From 85977a5fc077a3570226e3ec00bf221c6c1951cd Mon Sep 17 00:00:00 2001 From: jsing <> Date: Sat, 21 Jan 2017 06:50:02 +0000 Subject: Specify minimum and maximum protocol version for each method. This is currently unused, but will be in the near future. ok beck@ --- src/lib/libssl/d1_clnt.c | 4 +++- src/lib/libssl/d1_meth.c | 4 +++- src/lib/libssl/d1_srvr.c | 4 +++- src/lib/libssl/t1_clnt.c | 10 +++++++++- src/lib/libssl/t1_meth.c | 10 +++++++++- src/lib/libssl/t1_srvr.c | 10 +++++++++- 6 files changed, 36 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index 42e149f864..633eabf8b4 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_clnt.c,v 1.59 2016/12/06 13:38:11 jsing Exp $ */ +/* $OpenBSD: d1_clnt.c,v 1.60 2017/01/21 06:50:02 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -132,6 +132,8 @@ static int dtls1_get_hello_verify(SSL *s); static const SSL_METHOD DTLSv1_client_method_data = { .version = DTLS1_VERSION, + .min_version = DTLS1_VERSION, + .max_version = DTLS1_VERSION, .ssl_new = dtls1_new, .ssl_clear = dtls1_clear, .ssl_free = dtls1_free, diff --git a/src/lib/libssl/d1_meth.c b/src/lib/libssl/d1_meth.c index 83917e336d..c7604863fa 100644 --- a/src/lib/libssl/d1_meth.c +++ b/src/lib/libssl/d1_meth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_meth.c,v 1.10 2016/11/04 18:30:21 guenther Exp $ */ +/* $OpenBSD: d1_meth.c,v 1.11 2017/01/21 06:50:02 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -67,6 +67,8 @@ static const SSL_METHOD *dtls1_get_method(int ver); static const SSL_METHOD DTLSv1_method_data = { .version = DTLS1_VERSION, + .min_version = DTLS1_VERSION, + .max_version = DTLS1_VERSION, .ssl_new = dtls1_new, .ssl_clear = dtls1_clear, .ssl_free = dtls1_free, diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c index 472d0de9dd..4322a219f5 100644 --- a/src/lib/libssl/d1_srvr.c +++ b/src/lib/libssl/d1_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_srvr.c,v 1.69 2016/12/06 13:38:11 jsing Exp $ */ +/* $OpenBSD: d1_srvr.c,v 1.70 2017/01/21 06:50:02 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -130,6 +130,8 @@ static int dtls1_send_hello_verify_request(SSL *s); static const SSL_METHOD DTLSv1_server_method_data = { .version = DTLS1_VERSION, + .min_version = DTLS1_VERSION, + .max_version = DTLS1_VERSION, .ssl_new = dtls1_new, .ssl_clear = dtls1_clear, .ssl_free = dtls1_free, diff --git a/src/lib/libssl/t1_clnt.c b/src/lib/libssl/t1_clnt.c index 9107f3976e..d643d5db13 100644 --- a/src/lib/libssl/t1_clnt.c +++ b/src/lib/libssl/t1_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_clnt.c,v 1.19 2016/11/04 18:30:21 guenther Exp $ */ +/* $OpenBSD: t1_clnt.c,v 1.20 2017/01/21 06:50:02 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -68,6 +68,8 @@ static const SSL_METHOD *tls1_get_client_method(int ver); static const SSL_METHOD TLS_client_method_data = { .version = TLS1_2_VERSION, + .min_version = TLS1_VERSION, + .max_version = TLS1_2_VERSION, .ssl_new = tls1_new, .ssl_clear = tls1_clear, .ssl_free = tls1_free, @@ -100,6 +102,8 @@ static const SSL_METHOD TLS_client_method_data = { static const SSL_METHOD TLSv1_client_method_data = { .version = TLS1_VERSION, + .min_version = TLS1_VERSION, + .max_version = TLS1_VERSION, .ssl_new = tls1_new, .ssl_clear = tls1_clear, .ssl_free = tls1_free, @@ -132,6 +136,8 @@ static const SSL_METHOD TLSv1_client_method_data = { static const SSL_METHOD TLSv1_1_client_method_data = { .version = TLS1_1_VERSION, + .min_version = TLS1_1_VERSION, + .max_version = TLS1_1_VERSION, .ssl_new = tls1_new, .ssl_clear = tls1_clear, .ssl_free = tls1_free, @@ -164,6 +170,8 @@ static const SSL_METHOD TLSv1_1_client_method_data = { static const SSL_METHOD TLSv1_2_client_method_data = { .version = TLS1_2_VERSION, + .min_version = TLS1_2_VERSION, + .max_version = TLS1_2_VERSION, .ssl_new = tls1_new, .ssl_clear = tls1_clear, .ssl_free = tls1_free, diff --git a/src/lib/libssl/t1_meth.c b/src/lib/libssl/t1_meth.c index 261ab192be..5c37142ab3 100644 --- a/src/lib/libssl/t1_meth.c +++ b/src/lib/libssl/t1_meth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_meth.c,v 1.18 2016/11/04 18:30:21 guenther Exp $ */ +/* $OpenBSD: t1_meth.c,v 1.19 2017/01/21 06:50:02 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -66,6 +66,8 @@ static const SSL_METHOD *tls1_get_method(int ver); static const SSL_METHOD TLS_method_data = { .version = TLS1_2_VERSION, + .min_version = TLS1_VERSION, + .max_version = TLS1_2_VERSION, .ssl_new = tls1_new, .ssl_clear = tls1_clear, .ssl_free = tls1_free, @@ -98,6 +100,8 @@ static const SSL_METHOD TLS_method_data = { static const SSL_METHOD TLSv1_method_data = { .version = TLS1_VERSION, + .min_version = TLS1_VERSION, + .max_version = TLS1_VERSION, .ssl_new = tls1_new, .ssl_clear = tls1_clear, .ssl_free = tls1_free, @@ -130,6 +134,8 @@ static const SSL_METHOD TLSv1_method_data = { static const SSL_METHOD TLSv1_1_method_data = { .version = TLS1_1_VERSION, + .min_version = TLS1_1_VERSION, + .max_version = TLS1_1_VERSION, .ssl_new = tls1_new, .ssl_clear = tls1_clear, .ssl_free = tls1_free, @@ -162,6 +168,8 @@ static const SSL_METHOD TLSv1_1_method_data = { static const SSL_METHOD TLSv1_2_method_data = { .version = TLS1_2_VERSION, + .min_version = TLS1_2_VERSION, + .max_version = TLS1_2_VERSION, .ssl_new = tls1_new, .ssl_clear = tls1_clear, .ssl_free = tls1_free, diff --git a/src/lib/libssl/t1_srvr.c b/src/lib/libssl/t1_srvr.c index 74c73a4337..84ed66c7ed 100644 --- a/src/lib/libssl/t1_srvr.c +++ b/src/lib/libssl/t1_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_srvr.c,v 1.20 2016/11/04 18:30:21 guenther Exp $ */ +/* $OpenBSD: t1_srvr.c,v 1.21 2017/01/21 06:50:02 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -69,6 +69,8 @@ static const SSL_METHOD *tls1_get_server_method(int ver); static const SSL_METHOD TLS_server_method_data = { .version = TLS1_2_VERSION, + .min_version = TLS1_VERSION, + .max_version = TLS1_2_VERSION, .ssl_new = tls1_new, .ssl_clear = tls1_clear, .ssl_free = tls1_free, @@ -101,6 +103,8 @@ static const SSL_METHOD TLS_server_method_data = { static const SSL_METHOD TLSv1_server_method_data = { .version = TLS1_VERSION, + .min_version = TLS1_VERSION, + .max_version = TLS1_VERSION, .ssl_new = tls1_new, .ssl_clear = tls1_clear, .ssl_free = tls1_free, @@ -133,6 +137,8 @@ static const SSL_METHOD TLSv1_server_method_data = { static const SSL_METHOD TLSv1_1_server_method_data = { .version = TLS1_1_VERSION, + .min_version = TLS1_1_VERSION, + .max_version = TLS1_1_VERSION, .ssl_new = tls1_new, .ssl_clear = tls1_clear, .ssl_free = tls1_free, @@ -165,6 +171,8 @@ static const SSL_METHOD TLSv1_1_server_method_data = { static const SSL_METHOD TLSv1_2_server_method_data = { .version = TLS1_2_VERSION, + .min_version = TLS1_2_VERSION, + .max_version = TLS1_2_VERSION, .ssl_new = tls1_new, .ssl_clear = tls1_clear, .ssl_free = tls1_free, -- cgit v1.2.3-55-g6feb