Partially clean up the TLS1_get_{,client}_version macros.

LibreSSL only supports TLSv1.0 and above, hence the checks the macros are performing are useless. Simplify them to their effective code. Also place both under #ifndef LIBRESSL_INTERNAL and use the variables directly in our code, which improves readability. ok tb@
author: jsing <> 2019-03-17 15:16:39 +0000
committer: jsing <> 2019-03-17 15:16:39 +0000
commit: 02f7540b7cb04e4e3a520c240503b8185e76f372 (patch)
tree: b2a6421379d8e567df8d954c56e0eb13500776ab /src/lib/libssl/ssl_clnt.c
parent: 053bde557c5f57a91664558a9e44f1368c444de5 (diff)
download: openbsd-02f7540b7cb04e4e3a520c240503b8185e76f372.tar.gz
openbsd-02f7540b7cb04e4e3a520c240503b8185e76f372.tar.bz2
openbsd-02f7540b7cb04e4e3a520c240503b8185e76f372.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index abdcc9791a..5da53d8445 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.56 2019/02/09 15:26:15 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.57 2019/03/17 15:16:39 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -950,7 +950,7 @@ ssl3_get_server_hello(SSL *s)
        /* TLS v1.2 only ciphersuites require v1.2 or later. */
        if ((cipher->algorithm_ssl & SSL_TLSV1_2) &&
-            (TLS1_get_version(s) < TLS1_2_VERSION)) {
+            (s->version < TLS1_2_VERSION)) {
                al = SSL_AD_ILLEGAL_PARAMETER;
                SSLerror(s, SSL_R_WRONG_CIPHER_RETURNED);
                goto f_err;
author	jsing <>	2019-03-17 15:16:39 +0000
committer	jsing <>	2019-03-17 15:16:39 +0000
commit	02f7540b7cb04e4e3a520c240503b8185e76f372 (patch)
tree	b2a6421379d8e567df8d954c56e0eb13500776ab /src/lib/libssl/ssl_clnt.c
parent	053bde557c5f57a91664558a9e44f1368c444de5 (diff)
download	openbsd-02f7540b7cb04e4e3a520c240503b8185e76f372.tar.gz openbsd-02f7540b7cb04e4e3a520c240503b8185e76f372.tar.bz2 openbsd-02f7540b7cb04e4e3a520c240503b8185e76f372.zip

diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index abdcc9791a..5da53d8445 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_clnt.c,v 1.56 2019/02/09 15:26:15 jsing Exp $ */	1	/* $OpenBSD: ssl_clnt.c,v 1.57 2019/03/17 15:16:39 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -950,7 +950,7 @@ ssl3_get_server_hello(SSL *s)
950		950
951	/* TLS v1.2 only ciphersuites require v1.2 or later. */	951	/* TLS v1.2 only ciphersuites require v1.2 or later. */
952	if ((cipher->algorithm_ssl & SSL_TLSV1_2) &&	952	if ((cipher->algorithm_ssl & SSL_TLSV1_2) &&
953	(TLS1_get_version(s) < TLS1_2_VERSION)) {	953	(s->version < TLS1_2_VERSION)) {
954	al = SSL_AD_ILLEGAL_PARAMETER;	954	al = SSL_AD_ILLEGAL_PARAMETER;
955	SSLerror(s, SSL_R_WRONG_CIPHER_RETURNED);	955	SSLerror(s, SSL_R_WRONG_CIPHER_RETURNED);
956	goto f_err;	956	goto f_err;