diff options
author | Kurt Roeckx <kurt@roeckx.be> | 2018-12-09 20:53:05 +0100 |
---|---|---|
committer | Kurt Roeckx <kurt@roeckx.be> | 2018-12-15 12:52:02 +0100 |
commit | 5c587fb6b996d47771bcaecd71489e4849103f56 (patch) | |
tree | f71bf7705554609990fbc47aa936f61d942c4c2f /ssl/statem/statem_lib.c | |
parent | 91c5473035aaf2c0d86e4039c2a29a5b70541905 (diff) |
Use (D)TLS_MAX_VERSION_INTERNAL internally
Use 0 if we don't want to set a minimum or maximum version
Reviewed-by: Matt Caswell <matt@openssl.org>
GH: #7260
Diffstat (limited to 'ssl/statem/statem_lib.c')
-rw-r--r-- | ssl/statem/statem_lib.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 9e68e05ccf..1a9aa41b99 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -1417,7 +1417,7 @@ typedef struct { const SSL_METHOD *(*smeth) (void); } version_info; -#if TLS_MAX_VERSION != TLS1_3_VERSION +#if TLS_MAX_VERSION_INTERNAL != TLS1_3_VERSION # error Code needs update for TLS_method() support beyond TLS1_3_VERSION. #endif @@ -1451,7 +1451,7 @@ static const version_info tls_version_table[] = { {0, NULL, NULL}, }; -#if DTLS_MAX_VERSION != DTLS1_2_VERSION +#if DTLS_MAX_VERSION_INTERNAL != DTLS1_2_VERSION # error Code needs update for DTLS_method() support beyond DTLS1_2_VERSION. #endif @@ -1684,12 +1684,12 @@ int ssl_set_version_bound(int method_version, int version, int *bound) return 0; case TLS_ANY_VERSION: - if (version < SSL3_VERSION || version > TLS_MAX_VERSION) + if (version < SSL3_VERSION || version > TLS_MAX_VERSION_INTERNAL) return 0; break; case DTLS_ANY_VERSION: - if (DTLS_VERSION_GT(version, DTLS_MAX_VERSION) || + if (DTLS_VERSION_GT(version, DTLS_MAX_VERSION_INTERNAL) || DTLS_VERSION_LT(version, DTLS1_BAD_VER)) return 0; break; @@ -1735,7 +1735,7 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd) * With version-flexible methods we have an initial state with: * * s->method->version == (D)TLS_ANY_VERSION, - * s->version == (D)TLS_MAX_VERSION. + * s->version == (D)TLS_MAX_VERSION_INTERNAL. * * So we detect version-flexible methods via the method version, not the * handle version. |