Only use TLS versions internally (rather than both TLS and DTLS versions).

DTLS protocol version numbers are the 1's compliment of human readable TLS
version numbers, which means that newer versions decrease in value and
there is no direct mapping between TLS protocol version numbers and DTLS
protocol version numbers.

Rather than having to deal with this internally, only use TLS versions
internally and map between DTLS and TLS protocol versions when necessary.
Rename functions and variables to use 'tls_version' when they contain a
TLS version (and never a DTLS version).

ok tb@

1 files changed, 3 insertions, 3 deletions

diff --git a/src/lib/libssl/tls13_legacy.c b/src/lib/libssl/tls13_legacy.c
index bacd11b950..f611aa061d 100644
--- a/src/lib/libssl/tls13_legacy.c
+++ b/src/lib/libssl/tls13_legacy.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: tls13_legacy.c,v 1.21 2021/01/07 16:26:31 tb Exp $ */
+/*      $OpenBSD: tls13_legacy.c,v 1.22 2021/02/25 17:06:05 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -359,7 +359,7 @@ tls13_use_legacy_client(struct tls13_ctx *ctx)
                 return 0;
 
         s->internal->handshake_func = s->method->internal->ssl_connect;
-        s->client_version = s->version = s->method->internal->max_version;
+        s->client_version = s->version = s->method->internal->max_tls_version;
 
         S3I(s)->hs.state = SSL3_ST_CR_SRVR_HELLO_A;
 
@@ -375,7 +375,7 @@ tls13_use_legacy_server(struct tls13_ctx *ctx)
                 return 0;
 
         s->internal->handshake_func = s->method->internal->ssl_accept;
-        s->client_version = s->version = s->method->internal->max_version;
+        s->client_version = s->version = s->method->internal->max_tls_version;
         s->server = 1;
 
         S3I(s)->hs.state = SSL3_ST_SR_CLNT_HELLO_A;