Expose various DTLSv1.2 specific functions and defines

ok bcook inoguchi jsing

5 files changed, 8 insertions, 27 deletions

diff --git a/src/lib/libcrypto/opensslfeatures.h b/src/lib/libcrypto/opensslfeatures.h
index 9684276b72..20696d3d91 100644
--- a/src/lib/libcrypto/opensslfeatures.h
+++ b/src/lib/libcrypto/opensslfeatures.h
@@ -4,6 +4,7 @@
  * enabled (or possibly not yet not implemented, or removed!).
  */
 /* #define LIBRESSL_HAS_TLS1_3 */
+/* #define LIBRESSL_HAS_DTLS1_2 */
 
 #define OPENSSL_THREADS
 
diff --git a/src/lib/libssl/Symbols.list b/src/lib/libssl/Symbols.list
index 9234cf6e51..15d43f891e 100644
--- a/src/lib/libssl/Symbols.list
+++ b/src/lib/libssl/Symbols.list
@@ -13,6 +13,9 @@ DTLS_server_method
 DTLSv1_client_method
 DTLSv1_method
 DTLSv1_server_method
+DTLSv1_2_client_method
+DTLSv1_2_method
+DTLSv1_2_server_method
 SSLv23_client_method
 SSLv23_method
 SSLv23_server_method
@@ -244,6 +247,7 @@ SSL_get_version
 SSL_get_wbio
 SSL_get_wfd
 SSL_has_matching_session_id
+SSL_is_dtls
 SSL_is_server
 SSL_library_init
 SSL_load_client_CA_file
diff --git a/src/lib/libssl/dtls1.h b/src/lib/libssl/dtls1.h
index b822f659ab..fe8c5864dd 100644
--- a/src/lib/libssl/dtls1.h
+++ b/src/lib/libssl/dtls1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dtls1.h,v 1.24 2021/02/20 08:11:57 jsing Exp $ */
+/* $OpenBSD: dtls1.h,v 1.25 2021/03/31 16:59:32 tb Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -74,10 +74,8 @@ extern "C" {
 #endif
 
 #define DTLS1_VERSION                   0xFEFF
-#if defined(LIBRESSL_HAS_DTLS1_2) || defined(LIBRESSL_INTERNAL)
 #define DTLS1_2_VERSION                 0xFEFD
 #define DTLS1_VERSION_MAJOR             0xFE
-#endif
 
 /* lengths of messages */
 #define DTLS1_COOKIE_LENGTH                     256
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 5665a09179..5ed2198b38 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.185 2021/03/31 16:55:04 tb Exp $ */
+/* $OpenBSD: ssl.h,v 1.186 2021/03/31 16:59:32 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -301,9 +301,7 @@ extern "C" {
 #define SSL_TXT_STREEBOG512             "STREEBOG512"
 
 #define SSL_TXT_DTLS1           "DTLSv1"
-#if defined(LIBRESSL_HAS_DTLS1_2) || defined(LIBRESSL_INTERNAL)
 #define SSL_TXT_DTLS1_2         "DTLSv1.2"
-#endif
 #define SSL_TXT_SSLV2           "SSLv2"
 #define SSL_TXT_SSLV3           "SSLv3"
 #define SSL_TXT_TLSV1           "TLSv1"
@@ -523,10 +521,8 @@ struct ssl_session_st {
 #define SSL_OP_NO_TLSv1_3                               0x20000000L
 #endif
 
-#if defined(LIBRESSL_HAS_DTLS1_2) || defined(LIBRESSL_INTERNAL)
 #define SSL_OP_NO_DTLSv1                                0x40000000L
 #define SSL_OP_NO_DTLSv1_2                              0x80000000L
-#endif
 
 /* SSL_OP_ALL: various bug workarounds that should be rather harmless. */
 #define SSL_OP_ALL \
@@ -1465,9 +1461,7 @@ void	SSL_free(SSL *ssl);
 int     SSL_up_ref(SSL *ssl);
 int     SSL_accept(SSL *ssl);
 int     SSL_connect(SSL *ssl);
-#ifdef LIBRESSL_INTERNAL
 int     SSL_is_dtls(const SSL *s);
-#endif
 int     SSL_is_server(const SSL *s);
 int     SSL_read(SSL *ssl, void *buf, int num);
 int     SSL_peek(SSL *ssl, void *buf, int num);
@@ -1527,11 +1521,9 @@ const SSL_METHOD *DTLSv1_method(void);		/* DTLSv1.0 */
 const SSL_METHOD *DTLSv1_server_method(void);   /* DTLSv1.0 */
 const SSL_METHOD *DTLSv1_client_method(void);   /* DTLSv1.0 */
 
-#if defined(LIBRESSL_HAS_DTLS1_2) || defined(LIBRESSL_INTERNAL)
 const SSL_METHOD *DTLSv1_2_method(void);        /* DTLSv1.2 */
 const SSL_METHOD *DTLSv1_2_server_method(void); /* DTLSv1.2 */
 const SSL_METHOD *DTLSv1_2_client_method(void); /* DTLSv1.2 */
-#endif
 
 const SSL_METHOD *DTLS_method(void);            /* DTLS v1.0 or later */
 const SSL_METHOD *DTLS_server_method(void);     /* DTLS v1.0 or later */
diff --git a/src/lib/libssl/ssl_methods.c b/src/lib/libssl/ssl_methods.c
index 084f533f5e..a3e51ac0d0 100644
--- a/src/lib/libssl/ssl_methods.c
+++ b/src/lib/libssl/ssl_methods.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_methods.c,v 1.23 2021/02/25 17:06:05 jsing Exp $ */
+/* $OpenBSD: ssl_methods.c,v 1.24 2021/03/31 16:59:32 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -59,7 +59,6 @@
 #include "ssl_locl.h"
 #include "tls13_internal.h"
 
-#ifdef LIBRESSL_HAS_DTLS1_2
 static const SSL_METHOD_INTERNAL DTLS_method_internal_data = {
         .dtls = 1,
         .server = 1,
@@ -117,7 +116,6 @@ static const SSL_METHOD DTLS_client_method_data = {
         .put_cipher_by_char = ssl3_put_cipher_by_char,
         .internal = &DTLS_client_method_internal_data,
 };
-#endif
 
 static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = {
         .dtls = 1,
@@ -274,31 +272,19 @@ DTLSv1_2_server_method(void)
 const SSL_METHOD *
 DTLS_client_method(void)
 {
-#ifdef LIBRESSL_HAS_DTLS1_2
         return &DTLS_client_method_data;
-#else
-        return DTLSv1_client_method();
-#endif
 }
 
 const SSL_METHOD *
 DTLS_method(void)
 {
-#ifdef LIBRESSL_HAS_DTLS1_2
         return &DTLS_method_data;
-#else
-        return DTLSv1_method();
-#endif
 }
 
 const SSL_METHOD *
 DTLS_server_method(void)
 {
-#ifdef LIBRESSL_HAS_DTLS1_2
         return &DTLS_method_data;
-#else
-        return DTLSv1_server_method();
-#endif
 }
 
 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER)