commit ceb6f2880feb600ff76604db6deae15dc2e93899
author David Benjamin <davidben@chromium.org> Sun Dec 07 23:56:19 2014 -0500
committer Adam Langley <agl@google.com> Sat Dec 13 22:35:52 2014 +0000
tree 757d3e122941f94d3b776ace3cb931274dae0cf7
parent 69b9e597ae5c16ece1ce919b45e845f7a5433b90

Factor out remaining version-related functions.

Now SSLv23 and DTLS_ANY_VERSION share version-related helper functions.
ssl3_get_method is temporary until the method switch is no longer necessary.

Put them all together so there's one place to refactor them when we add a new
version or implement min_version/max_version controls.

Change-Id: Ic28a145cad22db08a87fdb854480b22886c451c6
Reviewed-on: https://boringssl-review.googlesource.com/2580
Reviewed-by: Adam Langley <agl@google.com>

ssl/ssl_locl.h

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 1c81370..9940eb0 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -929,13 +929,6 @@
 void dtls1_hm_fragment_free(hm_fragment *frag);
 
 /* some client-only functions */
-
-/* ssl3_get_max_client_version returns the maximum protocol version configured
- * for the client. It is guaranteed that the set of allowed versions at or below
- * this maximum version is contiguous. If all versions are disabled, it returns
- * zero. */
-uint16_t ssl3_get_max_client_version(SSL *s);
-
 int ssl3_send_client_hello(SSL *s);
 int ssl3_get_server_hello(SSL *s);
 int ssl3_get_certificate_request(SSL *s);
@@ -1078,7 +1071,30 @@
 	const uint8_t *master, size_t master_len);
 
 int ssl3_can_cutthrough(const SSL *s);
-int ssl_get_max_version(const SSL *s);
+
+/* ssl3_get_method returns the version-locked SSL_METHOD corresponding
+ * to |version|. */
+const SSL_METHOD *ssl3_get_method(uint16_t version);
+
+/* ssl3_get_max_server_version returns the maximum SSL/TLS version number
+ * supported by |s| as a server, or zero if all versions are disabled. */
+uint16_t ssl3_get_max_server_version(const SSL *s);
+
+/* ssl3_get_mutual_version selects the protocol version on |s| for a client
+ * which advertises |client_version|. If no suitable version exists, it returns
+ * zero. */
+uint16_t ssl3_get_mutual_version(SSL *s, uint16_t client_version);
+
+/* ssl3_get_max_client_version returns the maximum protocol version configured
+ * for the client. It is guaranteed that the set of allowed versions at or below
+ * this maximum version is contiguous. If all versions are disabled, it returns
+ * zero. */
+uint16_t ssl3_get_max_client_version(SSL *s);
+
+/* ssl3_is_version_enabled returns one if |version| is an enabled protocol
+ * version for |s| and zero otherwise. */
+int ssl3_is_version_enabled(SSL *s, uint16_t version);
+
 EVP_MD_CTX* ssl_replace_hash(EVP_MD_CTX **hash,const EVP_MD *md) ;
 void ssl_clear_hash_ctx(EVP_MD_CTX **hash);
 int ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len,