Google Git
Sign in
boringssl / boringssl.git / 2dc0204603f777597e2f97662e42887d1af5013f^! / . / ssl / internal.h
commit2dc0204603f777597e2f97662e42887d1af5013f[log] [tgz]
authorDavid Benjamin <davidben@google.com>Mon Sep 19 19:57:37 2016 -0400
committerCQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>Wed Sep 21 19:51:45 2016 +0000
tree51be5e0d7c4e766c6a5d08bccaa7c961338d0c15
parentc027999c28db2f448ea5795798080f6a5aaa01d6 [diff] [blame]
Don't return invalid versions in version_from_wire.

This is in preparation for using the supported_versions extension to
experiment with draft TLS 1.3 versions, since we don't wish to restore
the fallback. With versions begin opaque values, we will want
version_from_wire to reject unknown values, not attempt to preserve
order in some way.

This means ClientHello.version processing needs to be separate code.
That's just written out fully in negotiate_version now. It also means
SSL_set_{min,max}_version will notice invalid inputs which aligns us
better with upstream's versions of those APIs.

This CL doesn't replace ssl->version with an internal-representation
version, though follow work should do it once a couple of changes land
in consumers.

BUG=90

Change-Id: Id2f5e1fa72847c823ee7f082e9e69f55e51ce9da
Reviewed-on: https://boringssl-review.googlesource.com/11122
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/internal.h b/ssl/internal.h
index bdb392c..eff5672 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h

@@ -1090,14 +1090,10 @@
   uint16_t min_version;
   /* max_version is the maximum implemented version. */
   uint16_t max_version;
-  /* version_from_wire maps |wire_version| to a protocol version. For
-   * SSLv3/TLS, the version is returned as-is. For DTLS, the corresponding TLS
-   * version is used. Note that this mapping is not injective but preserves
-   * comparisons.
-   *
-   * TODO(davidben): To normalize some DTLS-specific code, move away from using
-   * the wire version except at API boundaries. */
-  uint16_t (*version_from_wire)(uint16_t wire_version);
+  /* version_from_wire maps |wire_version| to a protocol version. On success, it
+   * sets |*out_version| to the result and returns one. If the version is
+   * unknown, it returns zero. */
+  int (*version_from_wire)(uint16_t *out_version, uint16_t wire_version);
   /* version_to_wire maps |version| to the wire representation. It is an error
    * to call it with an invalid version. */
   uint16_t (*version_to_wire)(uint16_t version);