diff options
| author |   jsing <jsing@openbsd.org> | 2020-02-06 16:05:58 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2020-02-06 16:05:58 +0000 |
| commit | da308e267707a97104dd070e5d8a341f46926ece (patch) | |
| tree | 81395d6e0b9036bd03c0e08b0cb36ba757edc3e1 /lib/libssl/ssl_methods.c | |
| parent | Soooooo much eye-searing trailing whitespace. (diff) | |
| download | wireguard-openbsd-da308e267707a97104dd070e5d8a341f46926ece.tar.xz wireguard-openbsd-da308e267707a97104dd070e5d8a341f46926ece.zip | |
Add a workaround to make SSL_set_session() work with TLSv1.3.
While we do not currently do session resumption, just return the
TLS_client_method() or TLS_server_method() when asked for a method that
does TLSv1.3.
ok tb@ (who also arrived at the same diff)
Diffstat (limited to 'lib/libssl/ssl_methods.c')
| -rw-r--r-- | lib/libssl/ssl_methods.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/libssl/ssl_methods.c b/lib/libssl/ssl_methods.c index 208de33c017..276fcc66d84 100644 --- a/lib/libssl/ssl_methods.c +++ b/lib/libssl/ssl_methods.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_methods.c,v 1.11 2020/01/23 10:48:37 jsing Exp $ */ +/* $OpenBSD: ssl_methods.c,v 1.12 2020/02/06 16:05:58 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -366,6 +366,10 @@ static const SSL_METHOD TLSv1_2_client_method_data = { const SSL_METHOD * tls1_get_client_method(int ver) { +#ifdef LIBRESSL_HAS_TLS1_3_CLIENT + if (ver == TLS1_3_VERSION) + return (TLS_client_method()); +#endif if (ver == TLS1_2_VERSION) return (TLSv1_2_client_method()); if (ver == TLS1_1_VERSION) @@ -734,6 +738,10 @@ static const SSL_METHOD TLSv1_2_server_method_data = { const SSL_METHOD * tls1_get_server_method(int ver) { +#ifdef LIBRESSL_HAS_TLS1_3_SERVER + if (ver == TLS1_3_VERSION) + return (TLS_server_method()); +#endif if (ver == TLS1_2_VERSION) return (TLSv1_2_server_method()); if (ver == TLS1_1_VERSION) |