Factor out the legacy stack version checks.

Also check for explicit version numbers, rather than just the major version value. ok tb@
author: jsing <> 2021-02-07 15:04:10 +0000
committer: jsing <> 2021-02-07 15:04:10 +0000
commit: 1e3243705c6918de211100bcbd8ef0b8488d215e (patch)
tree: 39da1e539db935f3cc8ae0aeec4e7f7ceb5cc61e /src/lib/libssl/ssl_locl.h
parent: 5a642e2e581776f13874ce5444f9f27501465e56 (diff)
download: openbsd-1e3243705c6918de211100bcbd8ef0b8488d215e.tar.gz
openbsd-1e3243705c6918de211100bcbd8ef0b8488d215e.tar.bz2
openbsd-1e3243705c6918de211100bcbd8ef0b8488d215e.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index d5298d7af1..b56a99bb79 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.318 2021/01/28 17:00:39 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.319 2021/02/07 15:04:10 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1115,6 +1115,7 @@ int ssl_version_set_min(const SSL_METHOD *meth, uint16_t ver, uint16_t max_ver,
 int ssl_version_set_max(const SSL_METHOD *meth, uint16_t ver, uint16_t min_ver,
    uint16_t *out_ver);
 int ssl_downgrade_max_version(SSL *s, uint16_t *max_ver);
+int ssl_legacy_stack_version(SSL *s, uint16_t version);
 int ssl_cipher_in_list(STACK_OF(SSL_CIPHER) *ciphers, const SSL_CIPHER *cipher);
 int ssl_cipher_allowed_in_version_range(const SSL_CIPHER *cipher,
    uint16_t min_ver, uint16_t max_ver);
author	jsing <>	2021-02-07 15:04:10 +0000
committer	jsing <>	2021-02-07 15:04:10 +0000
commit	1e3243705c6918de211100bcbd8ef0b8488d215e (patch)
tree	39da1e539db935f3cc8ae0aeec4e7f7ceb5cc61e /src/lib/libssl/ssl_locl.h
parent	5a642e2e581776f13874ce5444f9f27501465e56 (diff)
download	openbsd-1e3243705c6918de211100bcbd8ef0b8488d215e.tar.gz openbsd-1e3243705c6918de211100bcbd8ef0b8488d215e.tar.bz2 openbsd-1e3243705c6918de211100bcbd8ef0b8488d215e.zip