From 74e3af800a6d38d80a0fee55c3d3c01c3e589ec1 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Wed, 25 Jan 2017 06:38:01 +0000
Subject: Change the SSL_IS_DTLS() macro to check the version, rather than
 using a flag in the encryption methods. We can do this since there is
 currently only one DTLS version. This makes upcoming changes easier.

ok beck@
---
 src/lib/libssl/d1_lib.c   | 4 ++--
 src/lib/libssl/ssl_locl.h | 7 ++-----
 2 files changed, 4 insertions(+), 7 deletions(-)

(limited to 'src')

diff --git a/src/lib/libssl/d1_lib.c b/src/lib/libssl/d1_lib.c
index e8c3b10761..e4805a1efa 100644
--- a/src/lib/libssl/d1_lib.c
+++ b/src/lib/libssl/d1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_lib.c,v 1.37 2017/01/23 13:36:13 jsing Exp $ */
+/* $OpenBSD: d1_lib.c,v 1.38 2017/01/25 06:38:01 jsing Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -87,7 +87,7 @@ SSL3_ENC_METHOD DTLSv1_enc_data = {
 	.server_finished_label_len = TLS_MD_SERVER_FINISH_CONST_SIZE,
 	.alert_value = tls1_alert_code,
 	.export_keying_material = tls1_export_keying_material,
-	.enc_flags = SSL_ENC_FLAG_DTLS|SSL_ENC_FLAG_EXPLICIT_IV,
+	.enc_flags = SSL_ENC_FLAG_EXPLICIT_IV,
 };
 
 long
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 9cad2bc50d..64725a7b23 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.165 2017/01/25 06:13:02 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.166 2017/01/25 06:38:01 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -328,7 +328,7 @@ __BEGIN_HIDDEN_DECLS
 
 /* Check if an SSL structure is using DTLS. */
 #define SSL_IS_DTLS(s) \
-	(s->method->internal->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
+	(s->method->internal->version == DTLS1_VERSION)
 
 /* See if we need explicit IV. */
 #define SSL_USE_EXPLICIT_IV(s) \
@@ -1049,9 +1049,6 @@ typedef struct ssl3_enc_method {
 /* Uses SHA256 default PRF. */
 #define SSL_ENC_FLAG_SHA256_PRF         (1 << 2)
 
-/* Is DTLS. */
-#define SSL_ENC_FLAG_DTLS               (1 << 3)
-
 /* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
 #define SSL_ENC_FLAG_TLS1_2_CIPHERS     (1 << 4)
 
-- 
cgit v1.2.3-55-g6feb