From: David Woodhouse <David.Woodhouse@intel.com>
Date: Fri, 8 Jul 2016 19:56:38 +0000 (+0100)
Subject: Fix DTLS_VERSION_xx() comparison macros for DTLS1_BAD_VER
X-Git-Tag: OpenSSL_1_1_0~274
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=ff4952896ec4383a107bbe94001ca0a64ff47433;p=oweals%2Fopenssl.git

Fix DTLS_VERSION_xx() comparison macros for DTLS1_BAD_VER

DTLS version numbers are strange and backwards, except DTLS1_BAD_VER so
we have to make a special case for it.

This does leave us with a set of macros which will evaluate their arguments
more than once, but it's not a public-facing API and it's not like this is
the kind of thing where people will be using DTLS_VERSION_LE(x++, y) anyway.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
---

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 25cd312c95..550c4d5ef8 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -154,10 +154,13 @@
                            (c)[1]=(unsigned char)(((l)>> 8)&0xff), \
                            (c)[2]=(unsigned char)(((l)    )&0xff)),(c)+=3)
 
-#define DTLS_VERSION_GT(v1, v2) ((v1) < (v2))
-#define DTLS_VERSION_GE(v1, v2) ((v1) <= (v2))
-#define DTLS_VERSION_LT(v1, v2) ((v1) > (v2))
-#define DTLS_VERSION_LE(v1, v2) ((v1) >= (v2))
+/* DTLS version numbers are strange because they're inverted. Except
+ * for DTLS1_BAD_VER, which should be considered "lower" than the rest. */
+#define dtls_ver_ordinal(v1) (((v1) == DTLS1_BAD_VER) ? 0xff00 : (v1))
+#define DTLS_VERSION_GT(v1, v2) (dtls_ver_ordinal(v1) < dtls_ver_ordinal(v2))
+#define DTLS_VERSION_GE(v1, v2) (dtls_ver_ordinal(v1) <= dtls_ver_ordinal(v2))
+#define DTLS_VERSION_LT(v1, v2) (dtls_ver_ordinal(v1) > dtls_ver_ordinal(v2))
+#define DTLS_VERSION_LE(v1, v2) (dtls_ver_ordinal(v1) >= dtls_ver_ordinal(v2))
 
 /* LOCAL STUFF */