diff options
| author | Matt Caswell <matt@openssl.org> | 2016-11-07 14:59:12 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2016-11-09 09:10:30 +0000 |
| commit | df7ce507fcc147d8319bcb55f07197a22f6acf59 (patch) | |
| tree | 49ebfc138d0d84eda27bbb2fc3636b2de034dd5d /ssl | |
| parent | 58c9e32a3a4b187b9a4c14448edcf182e6754b64 (diff) | |
| download | openssl-df7ce507fcc147d8319bcb55f07197a22f6acf59.tar.gz | |
Rename clienthello.version to clienthello.legacy_version
For consistency with the TLSv1.3 spec.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/ssl_locl.h | 2 | ||||
| -rw-r--r-- | ssl/statem/statem_lib.c | 2 | ||||
| -rw-r--r-- | ssl/statem/statem_srvr.c | 12 |
3 files changed, 8 insertions, 8 deletions
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 79f47fc590..79542386bc 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -1633,7 +1633,7 @@ typedef struct raw_extension_st { typedef struct { unsigned int isv2; - unsigned int version; + unsigned int legacy_version; unsigned char random[SSL3_RANDOM_SIZE]; size_t session_id_len; unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH]; diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 02537fac79..a3a31bc740 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -992,7 +992,7 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello) * handle version. */ int server_version = s->method->version; - int client_version = hello->version; + int client_version = hello->legacy_version; const version_info *vent; const version_info *table; int disabled = 0; diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 3935c79acd..2ec862caca 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -939,7 +939,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt) } } - if (!PACKET_get_net_2(pkt, &clienthello.version)) { + if (!PACKET_get_net_2(pkt, &clienthello.legacy_version)) { al = SSL_AD_DECODE_ERROR; SSLerr(SSL_F_TLS_PROCESS_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); goto err; @@ -1082,8 +1082,8 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt) /* Choose the version */ if (clienthello.isv2) { - if (clienthello.version == SSL2_VERSION - || (clienthello.version & 0xff00) + if (clienthello.legacy_version == SSL2_VERSION + || (clienthello.legacy_version & 0xff00) != (SSL3_VERSION_MAJOR << 8)) { /* * This is real SSLv2 or something complete unknown. We don't @@ -1093,7 +1093,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt) goto err; } /* SSLv3/TLS */ - s->client_version = clienthello.version; + s->client_version = clienthello.legacy_version; } /* * Do SSL/TLS version negotiation if applicable. For DTLS we just check @@ -1102,7 +1102,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt) if (!SSL_IS_DTLS(s)) { protverr = ssl_choose_server_version(s, &clienthello); } else if (s->method->version != DTLS_ANY_VERSION && - DTLS_VERSION_LT((int)clienthello.version, s->version)) { + DTLS_VERSION_LT((int)clienthello.legacy_version, s->version)) { protverr = SSL_R_VERSION_TOO_LOW; } else { protverr = 0; @@ -1112,7 +1112,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt) SSLerr(SSL_F_TLS_PROCESS_CLIENT_HELLO, protverr); if ((!s->enc_write_ctx && !s->write_hash)) { /* like ssl3_get_record, send alert using remote version number */ - s->version = s->client_version = clienthello.version; + s->version = s->client_version = clienthello.legacy_version; } al = SSL_AD_PROTOCOL_VERSION; goto f_err; |