Remove method swap in DTLS_ANY_VERSION. DTLS_method() can now negotiate versions without switching methods. Change-Id: I0655b3221b6e7e4b3ed4acc45f1f41c594447021 Reviewed-on: https://boringssl-review.googlesource.com/2582 Reviewed-by: Adam Langley <agl@google.com>

commit: 9ec6bcaebed8290e537743b9070588bfc5fbe120 [log] [tgz]
author: David Benjamin <davidben@chromium.org> Thu Dec 11 03:26:22 2014 -0500
committer: Adam Langley <agl@google.com> Sat Dec 13 22:39:46 2014 +0000
tree: 7e54fbe796213e6483d131c5103cb285265e6cac
parent: e99e912bea854910c56301985afc3e72dcfe0404 [diff]
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 4f98ac9..0021657 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c

@@ -1317,15 +1317,15 @@
 	 * we haven't decided which version to use yet send back using 
 	 * version 1.0 header: otherwise some clients will ignore it.
 	 */
-	if (s->method->version == DTLS_ANY_VERSION)
+	if (!s->s3->have_version)
 		{
-		*(p++)=DTLS1_VERSION>>8;
-		*(p++)=DTLS1_VERSION&0xff;
+		*(p++) = DTLS1_VERSION >> 8;
+		*(p++) = DTLS1_VERSION & 0xff;
 		}
 	else
 		{
-		*(p++)=s->version>>8;
-		*(p++)=s->version&0xff;
+		*(p++) = s->version >> 8;
+		*(p++) = s->version & 0xff;
 		}
 
 	/* field where we are to write out packet epoch, seq num and len */

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 5570a82..2f2c451 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c

@@ -590,7 +590,7 @@
 	buf=(unsigned char *)s->init_buf->data;
 	if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
 		{
-		if (s->method->version == DTLS_ANY_VERSION)
+		if (!s->s3->have_version && s->method->version == DTLS_ANY_VERSION)
 			{
 			uint16_t max_version = ssl3_get_max_client_version(s);
 			/* Disabling all versions is silly: return an error. */
@@ -771,7 +771,7 @@
 		goto f_err;
 		}
 
-	if (s->method->version == DTLS_ANY_VERSION)
+	if (!s->s3->have_version && s->method->version == DTLS_ANY_VERSION)
 		{
 		if (!ssl3_is_version_enabled(s, server_version))
 			{
@@ -781,13 +781,10 @@
 			goto f_err;
 			}
 		s->version = server_version;
-		s->method = ssl3_get_method(server_version);
-		assert(s->method != NULL);
 		s->enc_method = ssl3_get_enc_method(server_version);
 		assert(s->enc_method != NULL);
 		}
-
-	if (server_version != s->version)
+	else if (server_version != s->version)
 		{
 		OPENSSL_PUT_ERROR(SSL, ssl3_get_server_hello, SSL_R_WRONG_SSL_VERSION);
 		s->version = (s->version & 0xff00) | (server_version & 0xff);

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index f9012cc..71f7fef 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c

@@ -794,21 +794,6 @@
 	 * (may differ: see RFC 2246, Appendix E, second paragraph) */
 	s->client_version = client_version;
 
-	if (SSL_IS_DTLS(s)  ?	(s->client_version > s->version &&
-				 s->method->version != DTLS_ANY_VERSION)
-			    :	(s->client_version < s->version))
-		{
-		OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_WRONG_VERSION_NUMBER);
-		if ((s->client_version>>8) == SSL3_VERSION_MAJOR &&
-			!s->s3->have_version)
-			{
-			/* similar to ssl3_get_record, send alert using remote version number */
-			s->version = s->client_version;
-			}
-		al = SSL_AD_PROTOCOL_VERSION;
-		goto f_err;
-		}
-
 	/* Load the client random. */
 	memcpy(s->s3->client_random, CBS_data(&client_random), SSL3_RANDOM_SIZE);
 
@@ -850,24 +835,35 @@
 			 * don't send HelloVerifyRequest. */
 			ret = -2;
 			}
+		}
 
-		if (s->method->version == DTLS_ANY_VERSION)
+	if (!s->s3->have_version && s->method->version == DTLS_ANY_VERSION)
+		{
+		/* Select version to use */
+		uint16_t version = ssl3_get_mutual_version(s, client_version);
+		if (version == 0)
 			{
-			/* Select version to use */
-			uint16_t version = ssl3_get_mutual_version(s, client_version);
-			if (version == 0)
-				{
-				OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_WRONG_VERSION_NUMBER);
-				s->version = s->client_version;
-				al = SSL_AD_PROTOCOL_VERSION;
-				goto f_err;
-				}
-			s->version = version;
-			s->method = ssl3_get_method(version);
-			assert(s->method != NULL);
-			s->enc_method = ssl3_get_enc_method(version);
-			assert(s->enc_method != NULL);
+			OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_WRONG_VERSION_NUMBER);
+			s->version = s->client_version;
+			al = SSL_AD_PROTOCOL_VERSION;
+			goto f_err;
 			}
+		s->version = version;
+		s->enc_method = ssl3_get_enc_method(version);
+		assert(s->enc_method != NULL);
+		}
+	else if (SSL_IS_DTLS(s)  ?	(s->client_version > s->version)
+		                 :	(s->client_version < s->version))
+		{
+		OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_WRONG_VERSION_NUMBER);
+		if ((s->client_version>>8) == SSL3_VERSION_MAJOR &&
+			!s->s3->have_version)
+			{
+			/* similar to ssl3_get_record, send alert using remote version number */
+			s->version = s->client_version;
+			}
+		al = SSL_AD_PROTOCOL_VERSION;
+		goto f_err;
 		}
 
 	/* At this point, the connection's version is known and s->version is
commit	9ec6bcaebed8290e537743b9070588bfc5fbe120	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Thu Dec 11 03:26:22 2014 -0500
committer	Adam Langley <agl@google.com>	Sat Dec 13 22:39:46 2014 +0000
tree	7e54fbe796213e6483d131c5103cb285265e6cac
parent	e99e912bea854910c56301985afc3e72dcfe0404 [diff]