == DTLS1_BAD_VER)
- s = "DTLSv1-bad";
- else
- s = "unknown";
+
+ s = ssl_version_string(x->ssl_version);
if (BIO_printf(bp, " Protocol : %s\n", s) <= 0)
goto err;