From b2d6878925f9e9ffc52bd58774cf01d6b325662c Mon Sep 17 00:00:00 2001 From: Joel Sing Date: Wed, 14 Oct 2020 16:44:16 +0000 Subject: Mark DTLS methods as DTLS. Rather than inferring DTLS from the method version, add a field that marks a method as specifically being DTLS. Have SSL_IS_DTLS condition on this rather than on version. ok tb@ --- lib/libssl/ssl_locl.h | 5 +++-- lib/libssl/ssl_methods.c | 8 +++++++- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h index f2e1cb97f8e..12838bf2945 100644 --- a/lib/libssl/ssl_locl.h +++ b/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.304 2020/10/11 12:45:52 guenther Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.305 2020/10/14 16:44:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -315,7 +315,7 @@ __BEGIN_HIDDEN_DECLS /* Check if an SSL structure is using DTLS. */ #define SSL_IS_DTLS(s) \ - (s->method->internal->version == DTLS1_VERSION) + (s->method->internal->dtls) /* See if we use signature algorithms extension. */ #define SSL_USE_SIGALGS(s) \ @@ -362,6 +362,7 @@ __BEGIN_HIDDEN_DECLS #define NAMED_CURVE_TYPE 3 typedef struct ssl_method_internal_st { + int dtls; int version; uint16_t min_version; diff --git a/lib/libssl/ssl_methods.c b/lib/libssl/ssl_methods.c index e2d5766e0f2..600aa89095f 100644 --- a/lib/libssl/ssl_methods.c +++ b/lib/libssl/ssl_methods.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_methods.c,v 1.19 2020/10/11 12:45:52 guenther Exp $ */ +/* $OpenBSD: ssl_methods.c,v 1.20 2020/10/14 16:44:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -60,6 +60,7 @@ #include "tls13_internal.h" static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = { + .dtls = 1, .version = DTLS1_VERSION, .min_version = DTLS1_VERSION, .max_version = DTLS1_VERSION, @@ -124,6 +125,7 @@ DTLS_server_method(void) #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER) static const SSL_METHOD_INTERNAL TLS_method_internal_data = { + .dtls = 0, .version = TLS1_3_VERSION, .min_version = TLS1_VERSION, .max_version = TLS1_3_VERSION, @@ -152,6 +154,7 @@ static const SSL_METHOD TLS_method_data = { #endif static const SSL_METHOD_INTERNAL TLS_legacy_method_internal_data = { + .dtls = 0, .version = TLS1_2_VERSION, .min_version = TLS1_VERSION, .max_version = TLS1_2_VERSION, @@ -179,6 +182,7 @@ static const SSL_METHOD TLS_legacy_method_data = { }; static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = { + .dtls = 0, .version = TLS1_VERSION, .min_version = TLS1_VERSION, .max_version = TLS1_VERSION, @@ -206,6 +210,7 @@ static const SSL_METHOD TLSv1_method_data = { }; static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = { + .dtls = 0, .version = TLS1_1_VERSION, .min_version = TLS1_1_VERSION, .max_version = TLS1_1_VERSION, @@ -233,6 +238,7 @@ static const SSL_METHOD TLSv1_1_method_data = { }; static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = { + .dtls = 0, .version = TLS1_2_VERSION, .min_version = TLS1_2_VERSION, .max_version = TLS1_2_VERSION, -- cgit v1.2.3