From 54fa1d3a6727088bd1475d3822d8070cb9e734a9 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Fri, 11 Sep 2020 15:03:36 +0000
Subject: Some SSL_AD_* defines snuck into the TLSv1.3 code - replace them with
 TLS13_ALERT_* defines.

ok beck@ tb@
---
 src/lib/libssl/tls13_lib.c          |  6 +++---
 src/lib/libssl/tls13_record_layer.c | 14 +++++++-------
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c
index 1f19bef997..590426ad8a 100644
--- a/src/lib/libssl/tls13_lib.c
+++ b/src/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_lib.c,v 1.53 2020/07/30 16:23:17 tb Exp $ */
+/*	$OpenBSD: tls13_lib.c,v 1.54 2020/09/11 15:03:36 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -137,12 +137,12 @@ tls13_alert_sent_cb(uint8_t alert_desc, void *arg)
 {
 	struct tls13_ctx *ctx = arg;
 
-	if (alert_desc == SSL_AD_CLOSE_NOTIFY) {
+	if (alert_desc == TLS13_ALERT_CLOSE_NOTIFY) {
 		ctx->close_notify_sent = 1;
 		return;
 	}
 
-	if (alert_desc == SSL_AD_USER_CANCELLED) {
+	if (alert_desc == TLS13_ALERT_USER_CANCELED) {
 		return;
 	}
 
diff --git a/src/lib/libssl/tls13_record_layer.c b/src/lib/libssl/tls13_record_layer.c
index 7093da48a7..1d75d9e5a4 100644
--- a/src/lib/libssl/tls13_record_layer.c
+++ b/src/lib/libssl/tls13_record_layer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record_layer.c,v 1.52 2020/08/11 19:25:40 jsing Exp $ */
+/* $OpenBSD: tls13_record_layer.c,v 1.53 2020/09/11 15:03:36 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -510,7 +510,7 @@ tls13_record_layer_open_record_plaintext(struct tls13_record_layer *rl)
 		return 0;
 
 	if (CBS_len(&cbs) > TLS13_RECORD_MAX_PLAINTEXT_LEN) {
-		rl->alert = SSL_AD_RECORD_OVERFLOW;
+		rl->alert = TLS13_ALERT_RECORD_OVERFLOW;
 		return 0;
 	}
 
@@ -560,7 +560,7 @@ tls13_record_layer_open_record_protected(struct tls13_record_layer *rl)
 		goto err;
 
 	if (out_len > TLS13_RECORD_MAX_INNER_PLAINTEXT_LEN) {
-		rl->alert = SSL_AD_RECORD_OVERFLOW;
+		rl->alert = TLS13_ALERT_RECORD_OVERFLOW;
 		goto err;
 	}
 
@@ -582,7 +582,7 @@ tls13_record_layer_open_record_protected(struct tls13_record_layer *rl)
 		goto err;
 	}
 	if (inner_len > TLS13_RECORD_MAX_PLAINTEXT_LEN) {
-		rl->alert = SSL_AD_RECORD_OVERFLOW;
+		rl->alert = TLS13_ALERT_RECORD_OVERFLOW;
 		goto err;
 	}
 	content_type = content[inner_len];
@@ -802,16 +802,16 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl)
 	if ((ret = tls13_record_recv(rl->rrec, rl->cb.wire_read, rl->cb_arg)) <= 0) {
 		switch (ret) {
 		case TLS13_IO_RECORD_VERSION:
-			return tls13_send_alert(rl, SSL_AD_PROTOCOL_VERSION);
+			return tls13_send_alert(rl, TLS13_ALERT_PROTOCOL_VERSION);
 		case TLS13_IO_RECORD_OVERFLOW:
-			return tls13_send_alert(rl, SSL_AD_RECORD_OVERFLOW);
+			return tls13_send_alert(rl, TLS13_ALERT_RECORD_OVERFLOW);
 		}
 		return ret;
 	}
  
 	if (rl->legacy_version == TLS1_2_VERSION &&
 	    tls13_record_version(rl->rrec) != TLS1_2_VERSION)
-		return tls13_send_alert(rl, SSL_AD_PROTOCOL_VERSION);
+		return tls13_send_alert(rl, TLS13_ALERT_PROTOCOL_VERSION);
  
 	content_type = tls13_record_content_type(rl->rrec);
 
-- 
cgit v1.2.3-55-g6feb