Replace enc_flags with normalized version checks.
This removes the various non-PRF checks from SSL3_ENC_METHOD so that can
have a clearer purpose. It also makes TLS 1.0 through 1.2's
SSL3_ENC_METHOD tables identical and gives us an assert to ensure
nothing accesses the version bits before version negotiation.
Accordingly, ssl_needs_record_splitting was reordered slightly so we
don't rely on enc_method being initialized to TLS 1.2
pre-version-negotiation.
This leaves alert_value as the only part of SSL3_ENC_METHOD which may be
accessed before version negotiation.
Change-Id: If9e299e2ef5511b5fa442b2af654eed054c3e675
Reviewed-on: https://boringssl-review.googlesource.com/6842
Reviewed-by: Adam Langley <alangley@gmail.com>
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 346746a..7a336f1 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2646,7 +2646,7 @@
int tls1_parse_peer_sigalgs(SSL *ssl, const CBS *in_sigalgs) {
/* Extension ignored for inappropriate versions */
- if (!SSL_USE_SIGALGS(ssl)) {
+ if (ssl3_protocol_version(ssl) < TLS1_2_VERSION) {
return 1;
}
