artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 930b1de) | patch
Improve internal version handling.
authorjsing <jsing@openbsd.org>
Wed, 10 Mar 2021 18:27:01 +0000 (18:27 +0000)
committerjsing <jsing@openbsd.org>
Wed, 10 Mar 2021 18:27:01 +0000 (18:27 +0000)
commitc5e6469d48821e65e529c0cc22a8e2488f1c75fe
treed9d607ff358c016d608848d92624de428bd26f32tree | snapshot
parent930b1de678e1c758155aca94ecbdafd8188d1647commit | diff
Improve internal version handling.

Add handshake fields for our minimum TLS version, our maximum TLS version
and the TLS version negotiated during the handshake. Initialise our min/max
versions at the start of the handshake and leave these unchanged. The
negotiated TLS version is set in the client once we receive the ServerHello
and in the server at the point we select the highest shared version.

Provide an ssl_effective_version() function that returns the negotiated TLS
version if known, otherwise our maximum TLS version - this is effectively
what is stored in s->version currently.

Convert most of the internal code to use one of these three version fields,
which greatly simplifies code (especially in the TLS extension handling
code).

ok tb@
lib/libssl/ssl_clnt.c diff | blob | history
lib/libssl/ssl_locl.h diff | blob | history
lib/libssl/ssl_pkt.c diff | blob | history
lib/libssl/ssl_sigalgs.c diff | blob | history
lib/libssl/ssl_srvr.c diff | blob | history
lib/libssl/ssl_tlsext.c diff | blob | history
lib/libssl/ssl_versions.c diff | blob | history
lib/libssl/tls13_client.c diff | blob | history
lib/libssl/tls13_server.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim