From: jsing <jsing@openbsd.org>
Date: Sat, 20 Feb 2021 08:30:52 +0000 (+0000)
Subject: Handle DTLS1_2_VERSION in various places.
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=e9d01b14de6233c551b61ccdf5567bc15ea90a64;p=openbsd

Handle DTLS1_2_VERSION in various places.

ok tb@
---

diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index a48d97f17e4..f8028752744 100644
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.245 2021/02/08 17:20:47 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.246 2021/02/20 08:30:52 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -2455,8 +2455,6 @@ const char *
 ssl_version_string(int ver)
 {
 	switch (ver) {
-	case DTLS1_VERSION:
-		return (SSL_TXT_DTLS1);
 	case TLS1_VERSION:
 		return (SSL_TXT_TLSV1);
 	case TLS1_1_VERSION:
@@ -2465,6 +2463,10 @@ ssl_version_string(int ver)
 		return (SSL_TXT_TLSV1_2);
 	case TLS1_3_VERSION:
 		return (SSL_TXT_TLSV1_3);
+	case DTLS1_VERSION:
+		return (SSL_TXT_DTLS1);
+	case DTLS1_2_VERSION:
+		return (SSL_TXT_DTLS1_2);
 	default:
 		return ("unknown");
 	}
diff --git a/lib/libssl/ssl_sess.c b/lib/libssl/ssl_sess.c
index be5cbbeec64..4d5b8156c41 100644
--- a/lib/libssl/ssl_sess.c
+++ b/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.101 2020/10/11 02:22:27 jsing Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.102 2021/02/20 08:30:52 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -345,6 +345,7 @@ ssl_get_new_session(SSL *s, int session)
 		case TLS1_1_VERSION:
 		case TLS1_2_VERSION:
 		case DTLS1_VERSION:
+		case DTLS1_2_VERSION:
 			ss->ssl_version = s->version;
 			ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
 			break;
diff --git a/lib/libssl/ssl_versions.c b/lib/libssl/ssl_versions.c
index 83d0d06af50..2245ae15b5b 100644
--- a/lib/libssl/ssl_versions.c
+++ b/lib/libssl/ssl_versions.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_versions.c,v 1.9 2021/02/07 15:04:10 jsing Exp $ */
+/* $OpenBSD: ssl_versions.c,v 1.10 2021/02/20 08:30:52 jsing Exp $ */
 /*
  * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
  *
@@ -236,7 +236,7 @@ int
 ssl_legacy_stack_version(SSL *s, uint16_t version)
 {
 	if (SSL_is_dtls(s))
-		return version == DTLS1_VERSION;
+		return version == DTLS1_VERSION || version == DTLS1_2_VERSION;
 
 	return version == TLS1_VERSION || version == TLS1_1_VERSION ||
 	    version == TLS1_2_VERSION;