diff options
| author |   jsing <jsing@openbsd.org> | 2017-01-03 16:57:15 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2017-01-03 16:57:15 +0000 |
| commit | 17e99b6893f81738d55135d6a354300a5b825341 (patch) | |
| tree | 4f4d5966df1e1c1e6b435b3ffe6eb0389756fda2 /lib/libssl/ssl_lib.c | |
| parent | Don't try to reconfigure the multicast group in the detach handler of (diff) | |
| download | wireguard-openbsd-17e99b6893f81738d55135d6a354300a5b825341.tar.xz wireguard-openbsd-17e99b6893f81738d55135d6a354300a5b825341.zip | |
Pull out, rework and dedup the code that determines the highest shared
version.
ok beck@ doug@
Diffstat (limited to 'lib/libssl/ssl_lib.c')
| -rw-r--r-- | lib/libssl/ssl_lib.c | 36 |
1 files changed, 33 insertions, 3 deletions
diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c index 11f46161a9b..a4ca1afb1da 100644 --- a/lib/libssl/ssl_lib.c +++ b/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.123 2016/12/30 16:57:01 jsing Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.124 2017/01/03 16:57:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2516,14 +2516,44 @@ ssl_enabled_version_range(SSL *s, uint16_t *min_ver, uint16_t *max_ver) /* Everything has been disabled... */ if (min_version == 0 || max_version == 0) - return -1; + return 0; if (min_ver != NULL) *min_ver = min_version; if (max_ver != NULL) *max_ver = max_version; - return 0; + return 1; +} + +int +ssl_max_shared_version(SSL *s, uint16_t peer_ver, uint16_t *max_ver) +{ + uint16_t min_version, max_version, shared_version; + + *max_ver = 0; + + if (peer_ver >= TLS1_2_VERSION) + shared_version = TLS1_2_VERSION; + else if (peer_ver >= TLS1_1_VERSION) + shared_version = TLS1_1_VERSION; + else if (peer_ver >= TLS1_VERSION) + shared_version = TLS1_VERSION; + else + return 0; + + if (!ssl_enabled_version_range(s, &min_version, &max_version)) + return 0; + + if (shared_version < min_version) + return 0; + + if (shared_version > max_version) + shared_version = max_version; + + *max_ver = shared_version; + + return 1; } uint16_t |