Partially clean up the TLS1_get_{,client}_version macros.

LibreSSL only supports TLSv1.0 and above, hence the checks the macros are performing are useless. Simplify them to their effective code. Also place both under #ifndef LIBRESSL_INTERNAL and use the variables directly in our code, which improves readability. ok tb@
author: jsing <> 2019-03-17 15:16:39 +0000
committer: jsing <> 2019-03-17 15:16:39 +0000
commit: c42c84ca93a06fba03321d1c4ecf28e9db679081 (patch)
tree: b2a6421379d8e567df8d954c56e0eb13500776ab /src/lib/libssl/ssl_tlsext.c
parent: dd49a6161a8e846a7a8061c26720b909e1c2459d (diff)
download: openbsd-c42c84ca93a06fba03321d1c4ecf28e9db679081.tar.gz
openbsd-c42c84ca93a06fba03321d1c4ecf28e9db679081.tar.bz2
openbsd-c42c84ca93a06fba03321d1c4ecf28e9db679081.zip
1 files changed, 5 insertions, 5 deletions
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c
index 3502e5a721..15a2dbd42e 100644
--- a/src/lib/libssl/ssl_tlsext.c
+++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_tlsext.c,v 1.41 2019/02/03 14:09:58 jsing Exp $ */
+/* $OpenBSD: ssl_tlsext.c,v 1.42 2019/03/17 15:16:39 jsing Exp $ */
 /*
 * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -525,7 +525,7 @@ tlsext_ri_client_parse(SSL *s, CBS *cbs, int *alert)
 int
 tlsext_sigalgs_client_needs(SSL *s)
 {
-        return (TLS1_get_client_version(s) >= TLS1_2_VERSION);
+        return (s->client_version >= TLS1_2_VERSION);
 }
 int
@@ -535,7 +535,7 @@ tlsext_sigalgs_client_build(SSL *s, CBB *cbb)
        size_t tls_sigalgs_len = tls12_sigalgs_len;
        CBB sigalgs;
-        if (TLS1_get_client_version(s) >= TLS1_3_VERSION &&
+        if (s->client_version >= TLS1_3_VERSION &&
            S3I(s)->hs_tls13.min_version >= TLS1_3_VERSION) {
                tls_sigalgs = tls13_sigalgs;
                tls_sigalgs_len = tls13_sigalgs_len;
@@ -1892,7 +1892,7 @@ tlsext_build(SSL *s, CBB *cbb, int is_server, uint16_t msg_type)
        if (is_server)
                version = s->version;
        else
-                version = TLS1_get_client_version(s);
+                version = s->client_version;
        if (!CBB_add_u16_length_prefixed(cbb, &extensions))
                return 0;
@@ -1944,7 +1944,7 @@ tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_server, uint16_t msg_type)
        if (is_server)
                version = s->version;
        else
-                version = TLS1_get_client_version(s);
+                version = s->client_version;
        /* An empty extensions block is valid. */
        if (CBS_len(cbs) == 0)
author	jsing <>	2019-03-17 15:16:39 +0000
committer	jsing <>	2019-03-17 15:16:39 +0000
commit	c42c84ca93a06fba03321d1c4ecf28e9db679081 (patch)
tree	b2a6421379d8e567df8d954c56e0eb13500776ab /src/lib/libssl/ssl_tlsext.c
parent	dd49a6161a8e846a7a8061c26720b909e1c2459d (diff)
download	openbsd-c42c84ca93a06fba03321d1c4ecf28e9db679081.tar.gz openbsd-c42c84ca93a06fba03321d1c4ecf28e9db679081.tar.bz2 openbsd-c42c84ca93a06fba03321d1c4ecf28e9db679081.zip

diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index 3502e5a721..15a2dbd42e 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_tlsext.c,v 1.41 2019/02/03 14:09:58 jsing Exp $ */	1	/* $OpenBSD: ssl_tlsext.c,v 1.42 2019/03/17 15:16:39 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
4	* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>	4	* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -525,7 +525,7 @@ tlsext_ri_client_parse(SSL s, CBS cbs, int *alert)
525	int	525	int
526	tlsext_sigalgs_client_needs(SSL *s)	526	tlsext_sigalgs_client_needs(SSL *s)
527	{	527	{
528	return (TLS1_get_client_version(s) >= TLS1_2_VERSION);	528	return (s->client_version >= TLS1_2_VERSION);
529	}	529	}
530		530
531	int	531	int
@@ -535,7 +535,7 @@ tlsext_sigalgs_client_build(SSL s, CBB cbb)
535	size_t tls_sigalgs_len = tls12_sigalgs_len;	535	size_t tls_sigalgs_len = tls12_sigalgs_len;
536	CBB sigalgs;	536	CBB sigalgs;
537		537
538	if (TLS1_get_client_version(s) >= TLS1_3_VERSION &&	538	if (s->client_version >= TLS1_3_VERSION &&
539	S3I(s)->hs_tls13.min_version >= TLS1_3_VERSION) {	539	S3I(s)->hs_tls13.min_version >= TLS1_3_VERSION) {
540	tls_sigalgs = tls13_sigalgs;	540	tls_sigalgs = tls13_sigalgs;
541	tls_sigalgs_len = tls13_sigalgs_len;	541	tls_sigalgs_len = tls13_sigalgs_len;
@@ -1892,7 +1892,7 @@ tlsext_build(SSL s, CBB cbb, int is_server, uint16_t msg_type)
1892	if (is_server)	1892	if (is_server)
1893	version = s->version;	1893	version = s->version;
1894	else	1894	else
1895	version = TLS1_get_client_version(s);	1895	version = s->client_version;
1896		1896
1897	if (!CBB_add_u16_length_prefixed(cbb, &extensions))	1897	if (!CBB_add_u16_length_prefixed(cbb, &extensions))
1898	return 0;	1898	return 0;
@@ -1944,7 +1944,7 @@ tlsext_parse(SSL s, CBS cbs, int *alert, int is_server, uint16_t msg_type)
1944	if (is_server)	1944	if (is_server)
1945	version = s->version;	1945	version = s->version;
1946	else	1946	else
1947	version = TLS1_get_client_version(s);	1947	version = s->client_version;
1948		1948
1949	/* An empty extensions block is valid. */	1949	/* An empty extensions block is valid. */
1950	if (CBS_len(cbs) == 0)	1950	if (CBS_len(cbs) == 0)