Mark DTLS methods as DTLS.

Rather than inferring DTLS from the method version, add a field that marks a method as specifically being DTLS. Have SSL_IS_DTLS condition on this rather than on version. ok tb@
author: jsing <> 2020-10-14 16:44:15 +0000
committer: jsing <> 2020-10-14 16:44:15 +0000
commit: d01f579537c8999cab6b1bf97cfb2760827ceeae (patch)
tree: 48a3e74cff5229e78703d45e5305fd0d015a6e1f /src
parent: b78b3da503cdbc1eab982be1760a8fc44c08c508 (diff)
download: openbsd-d01f579537c8999cab6b1bf97cfb2760827ceeae.tar.gz
openbsd-d01f579537c8999cab6b1bf97cfb2760827ceeae.tar.bz2
openbsd-d01f579537c8999cab6b1bf97cfb2760827ceeae.zip
2 files changed, 10 insertions, 3 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index f2e1cb97f8..12838bf294 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.304 2020/10/11 12:45:52 guenther Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.305 2020/10/14 16:44:15 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -315,7 +315,7 @@ __BEGIN_HIDDEN_DECLS
 /* Check if an SSL structure is using DTLS. */
 #define SSL_IS_DTLS(s) \
-        (s->method->internal->version == DTLS1_VERSION)
+        (s->method->internal->dtls)
 /* See if we use signature algorithms extension. */
 #define SSL_USE_SIGALGS(s) \
@@ -362,6 +362,7 @@ __BEGIN_HIDDEN_DECLS
 #define NAMED_CURVE_TYPE           3
 typedef struct ssl_method_internal_st {
+        int dtls;
        int version;
        uint16_t min_version;
diff --git a/src/lib/libssl/ssl_methods.c b/src/lib/libssl/ssl_methods.c
index e2d5766e0f..600aa89095 100644
--- a/src/lib/libssl/ssl_methods.c
+++ b/src/lib/libssl/ssl_methods.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_methods.c,v 1.19 2020/10/11 12:45:52 guenther Exp $ */
+/* $OpenBSD: ssl_methods.c,v 1.20 2020/10/14 16:44:15 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -60,6 +60,7 @@
 #include "tls13_internal.h"
 static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = {
+        .dtls = 1,
        .version = DTLS1_VERSION,
        .min_version = DTLS1_VERSION,
        .max_version = DTLS1_VERSION,
@@ -124,6 +125,7 @@ DTLS_server_method(void)
 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER)
 static const SSL_METHOD_INTERNAL TLS_method_internal_data = {
+        .dtls = 0,
        .version = TLS1_3_VERSION,
        .min_version = TLS1_VERSION,
        .max_version = TLS1_3_VERSION,
@@ -152,6 +154,7 @@ static const SSL_METHOD TLS_method_data = {
 #endif
 static const SSL_METHOD_INTERNAL TLS_legacy_method_internal_data = {
+        .dtls = 0,
        .version = TLS1_2_VERSION,
        .min_version = TLS1_VERSION,
        .max_version = TLS1_2_VERSION,
@@ -179,6 +182,7 @@ static const SSL_METHOD TLS_legacy_method_data = {
 };
 static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = {
+        .dtls = 0,
        .version = TLS1_VERSION,
        .min_version = TLS1_VERSION,
        .max_version = TLS1_VERSION,
@@ -206,6 +210,7 @@ static const SSL_METHOD TLSv1_method_data = {
 };
 static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = {
+        .dtls = 0,
        .version = TLS1_1_VERSION,
        .min_version = TLS1_1_VERSION,
        .max_version = TLS1_1_VERSION,
@@ -233,6 +238,7 @@ static const SSL_METHOD TLSv1_1_method_data = {
 };
 static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = {
+        .dtls = 0,
        .version = TLS1_2_VERSION,
        .min_version = TLS1_2_VERSION,
        .max_version = TLS1_2_VERSION,
author	jsing <>	2020-10-14 16:44:15 +0000
committer	jsing <>	2020-10-14 16:44:15 +0000
commit	d01f579537c8999cab6b1bf97cfb2760827ceeae (patch)
tree	48a3e74cff5229e78703d45e5305fd0d015a6e1f /src
parent	b78b3da503cdbc1eab982be1760a8fc44c08c508 (diff)
download	openbsd-d01f579537c8999cab6b1bf97cfb2760827ceeae.tar.gz openbsd-d01f579537c8999cab6b1bf97cfb2760827ceeae.tar.bz2 openbsd-d01f579537c8999cab6b1bf97cfb2760827ceeae.zip