Add various public DTLS related defines.

These are currently guarded by LIBRESSL_HAS_DTLS1_2 and LIBRESSL_INTERNAL.

ok tb@

2 files changed, 14 insertions, 2 deletions

diff --git a/lib/libssl/dtls1.h b/lib/libssl/dtls1.h
index 1ed7c2dc302..b822f659abb 100644
--- a/lib/libssl/dtls1.h
+++ b/lib/libssl/dtls1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dtls1.h,v 1.23 2020/03/12 17:01:53 jsing Exp $ */
+/* $OpenBSD: dtls1.h,v 1.24 2021/02/20 08:11:57 jsing Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -74,6 +74,10 @@ extern "C" {
 #endif
 
 #define DTLS1_VERSION			0xFEFF
+#if defined(LIBRESSL_HAS_DTLS1_2) || defined(LIBRESSL_INTERNAL)
+#define DTLS1_2_VERSION			0xFEFD
+#define DTLS1_VERSION_MAJOR		0xFE
+#endif
 
 /* lengths of messages */
 #define DTLS1_COOKIE_LENGTH                     256
diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h
index 425ba50c146..ec9544acc5f 100644
--- a/lib/libssl/ssl.h
+++ b/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.180 2021/01/26 18:43:41 tb Exp $ */
+/* $OpenBSD: ssl.h,v 1.181 2021/02/20 08:11:57 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -301,6 +301,9 @@ extern "C" {
 #define SSL_TXT_STREEBOG512		"STREEBOG512"
 
 #define SSL_TXT_DTLS1		"DTLSv1"
+#if defined(LIBRESSL_HAS_DTLS1_2) || defined(LIBRESSL_INTERNAL)
+#define SSL_TXT_DTLS1_2		"DTLSv1.2"
+#endif
 #define SSL_TXT_SSLV2		"SSLv2"
 #define SSL_TXT_SSLV3		"SSLv3"
 #define SSL_TXT_TLSV1		"TLSv1"
@@ -520,6 +523,11 @@ struct ssl_session_st {
 #define SSL_OP_NO_TLSv1_3				0x20000000L
 #endif
 
+#if defined(LIBRESSL_HAS_DTLS1_2) || defined(LIBRESSL_INTERNAL)
+#define SSL_OP_NO_DTLSv1				0x40000000L
+#define SSL_OP_NO_DTLSv1_2				0x80000000L
+#endif
+
 /* SSL_OP_ALL: various bug workarounds that should be rather harmless. */
 #define SSL_OP_ALL \
     (SSL_OP_LEGACY_SERVER_CONNECT)