Remove dtls1_enc().

Like much of the original DTLS code, dtls1_enc() is effectively a renamed
copy of tls1_enc(). Since then tls1_enc() has been modified, however the
non-AEAD code remains largely the same. As such, remove dtls1_enc() and
instead call tls1_enc() from the DTLS code.

The tls1_enc() AEAD code does not currently work correctly with DTLS,
however this is a non-issue since we do not support AEAD cipher suites with
DTLS currently.

ok tb@

1 files changed, 5 insertions, 2 deletions

diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 347d34d455..177ee061ed 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.120 2020/03/12 17:09:02 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.121 2020/03/13 16:40:42 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -341,13 +341,16 @@ tls1_change_cipher_state_aead(SSL *s, char is_read, const unsigned char *key,
         const EVP_AEAD *aead = S3I(s)->tmp.new_aead;
         SSL_AEAD_CTX *aead_ctx;
 
+        /* XXX - Need to avoid clearing write state for DTLS. */
+        if (SSL_IS_DTLS(s))
+                return 0;
+
         if (is_read) {
                 ssl_clear_cipher_read_state(s);
                 if (!tls1_aead_ctx_init(&s->internal->aead_read_ctx))
                         return 0;
                 aead_ctx = s->internal->aead_read_ctx;
         } else {
-                /* XXX - Need to correctly handle DTLS. */
                 ssl_clear_cipher_write_state(s);
                 if (!tls1_aead_ctx_init(&s->internal->aead_write_ctx))
                         return 0;