diff options
| author |   jsing <jsing@openbsd.org> | 2020-09-17 15:23:29 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2020-09-17 15:23:29 +0000 |
| commit | bfc125def3cf0f5ce55e16d56d0074d883706f74 (patch) | |
| tree | e548ee5ca9a6d30f6da28dfc46c9419e34f16970 /lib/libssl/ssl_methods.c | |
| parent | Fix the previous commit whose conditions were reversed. (diff) | |
| download | wireguard-openbsd-bfc125def3cf0f5ce55e16d56d0074d883706f74.tar.xz wireguard-openbsd-bfc125def3cf0f5ce55e16d56d0074d883706f74.zip | |
Simplify SSL method lookups.
There are three places where we call tls1_get_{client,server}_method() and
if that returns NULL, call dtls1_get_{client,server}_method(). Simplify
this by combining the lookup into a single function. While here also use
uint16_t for version types.
ok inoguchi@ millert@
Diffstat (limited to 'lib/libssl/ssl_methods.c')
| -rw-r--r-- | lib/libssl/ssl_methods.c | 84 |
1 files changed, 35 insertions, 49 deletions
diff --git a/lib/libssl/ssl_methods.c b/lib/libssl/ssl_methods.c index c500d7ac06c..ff8d17af060 100644 --- a/lib/libssl/ssl_methods.c +++ b/lib/libssl/ssl_methods.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_methods.c,v 1.15 2020/09/15 09:41:24 jsing Exp $ */ +/* $OpenBSD: ssl_methods.c,v 1.16 2020/09/17 15:23:29 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -98,14 +98,6 @@ DTLS_client_method(void) return DTLSv1_client_method(); } -const SSL_METHOD * -dtls1_get_client_method(int ver) -{ - if (ver == DTLS1_VERSION) - return (DTLSv1_client_method()); - return (NULL); -} - static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = { .version = DTLS1_VERSION, .min_version = DTLS1_VERSION, @@ -184,14 +176,6 @@ DTLS_server_method(void) return DTLSv1_server_method(); } -const SSL_METHOD * -dtls1_get_server_method(int ver) -{ - if (ver == DTLS1_VERSION) - return (DTLSv1_server_method()); - return (NULL); -} - #ifdef LIBRESSL_HAS_TLS1_3_CLIENT static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = { .version = TLS1_3_VERSION, @@ -330,22 +314,6 @@ static const SSL_METHOD TLSv1_2_client_method_data = { }; const SSL_METHOD * -tls1_get_client_method(int ver) -{ -#ifdef LIBRESSL_HAS_TLS1_3_CLIENT - if (ver == TLS1_3_VERSION) - return (TLS_client_method()); -#endif - if (ver == TLS1_2_VERSION) - return (TLSv1_2_client_method()); - if (ver == TLS1_1_VERSION) - return (TLSv1_1_client_method()); - if (ver == TLS1_VERSION) - return (TLSv1_client_method()); - return (NULL); -} - -const SSL_METHOD * SSLv23_client_method(void) { return (TLS_client_method()); @@ -700,22 +668,6 @@ static const SSL_METHOD TLSv1_2_server_method_data = { }; const SSL_METHOD * -tls1_get_server_method(int ver) -{ -#ifdef LIBRESSL_HAS_TLS1_3_SERVER - if (ver == TLS1_3_VERSION) - return (TLS_server_method()); -#endif - if (ver == TLS1_2_VERSION) - return (TLSv1_2_server_method()); - if (ver == TLS1_1_VERSION) - return (TLSv1_1_server_method()); - if (ver == TLS1_VERSION) - return (TLSv1_server_method()); - return (NULL); -} - -const SSL_METHOD * SSLv23_server_method(void) { return (TLS_server_method()); @@ -754,3 +706,37 @@ TLSv1_2_server_method(void) { return (&TLSv1_2_server_method_data); } + +const SSL_METHOD * +ssl_get_client_method(uint16_t version) +{ + if (version == TLS1_3_VERSION) + return (TLS_client_method()); + if (version == TLS1_2_VERSION) + return (TLSv1_2_client_method()); + if (version == TLS1_1_VERSION) + return (TLSv1_1_client_method()); + if (version == TLS1_VERSION) + return (TLSv1_client_method()); + if (version == DTLS1_VERSION) + return (DTLSv1_client_method()); + + return (NULL); +} + +const SSL_METHOD * +ssl_get_server_method(uint16_t version) +{ + if (version == TLS1_3_VERSION) + return (TLS_server_method()); + if (version == TLS1_2_VERSION) + return (TLSv1_2_server_method()); + if (version == TLS1_1_VERSION) + return (TLSv1_1_server_method()); + if (version == TLS1_VERSION) + return (TLSv1_server_method()); + if (version == DTLS1_VERSION) + return (DTLSv1_server_method()); + + return (NULL); +} |