Gitiles
Code Review Sign In
gerrit.openfyde.cn / boringssl.googlesource.com / boringssl / ce079fda12a6fca06ec459c2d148fd1537d435b9^! / . / ssl / t1_lib.c
commitce079fda12a6fca06ec459c2d148fd1537d435b9[log] [tgz]
authorDavid Benjamin <davidben@google.com>Tue Aug 02 16:22:34 2016 -0400
committerCQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>Tue Aug 02 20:43:58 2016 +0000
tree2dfe28b4099bb0abc0782cd17ad9829819efc0a4
parentdc7a786d31aabcbe0ea5a4bd1e1da6dc07a5f8f1 [diff] [blame]
Add SSL_is_dtls.

OpenSSL 1.1.0 added a function to tell if an SSL* is DTLS or not. This
is probably a good idea, especially since SSL_version returns
non-normalized versions.

BUG=91

Change-Id: I25c6cf08b2ebabf0c610c74691de103399f729bc
Reviewed-on: https://boringssl-review.googlesource.com/9077
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index e35a38c..eef0d83 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c

@@ -225,7 +225,7 @@
   ctx->session_id_len = CBS_len(&session_id);
 
   /* Skip past DTLS cookie */
-  if (SSL_IS_DTLS(ctx->ssl)) {
+  if (SSL_is_dtls(ctx->ssl)) {
     CBS cookie;
 
     if (!CBS_get_u8_length_prefixed(&client_hello, &cookie)) {
@@ -1279,7 +1279,7 @@
   if (ssl->s3->initial_handshake_complete ||
       ssl->ctx->next_proto_select_cb == NULL ||
       (ssl->options & SSL_OP_DISABLE_NPN) ||
-      SSL_IS_DTLS(ssl)) {
+      SSL_is_dtls(ssl)) {
     return 1;
   }
 
@@ -1305,7 +1305,7 @@
    * extension in the ClientHello and thus this function should never have been
    * called. */
   assert(!ssl->s3->initial_handshake_complete);
-  assert(!SSL_IS_DTLS(ssl));
+  assert(!SSL_is_dtls(ssl));
   assert(ssl->ctx->next_proto_select_cb != NULL);
   assert(!(ssl->options & SSL_OP_DISABLE_NPN));
 
@@ -1366,7 +1366,7 @@
        * |next_proto_neg_seen|. */
       ssl->s3->alpn_selected != NULL ||
       ssl->ctx->next_protos_advertised_cb == NULL ||
-      SSL_IS_DTLS(ssl)) {
+      SSL_is_dtls(ssl)) {
     return 1;
   }
 
@@ -1615,7 +1615,7 @@
 
 static int ext_channel_id_add_clienthello(SSL *ssl, CBB *out) {
   if (!ssl->tlsext_channel_id_enabled ||
-      SSL_IS_DTLS(ssl)) {
+      SSL_is_dtls(ssl)) {
     return 1;
   }
 
@@ -1637,7 +1637,7 @@
     return 0;
   }
 
-  assert(!SSL_IS_DTLS(ssl));
+  assert(!SSL_is_dtls(ssl));
   assert(ssl->tlsext_channel_id_enabled);
 
   if (CBS_len(contents) != 0) {
@@ -1652,7 +1652,7 @@
                                             CBS *contents) {
   if (contents == NULL ||
       !ssl->tlsext_channel_id_enabled ||
-      SSL_IS_DTLS(ssl)) {
+      SSL_is_dtls(ssl)) {
     return 1;
   }
 
@@ -1840,7 +1840,7 @@
  * https://tools.ietf.org/html/rfc4492#section-5.1.2 */
 
 static int ssl_any_ec_cipher_suites_enabled(const SSL *ssl) {
-  if (ssl->version < TLS1_VERSION && !SSL_IS_DTLS(ssl)) {
+  if (ssl->version < TLS1_VERSION && !SSL_is_dtls(ssl)) {
     return 0;
   }
 
@@ -2424,7 +2424,7 @@
     goto err;
   }
 
-  if (!SSL_IS_DTLS(ssl)) {
+  if (!SSL_is_dtls(ssl)) {
     header_len += 2 + CBB_len(&extensions);
     if (header_len > 0xff && header_len < 0x200) {
       /* Add padding to workaround bugs in F5 terminators. See RFC 7685.