9 files changed, 321 insertions, 9 deletions
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
index 30d97683a7..00954777fc 100644
--- a/src/lib/libssl/s23_clnt.c
+++ b/src/lib/libssl/s23_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_clnt.c,v 1.38 2015/03/31 13:17:48 jsing Exp $ */
+/* $OpenBSD: s23_clnt.c,v 1.39 2015/07/19 06:31:32 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -120,6 +120,7 @@
 static const SSL_METHOD *ssl23_get_client_method(int ver);
 static int ssl23_client_hello(SSL *s);
 static int ssl23_get_server_hello(SSL *s);
+static const SSL_METHOD *tls_get_client_method(int ver);
 const SSL_METHOD SSLv23_client_method_data = {
        .version = TLS1_2_VERSION,
@@ -153,6 +154,39 @@ const SSL_METHOD SSLv23_client_method_data = {
        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
 };
+const SSL_METHOD TLS_client_method_data = {
+        .version = TLS1_2_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = ssl_undefined_function,
+        .ssl_connect = tls_connect,
+        .ssl_read = ssl23_read,
+        .ssl_peek = ssl23_peek,
+        .ssl_write = ssl23_write,
+        .ssl_shutdown = ssl_undefined_function,
+        .ssl_renegotiate = ssl_undefined_function,
+        .ssl_renegotiate_check = ssl_ok,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .ssl_ctrl = ssl3_ctrl,
+        .ssl_ctx_ctrl = ssl3_ctx_ctrl,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .ssl_pending = ssl_undefined_const_function,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_ssl_method = tls_get_client_method,
+        .get_timeout = ssl23_default_timeout,
+        .ssl3_enc = &ssl3_undef_enc_method,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_callback_ctrl = ssl3_callback_ctrl,
+        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
+};
 const SSL_METHOD *
 SSLv23_client_method(void)
 {
@@ -544,3 +578,33 @@ ssl23_get_server_hello(SSL *s)
 err:
        return (-1);
 }
+const SSL_METHOD *
+TLS_client_method(void)
+{
+        return &TLS_client_method_data;
+}
+static const SSL_METHOD *
+tls_get_client_method(int ver)
+{
+        if (ver == SSL3_VERSION)
+                return (NULL);
+        else
+                return ssl23_get_client_method(ver);
+}
+int
+tls_connect(SSL *s)
+{
+        int ret;
+        unsigned long old_options;
+        old_options = s->options;
+        s->options |= SSL_OP_NO_SSLv3;
+        ret = ssl23_connect(s);
+        s->options = old_options;
+        return ret;
+}
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
index 99bfaf07e4..f1914e0e8e 100644
--- a/src/lib/libssl/s23_srvr.c
+++ b/src/lib/libssl/s23_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_srvr.c,v 1.39 2015/03/27 12:29:54 jsing Exp $ */
+/* $OpenBSD: s23_srvr.c,v 1.40 2015/07/19 06:31:32 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -119,6 +119,7 @@
 static const SSL_METHOD *ssl23_get_server_method(int ver);
 int ssl23_get_client_hello(SSL *s);
+static const SSL_METHOD *tls_get_server_method(int ver);
 const SSL_METHOD SSLv23_server_method_data = {
        .version = TLS1_2_VERSION,
@@ -152,6 +153,38 @@ const SSL_METHOD SSLv23_server_method_data = {
        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
 };
+const SSL_METHOD TLS_server_method_data = {
+        .version = TLS1_2_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = tls_accept,
+        .ssl_connect = ssl_undefined_function,
+        .ssl_read = ssl23_read,
+        .ssl_peek = ssl23_peek,
+        .ssl_write = ssl23_write,
+        .ssl_shutdown = ssl_undefined_function,
+        .ssl_renegotiate = ssl_undefined_function,
+        .ssl_renegotiate_check = ssl_ok,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .ssl_ctrl = ssl3_ctrl,
+        .ssl_ctx_ctrl = ssl3_ctx_ctrl,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .ssl_pending = ssl_undefined_const_function,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_ssl_method = tls_get_server_method,
+        .get_timeout = ssl23_default_timeout,
+        .ssl3_enc = &ssl3_undef_enc_method,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_callback_ctrl = ssl3_callback_ctrl,
+        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
+};
 const SSL_METHOD *
 SSLv23_server_method(void)
 {
@@ -570,3 +603,33 @@ ssl23_get_client_hello(SSL *s)
        return (SSL_accept(s));
 }
+const SSL_METHOD *
+TLS_server_method(void)
+{
+        return &TLS_server_method_data;
+}
+static const SSL_METHOD *
+tls_get_server_method(int ver)
+{
+        if (ver == SSL3_VERSION)
+                return (NULL);
+        else
+                return ssl23_get_server_method(ver);
+}
+int
+tls_accept(SSL *s)
+{
+        int ret;
+        unsigned long old_options;
+        old_options = s->options;
+        s->options |= SSL_OP_NO_SSLv3;
+        ret = ssl23_accept(s);
+        s->options = old_options;
+        return ret;
+}
diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c
index 30d97683a7..00954777fc 100644
--- a/src/lib/libssl/src/ssl/s23_clnt.c
+++ b/src/lib/libssl/src/ssl/s23_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_clnt.c,v 1.38 2015/03/31 13:17:48 jsing Exp $ */
+/* $OpenBSD: s23_clnt.c,v 1.39 2015/07/19 06:31:32 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -120,6 +120,7 @@
 static const SSL_METHOD *ssl23_get_client_method(int ver);
 static int ssl23_client_hello(SSL *s);
 static int ssl23_get_server_hello(SSL *s);
+static const SSL_METHOD *tls_get_client_method(int ver);
 const SSL_METHOD SSLv23_client_method_data = {
        .version = TLS1_2_VERSION,
@@ -153,6 +154,39 @@ const SSL_METHOD SSLv23_client_method_data = {
        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
 };
+const SSL_METHOD TLS_client_method_data = {
+        .version = TLS1_2_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = ssl_undefined_function,
+        .ssl_connect = tls_connect,
+        .ssl_read = ssl23_read,
+        .ssl_peek = ssl23_peek,
+        .ssl_write = ssl23_write,
+        .ssl_shutdown = ssl_undefined_function,
+        .ssl_renegotiate = ssl_undefined_function,
+        .ssl_renegotiate_check = ssl_ok,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .ssl_ctrl = ssl3_ctrl,
+        .ssl_ctx_ctrl = ssl3_ctx_ctrl,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .ssl_pending = ssl_undefined_const_function,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_ssl_method = tls_get_client_method,
+        .get_timeout = ssl23_default_timeout,
+        .ssl3_enc = &ssl3_undef_enc_method,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_callback_ctrl = ssl3_callback_ctrl,
+        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
+};
 const SSL_METHOD *
 SSLv23_client_method(void)
 {
@@ -544,3 +578,33 @@ ssl23_get_server_hello(SSL *s)
 err:
        return (-1);
 }
+const SSL_METHOD *
+TLS_client_method(void)
+{
+        return &TLS_client_method_data;
+}
+static const SSL_METHOD *
+tls_get_client_method(int ver)
+{
+        if (ver == SSL3_VERSION)
+                return (NULL);
+        else
+                return ssl23_get_client_method(ver);
+}
+int
+tls_connect(SSL *s)
+{
+        int ret;
+        unsigned long old_options;
+        old_options = s->options;
+        s->options |= SSL_OP_NO_SSLv3;
+        ret = ssl23_connect(s);
+        s->options = old_options;
+        return ret;
+}
diff --git a/src/lib/libssl/src/ssl/s23_meth.c b/src/lib/libssl/src/ssl/s23_meth.c
index 164604001e..93a398d70b 100644
--- a/src/lib/libssl/src/ssl/s23_meth.c
+++ b/src/lib/libssl/src/ssl/s23_meth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_meth.c,v 1.17 2015/02/06 08:30:23 jsing Exp $ */
+/* $OpenBSD: s23_meth.c,v 1.18 2015/07/19 06:31:32 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -63,6 +63,7 @@
 #include "ssl_locl.h"
 static const SSL_METHOD *ssl23_get_method(int ver);
+static const SSL_METHOD *tls_get_method(int ver);
 const SSL_METHOD SSLv23_method_data = {
        .version = TLS1_2_VERSION,
@@ -115,3 +116,50 @@ ssl23_get_method(int ver)
                return (TLSv1_2_method());
        return (NULL);
 }
+const SSL_METHOD TLS_method_data = {
+        .version = TLS1_2_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = tls_accept,
+        .ssl_connect = tls_connect,
+        .ssl_read = ssl23_read,
+        .ssl_peek = ssl23_peek,
+        .ssl_write = ssl23_write,
+        .ssl_shutdown = ssl_undefined_function,
+        .ssl_renegotiate = ssl_undefined_function,
+        .ssl_renegotiate_check = ssl_ok,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .ssl_ctrl = ssl3_ctrl,
+        .ssl_ctx_ctrl = ssl3_ctx_ctrl,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .ssl_pending = ssl_undefined_const_function,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_ssl_method = tls_get_method,
+        .get_timeout = ssl23_default_timeout,
+        .ssl3_enc = &ssl3_undef_enc_method,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_callback_ctrl = ssl3_callback_ctrl,
+        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
+};
+const SSL_METHOD *
+TLS_method(void)
+{
+        return &TLS_method_data;
+}
+static const SSL_METHOD *
+tls_get_method(int ver)
+{
+        if (ver == SSL3_VERSION)
+                return (NULL);
+        else
+                return ssl23_get_method(ver);
+}
diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c
index 99bfaf07e4..f1914e0e8e 100644
--- a/src/lib/libssl/src/ssl/s23_srvr.c
+++ b/src/lib/libssl/src/ssl/s23_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_srvr.c,v 1.39 2015/03/27 12:29:54 jsing Exp $ */
+/* $OpenBSD: s23_srvr.c,v 1.40 2015/07/19 06:31:32 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -119,6 +119,7 @@
 static const SSL_METHOD *ssl23_get_server_method(int ver);
 int ssl23_get_client_hello(SSL *s);
+static const SSL_METHOD *tls_get_server_method(int ver);
 const SSL_METHOD SSLv23_server_method_data = {
        .version = TLS1_2_VERSION,
@@ -152,6 +153,38 @@ const SSL_METHOD SSLv23_server_method_data = {
        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
 };
+const SSL_METHOD TLS_server_method_data = {
+        .version = TLS1_2_VERSION,
+        .ssl_new = tls1_new,
+        .ssl_clear = tls1_clear,
+        .ssl_free = tls1_free,
+        .ssl_accept = tls_accept,
+        .ssl_connect = ssl_undefined_function,
+        .ssl_read = ssl23_read,
+        .ssl_peek = ssl23_peek,
+        .ssl_write = ssl23_write,
+        .ssl_shutdown = ssl_undefined_function,
+        .ssl_renegotiate = ssl_undefined_function,
+        .ssl_renegotiate_check = ssl_ok,
+        .ssl_get_message = ssl3_get_message,
+        .ssl_read_bytes = ssl3_read_bytes,
+        .ssl_write_bytes = ssl3_write_bytes,
+        .ssl_dispatch_alert = ssl3_dispatch_alert,
+        .ssl_ctrl = ssl3_ctrl,
+        .ssl_ctx_ctrl = ssl3_ctx_ctrl,
+        .get_cipher_by_char = ssl3_get_cipher_by_char,
+        .put_cipher_by_char = ssl3_put_cipher_by_char,
+        .ssl_pending = ssl_undefined_const_function,
+        .num_ciphers = ssl3_num_ciphers,
+        .get_cipher = ssl3_get_cipher,
+        .get_ssl_method = tls_get_server_method,
+        .get_timeout = ssl23_default_timeout,
+        .ssl3_enc = &ssl3_undef_enc_method,
+        .ssl_version = ssl_undefined_void_function,
+        .ssl_callback_ctrl = ssl3_callback_ctrl,
+        .ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
+};
 const SSL_METHOD *
 SSLv23_server_method(void)
 {
@@ -570,3 +603,33 @@ ssl23_get_client_hello(SSL *s)
        return (SSL_accept(s));
 }
+const SSL_METHOD *
+TLS_server_method(void)
+{
+        return &TLS_server_method_data;
+}
+static const SSL_METHOD *
+tls_get_server_method(int ver)
+{
+        if (ver == SSL3_VERSION)
+                return (NULL);
+        else
+                return ssl23_get_server_method(ver);
+}
+int
+tls_accept(SSL *s)
+{
+        int ret;
+        unsigned long old_options;
+        old_options = s->options;
+        s->options |= SSL_OP_NO_SSLv3;
+        ret = ssl23_accept(s);
+        s->options = old_options;
+        return ret;
+}
diff --git a/src/lib/libssl/src/ssl/ssl.h b/src/lib/libssl/src/ssl/ssl.h
index 0a0a711a20..0cd220778b 100644
--- a/src/lib/libssl/src/ssl/ssl.h
+++ b/src/lib/libssl/src/ssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.91 2015/07/18 19:41:54 doug Exp $ */
+/* $OpenBSD: ssl.h,v 1.92 2015/07/19 06:31:32 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1696,6 +1696,9 @@ const SSL_METHOD *TLSv1_2_method(void);		/* TLSv1.2 */
 const SSL_METHOD *TLSv1_2_server_method(void);  /* TLSv1.2 */
 const SSL_METHOD *TLSv1_2_client_method(void);  /* TLSv1.2 */
+const SSL_METHOD *TLS_method(void);             /* TLS v1.0 or later */
+const SSL_METHOD *TLS_server_method(void);      /* TLS v1.0 or later */
+const SSL_METHOD *TLS_client_method(void);      /* TLS v1.0 or later */
 const SSL_METHOD *DTLSv1_method(void);          /* DTLSv1.0 */
 const SSL_METHOD *DTLSv1_server_method(void);   /* DTLSv1.0 */
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h
index ba8fc79964..1c78770dfa 100644
--- a/src/lib/libssl/src/ssl/ssl_locl.h
+++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.97 2015/07/18 23:00:23 doug Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.98 2015/07/19 06:31:32 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -757,6 +757,8 @@ int ssl23_accept(SSL *s);
 int ssl23_connect(SSL *s);
 int ssl23_read_bytes(SSL *s, int n);
 int ssl23_write_bytes(SSL *s);
+int tls_accept(SSL *s);
+int tls_connect(SSL *s);
 int tls1_new(SSL *s);
 void tls1_free(SSL *s);
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 0a0a711a20..0cd220778b 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.91 2015/07/18 19:41:54 doug Exp $ */
+/* $OpenBSD: ssl.h,v 1.92 2015/07/19 06:31:32 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1696,6 +1696,9 @@ const SSL_METHOD *TLSv1_2_method(void);		/* TLSv1.2 */
 const SSL_METHOD *TLSv1_2_server_method(void);  /* TLSv1.2 */
 const SSL_METHOD *TLSv1_2_client_method(void);  /* TLSv1.2 */
+const SSL_METHOD *TLS_method(void);             /* TLS v1.0 or later */
+const SSL_METHOD *TLS_server_method(void);      /* TLS v1.0 or later */
+const SSL_METHOD *TLS_client_method(void);      /* TLS v1.0 or later */
 const SSL_METHOD *DTLSv1_method(void);          /* DTLSv1.0 */
 const SSL_METHOD *DTLSv1_server_method(void);   /* DTLSv1.0 */
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index ba8fc79964..1c78770dfa 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.97 2015/07/18 23:00:23 doug Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.98 2015/07/19 06:31:32 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -757,6 +757,8 @@ int ssl23_accept(SSL *s);
 int ssl23_connect(SSL *s);
 int ssl23_read_bytes(SSL *s, int n);
 int ssl23_write_bytes(SSL *s);
+int tls_accept(SSL *s);
+int tls_connect(SSL *s);
 int tls1_new(SSL *s);
 void tls1_free(SSL *s);

diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c index 30d97683a7..00954777fc 100644 --- a/src/lib/libssl/s23_clnt.c +++ b/src/lib/libssl/s23_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s23_clnt.c,v 1.38 2015/03/31 13:17:48 jsing Exp $ */	1	/* $OpenBSD: s23_clnt.c,v 1.39 2015/07/19 06:31:32 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -120,6 +120,7 @@
120	static const SSL_METHOD *ssl23_get_client_method(int ver);	120	static const SSL_METHOD *ssl23_get_client_method(int ver);
121	static int ssl23_client_hello(SSL *s);	121	static int ssl23_client_hello(SSL *s);
122	static int ssl23_get_server_hello(SSL *s);	122	static int ssl23_get_server_hello(SSL *s);
		123	static const SSL_METHOD *tls_get_client_method(int ver);
123		124
124	const SSL_METHOD SSLv23_client_method_data = {	125	const SSL_METHOD SSLv23_client_method_data = {
125	.version = TLS1_2_VERSION,	126	.version = TLS1_2_VERSION,
@@ -153,6 +154,39 @@ const SSL_METHOD SSLv23_client_method_data = {
153	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,	154	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
154	};	155	};
155		156
		157	const SSL_METHOD TLS_client_method_data = {
		158	.version = TLS1_2_VERSION,
		159	.ssl_new = tls1_new,
		160	.ssl_clear = tls1_clear,
		161	.ssl_free = tls1_free,
		162	.ssl_accept = ssl_undefined_function,
		163	.ssl_connect = tls_connect,
		164	.ssl_read = ssl23_read,
		165	.ssl_peek = ssl23_peek,
		166	.ssl_write = ssl23_write,
		167	.ssl_shutdown = ssl_undefined_function,
		168	.ssl_renegotiate = ssl_undefined_function,
		169	.ssl_renegotiate_check = ssl_ok,
		170	.ssl_get_message = ssl3_get_message,
		171	.ssl_read_bytes = ssl3_read_bytes,
		172	.ssl_write_bytes = ssl3_write_bytes,
		173	.ssl_dispatch_alert = ssl3_dispatch_alert,
		174	.ssl_ctrl = ssl3_ctrl,
		175	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
		176	.get_cipher_by_char = ssl3_get_cipher_by_char,
		177	.put_cipher_by_char = ssl3_put_cipher_by_char,
		178	.ssl_pending = ssl_undefined_const_function,
		179	.num_ciphers = ssl3_num_ciphers,
		180	.get_cipher = ssl3_get_cipher,
		181	.get_ssl_method = tls_get_client_method,
		182	.get_timeout = ssl23_default_timeout,
		183	.ssl3_enc = &ssl3_undef_enc_method,
		184	.ssl_version = ssl_undefined_void_function,
		185	.ssl_callback_ctrl = ssl3_callback_ctrl,
		186	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
		187	};
		188
		189
156	const SSL_METHOD *	190	const SSL_METHOD *
157	SSLv23_client_method(void)	191	SSLv23_client_method(void)
158	{	192	{
@@ -544,3 +578,33 @@ ssl23_get_server_hello(SSL *s)
544	err:	578	err:
545	return (-1);	579	return (-1);
546	}	580	}
		581
		582	const SSL_METHOD *
		583	TLS_client_method(void)
		584	{
		585	return &TLS_client_method_data;
		586	}
		587
		588	static const SSL_METHOD *
		589	tls_get_client_method(int ver)
		590	{
		591	if (ver == SSL3_VERSION)
		592	return (NULL);
		593	else
		594	return ssl23_get_client_method(ver);
		595	}
		596
		597	int
		598	tls_connect(SSL *s)
		599	{
		600	int ret;
		601	unsigned long old_options;
		602
		603	old_options = s->options;
		604
		605	s->options \|= SSL_OP_NO_SSLv3;
		606	ret = ssl23_connect(s);
		607	s->options = old_options;
		608
		609	return ret;
		610	}


diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c index 99bfaf07e4..f1914e0e8e 100644 --- a/src/lib/libssl/s23_srvr.c +++ b/src/lib/libssl/s23_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s23_srvr.c,v 1.39 2015/03/27 12:29:54 jsing Exp $ */	1	/* $OpenBSD: s23_srvr.c,v 1.40 2015/07/19 06:31:32 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -119,6 +119,7 @@
119		119
120	static const SSL_METHOD *ssl23_get_server_method(int ver);	120	static const SSL_METHOD *ssl23_get_server_method(int ver);
121	int ssl23_get_client_hello(SSL *s);	121	int ssl23_get_client_hello(SSL *s);
		122	static const SSL_METHOD *tls_get_server_method(int ver);
122		123
123	const SSL_METHOD SSLv23_server_method_data = {	124	const SSL_METHOD SSLv23_server_method_data = {
124	.version = TLS1_2_VERSION,	125	.version = TLS1_2_VERSION,
@@ -152,6 +153,38 @@ const SSL_METHOD SSLv23_server_method_data = {
152	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,	153	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
153	};	154	};
154		155
		156	const SSL_METHOD TLS_server_method_data = {
		157	.version = TLS1_2_VERSION,
		158	.ssl_new = tls1_new,
		159	.ssl_clear = tls1_clear,
		160	.ssl_free = tls1_free,
		161	.ssl_accept = tls_accept,
		162	.ssl_connect = ssl_undefined_function,
		163	.ssl_read = ssl23_read,
		164	.ssl_peek = ssl23_peek,
		165	.ssl_write = ssl23_write,
		166	.ssl_shutdown = ssl_undefined_function,
		167	.ssl_renegotiate = ssl_undefined_function,
		168	.ssl_renegotiate_check = ssl_ok,
		169	.ssl_get_message = ssl3_get_message,
		170	.ssl_read_bytes = ssl3_read_bytes,
		171	.ssl_write_bytes = ssl3_write_bytes,
		172	.ssl_dispatch_alert = ssl3_dispatch_alert,
		173	.ssl_ctrl = ssl3_ctrl,
		174	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
		175	.get_cipher_by_char = ssl3_get_cipher_by_char,
		176	.put_cipher_by_char = ssl3_put_cipher_by_char,
		177	.ssl_pending = ssl_undefined_const_function,
		178	.num_ciphers = ssl3_num_ciphers,
		179	.get_cipher = ssl3_get_cipher,
		180	.get_ssl_method = tls_get_server_method,
		181	.get_timeout = ssl23_default_timeout,
		182	.ssl3_enc = &ssl3_undef_enc_method,
		183	.ssl_version = ssl_undefined_void_function,
		184	.ssl_callback_ctrl = ssl3_callback_ctrl,
		185	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
		186	};
		187
155	const SSL_METHOD *	188	const SSL_METHOD *
156	SSLv23_server_method(void)	189	SSLv23_server_method(void)
157	{	190	{
@@ -570,3 +603,33 @@ ssl23_get_client_hello(SSL *s)
570		603
571	return (SSL_accept(s));	604	return (SSL_accept(s));
572	}	605	}
		606
		607	const SSL_METHOD *
		608	TLS_server_method(void)
		609	{
		610	return &TLS_server_method_data;
		611	}
		612
		613	static const SSL_METHOD *
		614	tls_get_server_method(int ver)
		615	{
		616	if (ver == SSL3_VERSION)
		617	return (NULL);
		618	else
		619	return ssl23_get_server_method(ver);
		620	}
		621
		622	int
		623	tls_accept(SSL *s)
		624	{
		625	int ret;
		626	unsigned long old_options;
		627
		628	old_options = s->options;
		629
		630	s->options \|= SSL_OP_NO_SSLv3;
		631	ret = ssl23_accept(s);
		632	s->options = old_options;
		633
		634	return ret;
		635	}


diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c index 30d97683a7..00954777fc 100644 --- a/src/lib/libssl/src/ssl/s23_clnt.c +++ b/src/lib/libssl/src/ssl/s23_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s23_clnt.c,v 1.38 2015/03/31 13:17:48 jsing Exp $ */	1	/* $OpenBSD: s23_clnt.c,v 1.39 2015/07/19 06:31:32 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -120,6 +120,7 @@
120	static const SSL_METHOD *ssl23_get_client_method(int ver);	120	static const SSL_METHOD *ssl23_get_client_method(int ver);
121	static int ssl23_client_hello(SSL *s);	121	static int ssl23_client_hello(SSL *s);
122	static int ssl23_get_server_hello(SSL *s);	122	static int ssl23_get_server_hello(SSL *s);
		123	static const SSL_METHOD *tls_get_client_method(int ver);
123		124
124	const SSL_METHOD SSLv23_client_method_data = {	125	const SSL_METHOD SSLv23_client_method_data = {
125	.version = TLS1_2_VERSION,	126	.version = TLS1_2_VERSION,
@@ -153,6 +154,39 @@ const SSL_METHOD SSLv23_client_method_data = {
153	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,	154	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
154	};	155	};
155		156
		157	const SSL_METHOD TLS_client_method_data = {
		158	.version = TLS1_2_VERSION,
		159	.ssl_new = tls1_new,
		160	.ssl_clear = tls1_clear,
		161	.ssl_free = tls1_free,
		162	.ssl_accept = ssl_undefined_function,
		163	.ssl_connect = tls_connect,
		164	.ssl_read = ssl23_read,
		165	.ssl_peek = ssl23_peek,
		166	.ssl_write = ssl23_write,
		167	.ssl_shutdown = ssl_undefined_function,
		168	.ssl_renegotiate = ssl_undefined_function,
		169	.ssl_renegotiate_check = ssl_ok,
		170	.ssl_get_message = ssl3_get_message,
		171	.ssl_read_bytes = ssl3_read_bytes,
		172	.ssl_write_bytes = ssl3_write_bytes,
		173	.ssl_dispatch_alert = ssl3_dispatch_alert,
		174	.ssl_ctrl = ssl3_ctrl,
		175	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
		176	.get_cipher_by_char = ssl3_get_cipher_by_char,
		177	.put_cipher_by_char = ssl3_put_cipher_by_char,
		178	.ssl_pending = ssl_undefined_const_function,
		179	.num_ciphers = ssl3_num_ciphers,
		180	.get_cipher = ssl3_get_cipher,
		181	.get_ssl_method = tls_get_client_method,
		182	.get_timeout = ssl23_default_timeout,
		183	.ssl3_enc = &ssl3_undef_enc_method,
		184	.ssl_version = ssl_undefined_void_function,
		185	.ssl_callback_ctrl = ssl3_callback_ctrl,
		186	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
		187	};
		188
		189
156	const SSL_METHOD *	190	const SSL_METHOD *
157	SSLv23_client_method(void)	191	SSLv23_client_method(void)
158	{	192	{
@@ -544,3 +578,33 @@ ssl23_get_server_hello(SSL *s)
544	err:	578	err:
545	return (-1);	579	return (-1);
546	}	580	}
		581
		582	const SSL_METHOD *
		583	TLS_client_method(void)
		584	{
		585	return &TLS_client_method_data;
		586	}
		587
		588	static const SSL_METHOD *
		589	tls_get_client_method(int ver)
		590	{
		591	if (ver == SSL3_VERSION)
		592	return (NULL);
		593	else
		594	return ssl23_get_client_method(ver);
		595	}
		596
		597	int
		598	tls_connect(SSL *s)
		599	{
		600	int ret;
		601	unsigned long old_options;
		602
		603	old_options = s->options;
		604
		605	s->options \|= SSL_OP_NO_SSLv3;
		606	ret = ssl23_connect(s);
		607	s->options = old_options;
		608
		609	return ret;
		610	}


diff --git a/src/lib/libssl/src/ssl/s23_meth.c b/src/lib/libssl/src/ssl/s23_meth.c index 164604001e..93a398d70b 100644 --- a/src/lib/libssl/src/ssl/s23_meth.c +++ b/src/lib/libssl/src/ssl/s23_meth.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s23_meth.c,v 1.17 2015/02/06 08:30:23 jsing Exp $ */	1	/* $OpenBSD: s23_meth.c,v 1.18 2015/07/19 06:31:32 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -63,6 +63,7 @@
63	#include "ssl_locl.h"	63	#include "ssl_locl.h"
64		64
65	static const SSL_METHOD *ssl23_get_method(int ver);	65	static const SSL_METHOD *ssl23_get_method(int ver);
		66	static const SSL_METHOD *tls_get_method(int ver);
66		67
67	const SSL_METHOD SSLv23_method_data = {	68	const SSL_METHOD SSLv23_method_data = {
68	.version = TLS1_2_VERSION,	69	.version = TLS1_2_VERSION,
@@ -115,3 +116,50 @@ ssl23_get_method(int ver)
115	return (TLSv1_2_method());	116	return (TLSv1_2_method());
116	return (NULL);	117	return (NULL);
117	}	118	}
		119
		120	const SSL_METHOD TLS_method_data = {
		121	.version = TLS1_2_VERSION,
		122	.ssl_new = tls1_new,
		123	.ssl_clear = tls1_clear,
		124	.ssl_free = tls1_free,
		125	.ssl_accept = tls_accept,
		126	.ssl_connect = tls_connect,
		127	.ssl_read = ssl23_read,
		128	.ssl_peek = ssl23_peek,
		129	.ssl_write = ssl23_write,
		130	.ssl_shutdown = ssl_undefined_function,
		131	.ssl_renegotiate = ssl_undefined_function,
		132	.ssl_renegotiate_check = ssl_ok,
		133	.ssl_get_message = ssl3_get_message,
		134	.ssl_read_bytes = ssl3_read_bytes,
		135	.ssl_write_bytes = ssl3_write_bytes,
		136	.ssl_dispatch_alert = ssl3_dispatch_alert,
		137	.ssl_ctrl = ssl3_ctrl,
		138	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
		139	.get_cipher_by_char = ssl3_get_cipher_by_char,
		140	.put_cipher_by_char = ssl3_put_cipher_by_char,
		141	.ssl_pending = ssl_undefined_const_function,
		142	.num_ciphers = ssl3_num_ciphers,
		143	.get_cipher = ssl3_get_cipher,
		144	.get_ssl_method = tls_get_method,
		145	.get_timeout = ssl23_default_timeout,
		146	.ssl3_enc = &ssl3_undef_enc_method,
		147	.ssl_version = ssl_undefined_void_function,
		148	.ssl_callback_ctrl = ssl3_callback_ctrl,
		149	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
		150	};
		151
		152	const SSL_METHOD *
		153	TLS_method(void)
		154	{
		155	return &TLS_method_data;
		156	}
		157
		158	static const SSL_METHOD *
		159	tls_get_method(int ver)
		160	{
		161	if (ver == SSL3_VERSION)
		162	return (NULL);
		163	else
		164	return ssl23_get_method(ver);
		165	}


diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c index 99bfaf07e4..f1914e0e8e 100644 --- a/src/lib/libssl/src/ssl/s23_srvr.c +++ b/src/lib/libssl/src/ssl/s23_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s23_srvr.c,v 1.39 2015/03/27 12:29:54 jsing Exp $ */	1	/* $OpenBSD: s23_srvr.c,v 1.40 2015/07/19 06:31:32 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -119,6 +119,7 @@
119		119
120	static const SSL_METHOD *ssl23_get_server_method(int ver);	120	static const SSL_METHOD *ssl23_get_server_method(int ver);
121	int ssl23_get_client_hello(SSL *s);	121	int ssl23_get_client_hello(SSL *s);
		122	static const SSL_METHOD *tls_get_server_method(int ver);
122		123
123	const SSL_METHOD SSLv23_server_method_data = {	124	const SSL_METHOD SSLv23_server_method_data = {
124	.version = TLS1_2_VERSION,	125	.version = TLS1_2_VERSION,
@@ -152,6 +153,38 @@ const SSL_METHOD SSLv23_server_method_data = {
152	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,	153	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
153	};	154	};
154		155
		156	const SSL_METHOD TLS_server_method_data = {
		157	.version = TLS1_2_VERSION,
		158	.ssl_new = tls1_new,
		159	.ssl_clear = tls1_clear,
		160	.ssl_free = tls1_free,
		161	.ssl_accept = tls_accept,
		162	.ssl_connect = ssl_undefined_function,
		163	.ssl_read = ssl23_read,
		164	.ssl_peek = ssl23_peek,
		165	.ssl_write = ssl23_write,
		166	.ssl_shutdown = ssl_undefined_function,
		167	.ssl_renegotiate = ssl_undefined_function,
		168	.ssl_renegotiate_check = ssl_ok,
		169	.ssl_get_message = ssl3_get_message,
		170	.ssl_read_bytes = ssl3_read_bytes,
		171	.ssl_write_bytes = ssl3_write_bytes,
		172	.ssl_dispatch_alert = ssl3_dispatch_alert,
		173	.ssl_ctrl = ssl3_ctrl,
		174	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
		175	.get_cipher_by_char = ssl3_get_cipher_by_char,
		176	.put_cipher_by_char = ssl3_put_cipher_by_char,
		177	.ssl_pending = ssl_undefined_const_function,
		178	.num_ciphers = ssl3_num_ciphers,
		179	.get_cipher = ssl3_get_cipher,
		180	.get_ssl_method = tls_get_server_method,
		181	.get_timeout = ssl23_default_timeout,
		182	.ssl3_enc = &ssl3_undef_enc_method,
		183	.ssl_version = ssl_undefined_void_function,
		184	.ssl_callback_ctrl = ssl3_callback_ctrl,
		185	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
		186	};
		187
155	const SSL_METHOD *	188	const SSL_METHOD *
156	SSLv23_server_method(void)	189	SSLv23_server_method(void)
157	{	190	{
@@ -570,3 +603,33 @@ ssl23_get_client_hello(SSL *s)
570		603
571	return (SSL_accept(s));	604	return (SSL_accept(s));
572	}	605	}
		606
		607	const SSL_METHOD *
		608	TLS_server_method(void)
		609	{
		610	return &TLS_server_method_data;
		611	}
		612
		613	static const SSL_METHOD *
		614	tls_get_server_method(int ver)
		615	{
		616	if (ver == SSL3_VERSION)
		617	return (NULL);
		618	else
		619	return ssl23_get_server_method(ver);
		620	}
		621
		622	int
		623	tls_accept(SSL *s)
		624	{
		625	int ret;
		626	unsigned long old_options;
		627
		628	old_options = s->options;
		629
		630	s->options \|= SSL_OP_NO_SSLv3;
		631	ret = ssl23_accept(s);
		632	s->options = old_options;
		633
		634	return ret;
		635	}


diff --git a/src/lib/libssl/src/ssl/ssl.h b/src/lib/libssl/src/ssl/ssl.h index 0a0a711a20..0cd220778b 100644 --- a/src/lib/libssl/src/ssl/ssl.h +++ b/src/lib/libssl/src/ssl/ssl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl.h,v 1.91 2015/07/18 19:41:54 doug Exp $ */	1	/* $OpenBSD: ssl.h,v 1.92 2015/07/19 06:31:32 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1696,6 +1696,9 @@ const SSL_METHOD TLSv1_2_method(void); / TLSv1.2 */
1696	const SSL_METHOD TLSv1_2_server_method(void); / TLSv1.2 */	1696	const SSL_METHOD TLSv1_2_server_method(void); / TLSv1.2 */
1697	const SSL_METHOD TLSv1_2_client_method(void); / TLSv1.2 */	1697	const SSL_METHOD TLSv1_2_client_method(void); / TLSv1.2 */
1698		1698
		1699	const SSL_METHOD TLS_method(void); / TLS v1.0 or later */
		1700	const SSL_METHOD TLS_server_method(void); / TLS v1.0 or later */
		1701	const SSL_METHOD TLS_client_method(void); / TLS v1.0 or later */
1699		1702
1700	const SSL_METHOD DTLSv1_method(void); / DTLSv1.0 */	1703	const SSL_METHOD DTLSv1_method(void); / DTLSv1.0 */
1701	const SSL_METHOD DTLSv1_server_method(void); / DTLSv1.0 */	1704	const SSL_METHOD DTLSv1_server_method(void); / DTLSv1.0 */


diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h index ba8fc79964..1c78770dfa 100644 --- a/src/lib/libssl/src/ssl/ssl_locl.h +++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.97 2015/07/18 23:00:23 doug Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.98 2015/07/19 06:31:32 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -757,6 +757,8 @@ int ssl23_accept(SSL *s);
757	int ssl23_connect(SSL *s);	757	int ssl23_connect(SSL *s);
758	int ssl23_read_bytes(SSL *s, int n);	758	int ssl23_read_bytes(SSL *s, int n);
759	int ssl23_write_bytes(SSL *s);	759	int ssl23_write_bytes(SSL *s);
		760	int tls_accept(SSL *s);
		761	int tls_connect(SSL *s);
760		762
761	int tls1_new(SSL *s);	763	int tls1_new(SSL *s);
762	void tls1_free(SSL *s);	764	void tls1_free(SSL *s);


diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h index 0a0a711a20..0cd220778b 100644 --- a/src/lib/libssl/ssl.h +++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl.h,v 1.91 2015/07/18 19:41:54 doug Exp $ */	1	/* $OpenBSD: ssl.h,v 1.92 2015/07/19 06:31:32 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1696,6 +1696,9 @@ const SSL_METHOD TLSv1_2_method(void); / TLSv1.2 */
1696	const SSL_METHOD TLSv1_2_server_method(void); / TLSv1.2 */	1696	const SSL_METHOD TLSv1_2_server_method(void); / TLSv1.2 */
1697	const SSL_METHOD TLSv1_2_client_method(void); / TLSv1.2 */	1697	const SSL_METHOD TLSv1_2_client_method(void); / TLSv1.2 */
1698		1698
		1699	const SSL_METHOD TLS_method(void); / TLS v1.0 or later */
		1700	const SSL_METHOD TLS_server_method(void); / TLS v1.0 or later */
		1701	const SSL_METHOD TLS_client_method(void); / TLS v1.0 or later */
1699		1702
1700	const SSL_METHOD DTLSv1_method(void); / DTLSv1.0 */	1703	const SSL_METHOD DTLSv1_method(void); / DTLSv1.0 */
1701	const SSL_METHOD DTLSv1_server_method(void); / DTLSv1.0 */	1704	const SSL_METHOD DTLSv1_server_method(void); / DTLSv1.0 */


diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index ba8fc79964..1c78770dfa 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.97 2015/07/18 23:00:23 doug Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.98 2015/07/19 06:31:32 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -757,6 +757,8 @@ int ssl23_accept(SSL *s);
757	int ssl23_connect(SSL *s);	757	int ssl23_connect(SSL *s);
758	int ssl23_read_bytes(SSL *s, int n);	758	int ssl23_read_bytes(SSL *s, int n);
759	int ssl23_write_bytes(SSL *s);	759	int ssl23_write_bytes(SSL *s);
		760	int tls_accept(SSL *s);
		761	int tls_connect(SSL *s);
760		762
761	int tls1_new(SSL *s);	763	int tls1_new(SSL *s);
762	void tls1_free(SSL *s);	764	void tls1_free(SSL *s);