diff options
author | jsing <> | 2021-02-25 17:06:05 +0000 |
---|---|---|
committer | jsing <> | 2021-02-25 17:06:05 +0000 |
commit | 72c7f20e4fbcb3386178960b8f88ab2fbc042567 (patch) | |
tree | 5a334628a895bbe67688cd0dbadfdc68524f02de /src/lib/libssl/ssl_methods.c | |
parent | aed0a5deca305a997de3f6234733204b383f094f (diff) | |
download | openbsd-72c7f20e4fbcb3386178960b8f88ab2fbc042567.tar.gz openbsd-72c7f20e4fbcb3386178960b8f88ab2fbc042567.tar.bz2 openbsd-72c7f20e4fbcb3386178960b8f88ab2fbc042567.zip |
Only use TLS versions internally (rather than both TLS and DTLS versions).
DTLS protocol version numbers are the 1's compliment of human readable TLS
version numbers, which means that newer versions decrease in value and
there is no direct mapping between TLS protocol version numbers and DTLS
protocol version numbers.
Rather than having to deal with this internally, only use TLS versions
internally and map between DTLS and TLS protocol versions when necessary.
Rename functions and variables to use 'tls_version' when they contain a
TLS version (and never a DTLS version).
ok tb@
Diffstat (limited to 'src/lib/libssl/ssl_methods.c')
-rw-r--r-- | src/lib/libssl/ssl_methods.c | 66 |
1 files changed, 33 insertions, 33 deletions
diff --git a/src/lib/libssl/ssl_methods.c b/src/lib/libssl/ssl_methods.c index ae532ba16d..084f533f5e 100644 --- a/src/lib/libssl/ssl_methods.c +++ b/src/lib/libssl/ssl_methods.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssl_methods.c,v 1.22 2021/02/20 08:33:17 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_methods.c,v 1.23 2021/02/25 17:06:05 jsing Exp $ */ |
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 | * All rights reserved. | 3 | * All rights reserved. |
4 | * | 4 | * |
@@ -64,8 +64,8 @@ static const SSL_METHOD_INTERNAL DTLS_method_internal_data = { | |||
64 | .dtls = 1, | 64 | .dtls = 1, |
65 | .server = 1, | 65 | .server = 1, |
66 | .version = DTLS1_2_VERSION, | 66 | .version = DTLS1_2_VERSION, |
67 | .min_version = DTLS1_VERSION, | 67 | .min_tls_version = TLS1_1_VERSION, |
68 | .max_version = DTLS1_2_VERSION, | 68 | .max_tls_version = TLS1_2_VERSION, |
69 | .ssl_new = dtls1_new, | 69 | .ssl_new = dtls1_new, |
70 | .ssl_clear = dtls1_clear, | 70 | .ssl_clear = dtls1_clear, |
71 | .ssl_free = dtls1_free, | 71 | .ssl_free = dtls1_free, |
@@ -93,8 +93,8 @@ static const SSL_METHOD_INTERNAL DTLS_client_method_internal_data = { | |||
93 | .dtls = 1, | 93 | .dtls = 1, |
94 | .server = 0, | 94 | .server = 0, |
95 | .version = DTLS1_2_VERSION, | 95 | .version = DTLS1_2_VERSION, |
96 | .min_version = DTLS1_VERSION, | 96 | .min_tls_version = TLS1_1_VERSION, |
97 | .max_version = DTLS1_2_VERSION, | 97 | .max_tls_version = TLS1_2_VERSION, |
98 | .ssl_new = dtls1_new, | 98 | .ssl_new = dtls1_new, |
99 | .ssl_clear = dtls1_clear, | 99 | .ssl_clear = dtls1_clear, |
100 | .ssl_free = dtls1_free, | 100 | .ssl_free = dtls1_free, |
@@ -123,8 +123,8 @@ static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = { | |||
123 | .dtls = 1, | 123 | .dtls = 1, |
124 | .server = 1, | 124 | .server = 1, |
125 | .version = DTLS1_VERSION, | 125 | .version = DTLS1_VERSION, |
126 | .min_version = DTLS1_VERSION, | 126 | .min_tls_version = TLS1_1_VERSION, |
127 | .max_version = DTLS1_VERSION, | 127 | .max_tls_version = TLS1_1_VERSION, |
128 | .ssl_new = dtls1_new, | 128 | .ssl_new = dtls1_new, |
129 | .ssl_clear = dtls1_clear, | 129 | .ssl_clear = dtls1_clear, |
130 | .ssl_free = dtls1_free, | 130 | .ssl_free = dtls1_free, |
@@ -152,8 +152,8 @@ static const SSL_METHOD_INTERNAL DTLSv1_client_method_internal_data = { | |||
152 | .dtls = 1, | 152 | .dtls = 1, |
153 | .server = 0, | 153 | .server = 0, |
154 | .version = DTLS1_VERSION, | 154 | .version = DTLS1_VERSION, |
155 | .min_version = DTLS1_VERSION, | 155 | .min_tls_version = TLS1_1_VERSION, |
156 | .max_version = DTLS1_VERSION, | 156 | .max_tls_version = TLS1_1_VERSION, |
157 | .ssl_new = dtls1_new, | 157 | .ssl_new = dtls1_new, |
158 | .ssl_clear = dtls1_clear, | 158 | .ssl_clear = dtls1_clear, |
159 | .ssl_free = dtls1_free, | 159 | .ssl_free = dtls1_free, |
@@ -181,8 +181,8 @@ static const SSL_METHOD_INTERNAL DTLSv1_2_method_internal_data = { | |||
181 | .dtls = 1, | 181 | .dtls = 1, |
182 | .server = 1, | 182 | .server = 1, |
183 | .version = DTLS1_2_VERSION, | 183 | .version = DTLS1_2_VERSION, |
184 | .min_version = DTLS1_2_VERSION, | 184 | .min_tls_version = TLS1_2_VERSION, |
185 | .max_version = DTLS1_2_VERSION, | 185 | .max_tls_version = TLS1_2_VERSION, |
186 | .ssl_new = dtls1_new, | 186 | .ssl_new = dtls1_new, |
187 | .ssl_clear = dtls1_clear, | 187 | .ssl_clear = dtls1_clear, |
188 | .ssl_free = dtls1_free, | 188 | .ssl_free = dtls1_free, |
@@ -210,8 +210,8 @@ static const SSL_METHOD_INTERNAL DTLSv1_2_client_method_internal_data = { | |||
210 | .dtls = 1, | 210 | .dtls = 1, |
211 | .server = 0, | 211 | .server = 0, |
212 | .version = DTLS1_2_VERSION, | 212 | .version = DTLS1_2_VERSION, |
213 | .min_version = DTLS1_2_VERSION, | 213 | .min_tls_version = TLS1_2_VERSION, |
214 | .max_version = DTLS1_2_VERSION, | 214 | .max_tls_version = TLS1_2_VERSION, |
215 | .ssl_new = dtls1_new, | 215 | .ssl_new = dtls1_new, |
216 | .ssl_clear = dtls1_clear, | 216 | .ssl_clear = dtls1_clear, |
217 | .ssl_free = dtls1_free, | 217 | .ssl_free = dtls1_free, |
@@ -306,8 +306,8 @@ static const SSL_METHOD_INTERNAL TLS_method_internal_data = { | |||
306 | .dtls = 0, | 306 | .dtls = 0, |
307 | .server = 1, | 307 | .server = 1, |
308 | .version = TLS1_3_VERSION, | 308 | .version = TLS1_3_VERSION, |
309 | .min_version = TLS1_VERSION, | 309 | .min_tls_version = TLS1_VERSION, |
310 | .max_version = TLS1_3_VERSION, | 310 | .max_tls_version = TLS1_3_VERSION, |
311 | .ssl_new = tls1_new, | 311 | .ssl_new = tls1_new, |
312 | .ssl_clear = tls1_clear, | 312 | .ssl_clear = tls1_clear, |
313 | .ssl_free = tls1_free, | 313 | .ssl_free = tls1_free, |
@@ -336,8 +336,8 @@ static const SSL_METHOD_INTERNAL TLS_legacy_method_internal_data = { | |||
336 | .dtls = 0, | 336 | .dtls = 0, |
337 | .server = 1, | 337 | .server = 1, |
338 | .version = TLS1_2_VERSION, | 338 | .version = TLS1_2_VERSION, |
339 | .min_version = TLS1_VERSION, | 339 | .min_tls_version = TLS1_VERSION, |
340 | .max_version = TLS1_2_VERSION, | 340 | .max_tls_version = TLS1_2_VERSION, |
341 | .ssl_new = tls1_new, | 341 | .ssl_new = tls1_new, |
342 | .ssl_clear = tls1_clear, | 342 | .ssl_clear = tls1_clear, |
343 | .ssl_free = tls1_free, | 343 | .ssl_free = tls1_free, |
@@ -366,8 +366,8 @@ static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = { | |||
366 | .dtls = 0, | 366 | .dtls = 0, |
367 | .server = 0, | 367 | .server = 0, |
368 | .version = TLS1_3_VERSION, | 368 | .version = TLS1_3_VERSION, |
369 | .min_version = TLS1_VERSION, | 369 | .min_tls_version = TLS1_VERSION, |
370 | .max_version = TLS1_3_VERSION, | 370 | .max_tls_version = TLS1_3_VERSION, |
371 | .ssl_new = tls1_new, | 371 | .ssl_new = tls1_new, |
372 | .ssl_clear = tls1_clear, | 372 | .ssl_clear = tls1_clear, |
373 | .ssl_free = tls1_free, | 373 | .ssl_free = tls1_free, |
@@ -397,8 +397,8 @@ static const SSL_METHOD_INTERNAL TLS_legacy_client_method_internal_data = { | |||
397 | .dtls = 0, | 397 | .dtls = 0, |
398 | .server = 0, | 398 | .server = 0, |
399 | .version = TLS1_2_VERSION, | 399 | .version = TLS1_2_VERSION, |
400 | .min_version = TLS1_VERSION, | 400 | .min_tls_version = TLS1_VERSION, |
401 | .max_version = TLS1_2_VERSION, | 401 | .max_tls_version = TLS1_2_VERSION, |
402 | .ssl_new = tls1_new, | 402 | .ssl_new = tls1_new, |
403 | .ssl_clear = tls1_clear, | 403 | .ssl_clear = tls1_clear, |
404 | .ssl_free = tls1_free, | 404 | .ssl_free = tls1_free, |
@@ -427,8 +427,8 @@ static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = { | |||
427 | .dtls = 0, | 427 | .dtls = 0, |
428 | .server = 1, | 428 | .server = 1, |
429 | .version = TLS1_VERSION, | 429 | .version = TLS1_VERSION, |
430 | .min_version = TLS1_VERSION, | 430 | .min_tls_version = TLS1_VERSION, |
431 | .max_version = TLS1_VERSION, | 431 | .max_tls_version = TLS1_VERSION, |
432 | .ssl_new = tls1_new, | 432 | .ssl_new = tls1_new, |
433 | .ssl_clear = tls1_clear, | 433 | .ssl_clear = tls1_clear, |
434 | .ssl_free = tls1_free, | 434 | .ssl_free = tls1_free, |
@@ -456,8 +456,8 @@ static const SSL_METHOD_INTERNAL TLSv1_client_method_internal_data = { | |||
456 | .dtls = 0, | 456 | .dtls = 0, |
457 | .server = 0, | 457 | .server = 0, |
458 | .version = TLS1_VERSION, | 458 | .version = TLS1_VERSION, |
459 | .min_version = TLS1_VERSION, | 459 | .min_tls_version = TLS1_VERSION, |
460 | .max_version = TLS1_VERSION, | 460 | .max_tls_version = TLS1_VERSION, |
461 | .ssl_new = tls1_new, | 461 | .ssl_new = tls1_new, |
462 | .ssl_clear = tls1_clear, | 462 | .ssl_clear = tls1_clear, |
463 | .ssl_free = tls1_free, | 463 | .ssl_free = tls1_free, |
@@ -485,8 +485,8 @@ static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = { | |||
485 | .dtls = 0, | 485 | .dtls = 0, |
486 | .server = 1, | 486 | .server = 1, |
487 | .version = TLS1_1_VERSION, | 487 | .version = TLS1_1_VERSION, |
488 | .min_version = TLS1_1_VERSION, | 488 | .min_tls_version = TLS1_1_VERSION, |
489 | .max_version = TLS1_1_VERSION, | 489 | .max_tls_version = TLS1_1_VERSION, |
490 | .ssl_new = tls1_new, | 490 | .ssl_new = tls1_new, |
491 | .ssl_clear = tls1_clear, | 491 | .ssl_clear = tls1_clear, |
492 | .ssl_free = tls1_free, | 492 | .ssl_free = tls1_free, |
@@ -514,8 +514,8 @@ static const SSL_METHOD_INTERNAL TLSv1_1_client_method_internal_data = { | |||
514 | .dtls = 0, | 514 | .dtls = 0, |
515 | .server = 0, | 515 | .server = 0, |
516 | .version = TLS1_1_VERSION, | 516 | .version = TLS1_1_VERSION, |
517 | .min_version = TLS1_1_VERSION, | 517 | .min_tls_version = TLS1_1_VERSION, |
518 | .max_version = TLS1_1_VERSION, | 518 | .max_tls_version = TLS1_1_VERSION, |
519 | .ssl_new = tls1_new, | 519 | .ssl_new = tls1_new, |
520 | .ssl_clear = tls1_clear, | 520 | .ssl_clear = tls1_clear, |
521 | .ssl_free = tls1_free, | 521 | .ssl_free = tls1_free, |
@@ -543,8 +543,8 @@ static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = { | |||
543 | .dtls = 0, | 543 | .dtls = 0, |
544 | .server = 1, | 544 | .server = 1, |
545 | .version = TLS1_2_VERSION, | 545 | .version = TLS1_2_VERSION, |
546 | .min_version = TLS1_2_VERSION, | 546 | .min_tls_version = TLS1_2_VERSION, |
547 | .max_version = TLS1_2_VERSION, | 547 | .max_tls_version = TLS1_2_VERSION, |
548 | .ssl_new = tls1_new, | 548 | .ssl_new = tls1_new, |
549 | .ssl_clear = tls1_clear, | 549 | .ssl_clear = tls1_clear, |
550 | .ssl_free = tls1_free, | 550 | .ssl_free = tls1_free, |
@@ -572,8 +572,8 @@ static const SSL_METHOD_INTERNAL TLSv1_2_client_method_internal_data = { | |||
572 | .dtls = 0, | 572 | .dtls = 0, |
573 | .server = 0, | 573 | .server = 0, |
574 | .version = TLS1_2_VERSION, | 574 | .version = TLS1_2_VERSION, |
575 | .min_version = TLS1_2_VERSION, | 575 | .min_tls_version = TLS1_2_VERSION, |
576 | .max_version = TLS1_2_VERSION, | 576 | .max_tls_version = TLS1_2_VERSION, |
577 | .ssl_new = tls1_new, | 577 | .ssl_new = tls1_new, |
578 | .ssl_clear = tls1_clear, | 578 | .ssl_clear = tls1_clear, |
579 | .ssl_free = tls1_free, | 579 | .ssl_free = tls1_free, |