Google Git
Sign in
boringssl/boringssl/09bd58d1f1c71ed7ea687d0295e23793ad3d98fa^!/.
commit
09bd58d1f1c71ed7ea687d0295e23793ad3d98fa
[log]
author
David Benjamin <davidben@chromium.org>
Tue Aug 12 21:22:28 2014 -0400
committer
Adam Langley <agl@google.com>
Wed Aug 13 21:58:03 2014 +0000
tree
ee720a11b8a300ea039c82f455b973ba919866a7
parent
16c623b83d2253e720d79ea1f1e56d81dc3f0059 [diff]
Replace some DTLS version checks with SSL_IS_DTLS.

They weren't updated to account for DTLS 1.2.

Change-Id: I81b3bfcb84a46d7b233bb567976a7de37bc46b92
Reviewed-on: https://boringssl-review.googlesource.com/1503
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index de2a9f7..f45ca62 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c

@@ -590,7 +590,7 @@
 	unsigned char *p;
 	size_t len,align=0,headerlen;
 	
-	if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
+	if (SSL_IS_DTLS(s))
 		headerlen = DTLS1_RT_HEADER_LENGTH;
 	else
 		headerlen = SSL3_RT_HEADER_LENGTH;

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 2b5021f..393d883 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c

@@ -886,8 +886,7 @@
 			return(s->s3->wpend_ret);
 			}
 		else if (i <= 0) {
-			if (s->version == DTLS1_VERSION ||
-			    s->version == DTLS1_BAD_VER) {
+			if (SSL_IS_DTLS(s)) {
 				/* For DTLS, just drop it. That's kind of the whole
 				   point in using a datagram service */
 				wb->left = 0;

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 59f70e8..42e3410 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c

@@ -495,8 +495,9 @@
 	unsigned key_len, iv_len, mac_secret_len;
 	const unsigned char *key_data;
 
-	/* Reset sequence number to zero. */
-	if (s->version != DTLS1_VERSION)
+	/* Reset sequence number to zero.
+	 * TODO(davidben): Is this redundant with dtls1_reset_seq_numbers? */
+	if (SSL_IS_DTLS(s))
 		memset(is_read ? s->s3->read_sequence : s->s3->write_sequence, 0, 8);
 
 	/* key_arg is used for SSLv2. We don't need it for TLS. */
@@ -735,7 +736,7 @@
 
 		seq = send ? s->s3->write_sequence : s->s3->read_sequence;
 
-		if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER)
+		if (SSL_IS_DTLS(s))
 			{
 			unsigned char dtlsseq[9], *p = dtlsseq;
 

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index df7b3fb..a8004a7 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c

@@ -320,7 +320,7 @@
 	ctx->session_id_len = CBS_len(&session_id);
 
 	/* Skip past DTLS cookie */
-	if (ctx->ssl->version == DTLS1_VERSION || ctx->ssl->version == DTLS1_BAD_VER)
+	if (SSL_IS_DTLS(ctx->ssl))
 		{
 		CBS cookie;