summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorjsing <>2020-01-22 01:21:43 +0000
committerjsing <>2020-01-22 01:21:43 +0000
commit33e8d2d1da86ec2fec46397361af862802b89333 (patch)
tree57cea55ebca0c29b9c1f68035245c609e56c6cee /src
parentd2535f6d6c56956061dc8da2a8a2bfdd6b98a0a4 (diff)
downloadopenbsd-33e8d2d1da86ec2fec46397361af862802b89333.tar.gz
openbsd-33e8d2d1da86ec2fec46397361af862802b89333.tar.bz2
openbsd-33e8d2d1da86ec2fec46397361af862802b89333.zip
Split the TLSv1.3 guards into separate client and server guards.
ok beck@ tb@
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/Makefile5
-rw-r--r--src/lib/libssl/ssl.h8
-rw-r--r--src/lib/libssl/ssl_methods.c6
3 files changed, 13 insertions, 6 deletions
diff --git a/src/lib/libssl/Makefile b/src/lib/libssl/Makefile
index e3b9a5cac9..b30fcca9eb 100644
--- a/src/lib/libssl/Makefile
+++ b/src/lib/libssl/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.58 2020/01/20 13:10:37 jsing Exp $ 1# $OpenBSD: Makefile,v 1.59 2020/01/22 01:21:43 jsing Exp $
2 2
3.include <bsd.own.mk> 3.include <bsd.own.mk>
4.ifndef NOMAN 4.ifndef NOMAN
@@ -17,7 +17,8 @@ CFLAGS+= -Werror
17.endif 17.endif
18CFLAGS+= -DLIBRESSL_INTERNAL 18CFLAGS+= -DLIBRESSL_INTERNAL
19.ifdef TLS1_3 19.ifdef TLS1_3
20CFLAGS+= -DLIBRESSL_HAS_TLS1_3 20CFLAGS+= -DLIBRESSL_HAS_TLS1_3_CLIENT
21CFLAGS+= -DLIBRESSL_HAS_TLS1_3_SERVER
21.endif 22.endif
22CFLAGS+= -I${.CURDIR} 23CFLAGS+= -I${.CURDIR}
23 24
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 8ac05ca70f..012556fa71 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl.h,v 1.168 2020/01/21 05:19:02 jsing Exp $ */ 1/* $OpenBSD: ssl.h,v 1.169 2020/01/22 01:21:43 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -167,6 +167,12 @@
167extern "C" { 167extern "C" {
168#endif 168#endif
169 169
170#if defined(LIBRESSL_HAS_TLS1_3_CLIENT) || defined(LIBRESSL_HAS_TLS1_3_SERVER)
171#define LIBRESSL_HAS_TLS1_3 1
172#else
173#define LIBRESSL_HAS_TLS1_3 0
174#endif
175
170/* SSLeay version number for ASN.1 encoding of the session information */ 176/* SSLeay version number for ASN.1 encoding of the session information */
171/* Version 0 - initial version 177/* Version 0 - initial version
172 * Version 1 - added the optional peer certificate 178 * Version 1 - added the optional peer certificate
diff --git a/src/lib/libssl/ssl_methods.c b/src/lib/libssl/ssl_methods.c
index 5a62a7adc4..33d2d7654d 100644
--- a/src/lib/libssl/ssl_methods.c
+++ b/src/lib/libssl/ssl_methods.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_methods.c,v 1.5 2019/11/17 19:07:07 jsing Exp $ */ 1/* $OpenBSD: ssl_methods.c,v 1.6 2020/01/22 01:21:43 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -211,7 +211,7 @@ dtls1_get_server_method(int ver)
211 return (NULL); 211 return (NULL);
212} 212}
213 213
214#ifdef LIBRESSL_HAS_TLS1_3 214#ifdef LIBRESSL_HAS_TLS1_3_CLIENT
215static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = { 215static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = {
216 .version = TLS1_3_VERSION, 216 .version = TLS1_3_VERSION,
217 .min_version = TLS1_VERSION, 217 .min_version = TLS1_VERSION,
@@ -384,7 +384,7 @@ SSLv23_client_method(void)
384const SSL_METHOD * 384const SSL_METHOD *
385TLS_client_method(void) 385TLS_client_method(void)
386{ 386{
387#ifdef LIBRESSL_HAS_TLS1_3 387#ifdef LIBRESSL_HAS_TLS1_3_CLIENT
388 return (&TLS_client_method_data); 388 return (&TLS_client_method_data);
389#else 389#else
390 return tls_legacy_client_method(); 390 return tls_legacy_client_method();
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 00:36:40 +0000