Provide functions to determine if TLSv1.2 record protection is engaged.

Call these functions from code that needs to know if we've changed cipher
state and enabled record protection, rather than inconsistently checking
various pointers from other places in the code base. This also fixes a
minor bug where the wrong pointers are checked if we're operating with
AEAD.

ok inoguchi@ tb@

1 files changed, 3 insertions, 3 deletions

diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index ac3669550c..000cac6785 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.88 2020/10/14 16:57:33 jsing Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.89 2021/01/19 18:57:09 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -853,15 +853,15 @@ ssl3_get_client_hello(SSL *s)
         if (!ssl_downgrade_max_version(s, &max_version))
                 goto err;
         if (ssl_max_shared_version(s, client_version, &shared_version) != 1) {
-                SSLerror(s, SSL_R_WRONG_VERSION_NUMBER);
                 if ((s->client_version >> 8) == SSL3_VERSION_MAJOR &&
-                    !s->internal->enc_write_ctx && !s->internal->write_hash) {
+                    !tls12_record_layer_write_protected(s->internal->rl)) {
                         /*
                          * Similar to ssl3_get_record, send alert using remote
                          * version number.
                          */
                         s->version = s->client_version;
                 }
+                SSLerror(s, SSL_R_WRONG_VERSION_NUMBER);
                 al = SSL_AD_PROTOCOL_VERSION;
                 goto f_err;
         }