only call SRTP (whatever that is) functions when the connection type is

DTLS (whatever that is) instead of for TLS too. ok jsing.
author: tedu <> 2014-11-03 17:21:30 +0000
committer: tedu <> 2014-11-03 17:21:30 +0000
commit: ad2f06264126db0b9f2e92eec0fe2e8365c1c4d1 (patch)
tree: fff8e1764bb00dd535e7e97bf431338dc6e26b72 /src
parent: c393da8a793368840f1101c4aca7d65629881539 (diff)
download: openbsd-ad2f06264126db0b9f2e92eec0fe2e8365c1c4d1.tar.gz
openbsd-ad2f06264126db0b9f2e92eec0fe2e8365c1c4d1.tar.bz2
openbsd-ad2f06264126db0b9f2e92eec0fe2e8365c1c4d1.zip
2 files changed, 10 insertions, 10 deletions
diff --git a/src/lib/libssl/src/ssl/t1_lib.c b/src/lib/libssl/src/ssl/t1_lib.c
index 604187f2fe..b1b9ac4a87 100644
--- a/src/lib/libssl/src/ssl/t1_lib.c
+++ b/src/lib/libssl/src/ssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.65 2014/10/18 16:13:16 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.66 2014/11/03 17:21:30 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -869,7 +869,7 @@ skip_ext:
 #endif
 #ifndef OPENSSL_NO_SRTP
-        if (SSL_get_srtp_profiles(s)) {
+        if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)) {
                int el;
                ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0);
@@ -1038,7 +1038,7 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
        }
 #ifndef OPENSSL_NO_SRTP
-        if (s->srtp_profile) {
+        if (SSL_IS_DTLS(s) && s->srtp_profile) {
                int el;
                ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0);
@@ -1513,7 +1513,7 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
                /* session ticket processed earlier */
 #ifndef OPENSSL_NO_SRTP
-                else if (type == TLSEXT_TYPE_use_srtp) {
+                else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) {
                        if (ssl_parse_clienthello_use_srtp_ext(s, data, size, al))
                                return 0;
                }
@@ -1686,7 +1686,7 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
                        renegotiate_seen = 1;
                }
 #ifndef OPENSSL_NO_SRTP
-                else if (type == TLSEXT_TYPE_use_srtp) {
+                else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) {
                        if (ssl_parse_serverhello_use_srtp_ext(s, data,
                            size, al))
                                return 0;
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 604187f2fe..b1b9ac4a87 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.65 2014/10/18 16:13:16 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.66 2014/11/03 17:21:30 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -869,7 +869,7 @@ skip_ext:
 #endif
 #ifndef OPENSSL_NO_SRTP
-        if (SSL_get_srtp_profiles(s)) {
+        if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)) {
                int el;
                ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0);
@@ -1038,7 +1038,7 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
        }
 #ifndef OPENSSL_NO_SRTP
-        if (s->srtp_profile) {
+        if (SSL_IS_DTLS(s) && s->srtp_profile) {
                int el;
                ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0);
@@ -1513,7 +1513,7 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
                /* session ticket processed earlier */
 #ifndef OPENSSL_NO_SRTP
-                else if (type == TLSEXT_TYPE_use_srtp) {
+                else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) {
                        if (ssl_parse_clienthello_use_srtp_ext(s, data, size, al))
                                return 0;
                }
@@ -1686,7 +1686,7 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
                        renegotiate_seen = 1;
                }
 #ifndef OPENSSL_NO_SRTP
-                else if (type == TLSEXT_TYPE_use_srtp) {
+                else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) {
                        if (ssl_parse_serverhello_use_srtp_ext(s, data,
                            size, al))
                                return 0;
author	tedu <>	2014-11-03 17:21:30 +0000
committer	tedu <>	2014-11-03 17:21:30 +0000
commit	ad2f06264126db0b9f2e92eec0fe2e8365c1c4d1 (patch)
tree	fff8e1764bb00dd535e7e97bf431338dc6e26b72 /src
parent	c393da8a793368840f1101c4aca7d65629881539 (diff)
download	openbsd-ad2f06264126db0b9f2e92eec0fe2e8365c1c4d1.tar.gz openbsd-ad2f06264126db0b9f2e92eec0fe2e8365c1c4d1.tar.bz2 openbsd-ad2f06264126db0b9f2e92eec0fe2e8365c1c4d1.zip

diff --git a/src/lib/libssl/src/ssl/t1_lib.c b/src/lib/libssl/src/ssl/t1_lib.c index 604187f2fe..b1b9ac4a87 100644 --- a/src/lib/libssl/src/ssl/t1_lib.c +++ b/src/lib/libssl/src/ssl/t1_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_lib.c,v 1.65 2014/10/18 16:13:16 jsing Exp $ */	1	/* $OpenBSD: t1_lib.c,v 1.66 2014/11/03 17:21:30 tedu Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -869,7 +869,7 @@ skip_ext:
869	#endif	869	#endif
870		870
871	#ifndef OPENSSL_NO_SRTP	871	#ifndef OPENSSL_NO_SRTP
872	if (SSL_get_srtp_profiles(s)) {	872	if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)) {
873	int el;	873	int el;
874		874
875	ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0);	875	ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0);
@@ -1038,7 +1038,7 @@ ssl_add_serverhello_tlsext(SSL s, unsigned char p, unsigned char *limit)
1038	}	1038	}
1039		1039
1040	#ifndef OPENSSL_NO_SRTP	1040	#ifndef OPENSSL_NO_SRTP
1041	if (s->srtp_profile) {	1041	if (SSL_IS_DTLS(s) && s->srtp_profile) {
1042	int el;	1042	int el;
1043		1043
1044	ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0);	1044	ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0);
@@ -1513,7 +1513,7 @@ ssl_parse_clienthello_tlsext(SSL s, unsigned char p, unsigned char d,
1513		1513
1514	/* session ticket processed earlier */	1514	/* session ticket processed earlier */
1515	#ifndef OPENSSL_NO_SRTP	1515	#ifndef OPENSSL_NO_SRTP
1516	else if (type == TLSEXT_TYPE_use_srtp) {	1516	else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) {
1517	if (ssl_parse_clienthello_use_srtp_ext(s, data, size, al))	1517	if (ssl_parse_clienthello_use_srtp_ext(s, data, size, al))
1518	return 0;	1518	return 0;
1519	}	1519	}
@@ -1686,7 +1686,7 @@ ssl_parse_serverhello_tlsext(SSL s, unsigned char p, unsigned char d,
1686	renegotiate_seen = 1;	1686	renegotiate_seen = 1;
1687	}	1687	}
1688	#ifndef OPENSSL_NO_SRTP	1688	#ifndef OPENSSL_NO_SRTP
1689	else if (type == TLSEXT_TYPE_use_srtp) {	1689	else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) {
1690	if (ssl_parse_serverhello_use_srtp_ext(s, data,	1690	if (ssl_parse_serverhello_use_srtp_ext(s, data,
1691	size, al))	1691	size, al))
1692	return 0;	1692	return 0;


diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 604187f2fe..b1b9ac4a87 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_lib.c,v 1.65 2014/10/18 16:13:16 jsing Exp $ */	1	/* $OpenBSD: t1_lib.c,v 1.66 2014/11/03 17:21:30 tedu Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -869,7 +869,7 @@ skip_ext:
869	#endif	869	#endif
870		870
871	#ifndef OPENSSL_NO_SRTP	871	#ifndef OPENSSL_NO_SRTP
872	if (SSL_get_srtp_profiles(s)) {	872	if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)) {
873	int el;	873	int el;
874		874
875	ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0);	875	ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0);
@@ -1038,7 +1038,7 @@ ssl_add_serverhello_tlsext(SSL s, unsigned char p, unsigned char *limit)
1038	}	1038	}
1039		1039
1040	#ifndef OPENSSL_NO_SRTP	1040	#ifndef OPENSSL_NO_SRTP
1041	if (s->srtp_profile) {	1041	if (SSL_IS_DTLS(s) && s->srtp_profile) {
1042	int el;	1042	int el;
1043		1043
1044	ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0);	1044	ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0);
@@ -1513,7 +1513,7 @@ ssl_parse_clienthello_tlsext(SSL s, unsigned char p, unsigned char d,
1513		1513
1514	/* session ticket processed earlier */	1514	/* session ticket processed earlier */
1515	#ifndef OPENSSL_NO_SRTP	1515	#ifndef OPENSSL_NO_SRTP
1516	else if (type == TLSEXT_TYPE_use_srtp) {	1516	else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) {
1517	if (ssl_parse_clienthello_use_srtp_ext(s, data, size, al))	1517	if (ssl_parse_clienthello_use_srtp_ext(s, data, size, al))
1518	return 0;	1518	return 0;
1519	}	1519	}
@@ -1686,7 +1686,7 @@ ssl_parse_serverhello_tlsext(SSL s, unsigned char p, unsigned char d,
1686	renegotiate_seen = 1;	1686	renegotiate_seen = 1;
1687	}	1687	}
1688	#ifndef OPENSSL_NO_SRTP	1688	#ifndef OPENSSL_NO_SRTP
1689	else if (type == TLSEXT_TYPE_use_srtp) {	1689	else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) {
1690	if (ssl_parse_serverhello_use_srtp_ext(s, data,	1690	if (ssl_parse_serverhello_use_srtp_ext(s, data,
1691	size, al))	1691	size, al))
1692	return 0;	1692	return 0;