Align SSL_set_{min,max}_version with upstream.
Upstream added these functions after we did but decided to change the
names slightly. I'm not sure why they wanted to add the "proto" in
there, but align with them nonetheless so the ecosystem only has one set
of these functions.
BUG=90
Change-Id: Ia9863c58c9734374092051f02952b112806040cc
Reviewed-on: https://boringssl-review.googlesource.com/11123
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc
index 4c4c0f4..b42315b 100644
--- a/ssl/ssl_test.cc
+++ b/ssl/ssl_test.cc
@@ -1524,8 +1524,8 @@
if (!ctx ||
!SSL_CTX_use_certificate(ctx.get(), cert.get()) ||
!SSL_CTX_use_PrivateKey(ctx.get(), key.get()) ||
- !SSL_CTX_set_min_version(ctx.get(), version) ||
- !SSL_CTX_set_max_version(ctx.get(), version)) {
+ !SSL_CTX_set_min_proto_version(ctx.get(), version) ||
+ !SSL_CTX_set_max_proto_version(ctx.get(), version)) {
return false;
}
SSL_CTX_set_verify(
@@ -1591,8 +1591,8 @@
if (!ctx ||
!SSL_CTX_use_certificate(ctx.get(), cert.get()) ||
!SSL_CTX_use_PrivateKey(ctx.get(), key.get()) ||
- !SSL_CTX_set_min_version(ctx.get(), version) ||
- !SSL_CTX_set_max_version(ctx.get(), version)) {
+ !SSL_CTX_set_min_proto_version(ctx.get(), version) ||
+ !SSL_CTX_set_max_proto_version(ctx.get(), version)) {
return false;
}
SSL_CTX_set_verify(
@@ -1632,7 +1632,7 @@
size_t expected_len) {
bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
if (!ctx ||
- !SSL_CTX_set_max_version(ctx.get(), version) ||
+ !SSL_CTX_set_max_proto_version(ctx.get(), version) ||
// Our default cipher list varies by CPU capabilities, so manually place
// the ChaCha20 ciphers in front.
!SSL_CTX_set_cipher_list(ctx.get(), "CHACHA20:ALL")) {
@@ -1872,10 +1872,10 @@
!SSL_CTX_use_PrivateKey(server_ctx.get(), key.get()) ||
!SSL_CTX_set_session_id_context(server_ctx.get(), kContext1,
sizeof(kContext1)) ||
- !SSL_CTX_set_min_version(client_ctx.get(), version) ||
- !SSL_CTX_set_max_version(client_ctx.get(), version) ||
- !SSL_CTX_set_min_version(server_ctx.get(), version) ||
- !SSL_CTX_set_max_version(server_ctx.get(), version)) {
+ !SSL_CTX_set_min_proto_version(client_ctx.get(), version) ||
+ !SSL_CTX_set_max_proto_version(client_ctx.get(), version) ||
+ !SSL_CTX_set_min_proto_version(server_ctx.get(), version) ||
+ !SSL_CTX_set_max_proto_version(server_ctx.get(), version)) {
return false;
}
@@ -1932,10 +1932,10 @@
if (!server_ctx || !client_ctx ||
!SSL_CTX_use_certificate(server_ctx.get(), cert.get()) ||
!SSL_CTX_use_PrivateKey(server_ctx.get(), key.get()) ||
- !SSL_CTX_set_min_version(client_ctx.get(), version) ||
- !SSL_CTX_set_max_version(client_ctx.get(), version) ||
- !SSL_CTX_set_min_version(server_ctx.get(), version) ||
- !SSL_CTX_set_max_version(server_ctx.get(), version)) {
+ !SSL_CTX_set_min_proto_version(client_ctx.get(), version) ||
+ !SSL_CTX_set_max_proto_version(client_ctx.get(), version) ||
+ !SSL_CTX_set_min_proto_version(server_ctx.get(), version) ||
+ !SSL_CTX_set_max_proto_version(server_ctx.get(), version)) {
return false;
}
@@ -2011,12 +2011,12 @@
// key to only sign SHA-256.
!SSL_CTX_set_signing_algorithm_prefs(server_ctx2.get(),
&kECDSAWithSHA256, 1) ||
- !SSL_CTX_set_min_version(client_ctx.get(), version) ||
- !SSL_CTX_set_max_version(client_ctx.get(), version) ||
- !SSL_CTX_set_min_version(server_ctx.get(), version) ||
- !SSL_CTX_set_max_version(server_ctx.get(), version) ||
- !SSL_CTX_set_min_version(server_ctx2.get(), version) ||
- !SSL_CTX_set_max_version(server_ctx2.get(), version)) {
+ !SSL_CTX_set_min_proto_version(client_ctx.get(), version) ||
+ !SSL_CTX_set_max_proto_version(client_ctx.get(), version) ||
+ !SSL_CTX_set_min_proto_version(server_ctx.get(), version) ||
+ !SSL_CTX_set_max_proto_version(server_ctx.get(), version) ||
+ !SSL_CTX_set_min_proto_version(server_ctx2.get(), version) ||
+ !SSL_CTX_set_max_proto_version(server_ctx2.get(), version)) {
return false;
}
@@ -2044,7 +2044,7 @@
}
static int SetMaxVersion(const struct ssl_early_callback_ctx *ctx) {
- if (!SSL_set_max_version(ctx->ssl, TLS1_2_VERSION)) {
+ if (!SSL_set_max_proto_version(ctx->ssl, TLS1_2_VERSION)) {
return -1;
}
@@ -2061,8 +2061,8 @@
if (!cert || !key || !server_ctx || !client_ctx ||
!SSL_CTX_use_certificate(server_ctx.get(), cert.get()) ||
!SSL_CTX_use_PrivateKey(server_ctx.get(), key.get()) ||
- !SSL_CTX_set_max_version(client_ctx.get(), TLS1_3_VERSION) ||
- !SSL_CTX_set_max_version(server_ctx.get(), TLS1_3_VERSION)) {
+ !SSL_CTX_set_max_proto_version(client_ctx.get(), TLS1_3_VERSION) ||
+ !SSL_CTX_set_max_proto_version(server_ctx.get(), TLS1_3_VERSION)) {
return false;
}
@@ -2088,20 +2088,20 @@
return false;
}
- if (!SSL_CTX_set_max_version(ctx.get(), TLS1_VERSION) ||
- !SSL_CTX_set_max_version(ctx.get(), TLS1_1_VERSION) ||
- !SSL_CTX_set_min_version(ctx.get(), TLS1_VERSION) ||
- !SSL_CTX_set_min_version(ctx.get(), TLS1_1_VERSION)) {
+ if (!SSL_CTX_set_max_proto_version(ctx.get(), TLS1_VERSION) ||
+ !SSL_CTX_set_max_proto_version(ctx.get(), TLS1_1_VERSION) ||
+ !SSL_CTX_set_min_proto_version(ctx.get(), TLS1_VERSION) ||
+ !SSL_CTX_set_min_proto_version(ctx.get(), TLS1_1_VERSION)) {
fprintf(stderr, "Could not set valid TLS version.\n");
return false;
}
- if (SSL_CTX_set_max_version(ctx.get(), DTLS1_VERSION) ||
- SSL_CTX_set_max_version(ctx.get(), 0x0200) ||
- SSL_CTX_set_max_version(ctx.get(), 0x1234) ||
- SSL_CTX_set_min_version(ctx.get(), DTLS1_VERSION) ||
- SSL_CTX_set_min_version(ctx.get(), 0x0200) ||
- SSL_CTX_set_min_version(ctx.get(), 0x1234)) {
+ if (SSL_CTX_set_max_proto_version(ctx.get(), DTLS1_VERSION) ||
+ SSL_CTX_set_max_proto_version(ctx.get(), 0x0200) ||
+ SSL_CTX_set_max_proto_version(ctx.get(), 0x1234) ||
+ SSL_CTX_set_min_proto_version(ctx.get(), DTLS1_VERSION) ||
+ SSL_CTX_set_min_proto_version(ctx.get(), 0x0200) ||
+ SSL_CTX_set_min_proto_version(ctx.get(), 0x1234)) {
fprintf(stderr, "Unexpectedly set invalid TLS version.\n");
return false;
}
@@ -2111,22 +2111,22 @@
return false;
}
- if (!SSL_CTX_set_max_version(ctx.get(), DTLS1_VERSION) ||
- !SSL_CTX_set_max_version(ctx.get(), DTLS1_2_VERSION) ||
- !SSL_CTX_set_min_version(ctx.get(), DTLS1_VERSION) ||
- !SSL_CTX_set_min_version(ctx.get(), DTLS1_2_VERSION)) {
+ if (!SSL_CTX_set_max_proto_version(ctx.get(), DTLS1_VERSION) ||
+ !SSL_CTX_set_max_proto_version(ctx.get(), DTLS1_2_VERSION) ||
+ !SSL_CTX_set_min_proto_version(ctx.get(), DTLS1_VERSION) ||
+ !SSL_CTX_set_min_proto_version(ctx.get(), DTLS1_2_VERSION)) {
fprintf(stderr, "Could not set valid DTLS version.\n");
return false;
}
- if (SSL_CTX_set_max_version(ctx.get(), TLS1_VERSION) ||
- SSL_CTX_set_max_version(ctx.get(), 0xfefe /* DTLS 1.1 */) ||
- SSL_CTX_set_max_version(ctx.get(), 0xfffe /* DTLS 0.1 */) ||
- SSL_CTX_set_max_version(ctx.get(), 0x1234) ||
- SSL_CTX_set_min_version(ctx.get(), TLS1_VERSION) ||
- SSL_CTX_set_min_version(ctx.get(), 0xfefe /* DTLS 1.1 */) ||
- SSL_CTX_set_min_version(ctx.get(), 0xfffe /* DTLS 0.1 */) ||
- SSL_CTX_set_min_version(ctx.get(), 0x1234)) {
+ if (SSL_CTX_set_max_proto_version(ctx.get(), TLS1_VERSION) ||
+ SSL_CTX_set_max_proto_version(ctx.get(), 0xfefe /* DTLS 1.1 */) ||
+ SSL_CTX_set_max_proto_version(ctx.get(), 0xfffe /* DTLS 0.1 */) ||
+ SSL_CTX_set_max_proto_version(ctx.get(), 0x1234) ||
+ SSL_CTX_set_min_proto_version(ctx.get(), TLS1_VERSION) ||
+ SSL_CTX_set_min_proto_version(ctx.get(), 0xfefe /* DTLS 1.1 */) ||
+ SSL_CTX_set_min_proto_version(ctx.get(), 0xfffe /* DTLS 0.1 */) ||
+ SSL_CTX_set_min_proto_version(ctx.get(), 0x1234)) {
fprintf(stderr, "Unexpectedly set invalid DTLS version.\n");
return false;
}
