From 277f8a34f4041fb9e7b00e998e079d7fecd075a9 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Wed, 25 May 2011 11:43:17 +0000
Subject: [PATCH] use TLS1_get_version macro to check version so TLS v1.2
 changes don't interfere with DTLS

---
 ssl/s3_clnt.c | 13 ++++++-------
 ssl/s3_lib.c  |  2 +-
 ssl/s3_srvr.c | 16 ++++++++--------
 ssl/ssl_lib.c |  4 ++--
 ssl/t1_lib.c  |  4 ++--
 ssl/tls1.h    |  3 +++
 6 files changed, 22 insertions(+), 20 deletions(-)

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index fd131a6df8..2f4b57e096 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -910,7 +910,7 @@ int ssl3_get_server_hello(SSL *s)
 	/* Don't digest cached records if TLS v1.2: we may need them for
 	 * client authentication.
 	 */
-	if (s->version < TLS1_2_VERSION && !ssl3_digest_cached_records(s))
+	if (TLS1_get_version(s) < TLS1_2_VERSION && !ssl3_digest_cached_records(s))
 		goto f_err;
 	/* lets get the compression algorithm */
 	/* COMPRESSION */
@@ -1641,7 +1641,7 @@ int ssl3_get_key_exchange(SSL *s)
 	/* if it was signed, check the signature */
 	if (pkey != NULL)
 		{
-		if (s->version >= TLS1_2_VERSION)
+		if (TLS1_get_version(s) >= TLS1_2_VERSION)
 			{
 			int sigalg = tls12_get_sigid(pkey);
 			/* Should never happen */
@@ -1686,7 +1686,7 @@ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
 			}
 
 #ifndef OPENSSL_NO_RSA
-		if (pkey->type == EVP_PKEY_RSA && s->version < TLS1_2_VERSION)
+		if (pkey->type == EVP_PKEY_RSA && TLS1_get_version(s) < TLS1_2_VERSION)
 			{
 			int num;
 
@@ -1846,8 +1846,7 @@ int ssl3_get_certificate_request(SSL *s)
 	for (i=0; i<ctype_num; i++)
 		s->s3->tmp.ctype[i]= p[i];
 	p+=ctype_num;
-	/* HACK! For now just skip over signatature algorithms */
-	if (s->version >= TLS1_2_VERSION)
+	if (TLS1_get_version(s) >= TLS1_2_VERSION)
 		{
 		n2s(p, llen);
 		/* Check we have enough room for signature algorithms and
@@ -2868,7 +2867,7 @@ int ssl3_send_client_verify(SSL *s)
 		EVP_PKEY_sign_init(pctx);
 		if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1())>0)
 			{
-			if (s->version < TLS1_2_VERSION)
+			if (TLS1_get_version(s) < TLS1_2_VERSION)
 				s->method->ssl3_enc->cert_verify_mac(s,
 						NID_sha1,
 						&(data[MD5_DIGEST_LENGTH]));
@@ -2880,7 +2879,7 @@ int ssl3_send_client_verify(SSL *s)
 		/* For TLS v1.2 send signature algorithm and signature
 		 * using agreed digest and cached handshake records.
 		 */
-		if (s->version >= TLS1_2_VERSION)
+		if (TLS1_get_version(s) >= TLS1_2_VERSION)
 			{
 			long hdatalen = 0;
 			void *hdata;
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 0f4e3029a8..9ace089566 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3761,7 +3761,7 @@ need to go to SSL_ST_ACCEPT.
 long ssl_get_algorithm2(SSL *s)
 	{
 	long alg2 = s->s3->tmp.new_cipher->algorithm2;
-	if (s->version >= TLS1_2_VERSION &&
+	if (TLS1_get_version(s) >= TLS1_2_VERSION &&
 	    alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
 		return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
 	return alg2;
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 861b0f3e3c..95d8668462 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -601,7 +601,7 @@ int ssl3_accept(SSL *s)
 				s->state=SSL3_ST_SR_FINISHED_A;
 				s->init_num = 0;
 				}
-			else if (s->version >= TLS1_2_VERSION)
+			else if (TLS1_get_version(s) >= TLS1_2_VERSION)
 				{
 				s->state=SSL3_ST_SR_CERT_VRFY_A;
 				s->init_num=0;
@@ -1337,7 +1337,7 @@ int ssl3_get_client_hello(SSL *s)
 		s->s3->tmp.new_cipher=s->session->cipher;
 		}
 
-	if (s->version < TLS1_2_VERSION || !(s->verify_mode & SSL_VERIFY_PEER))
+	if (TLS1_get_version(s) < TLS1_2_VERSION || !(s->verify_mode & SSL_VERIFY_PEER))
 		{
 		if (!ssl3_digest_cached_records(s))
 			goto f_err;
@@ -1871,7 +1871,7 @@ int ssl3_send_server_key_exchange(SSL *s)
 			 * and p points to the space at the end. */
 #ifndef OPENSSL_NO_RSA
 			if (pkey->type == EVP_PKEY_RSA
-					&& s->version < TLS1_2_VERSION)
+					&& TLS1_get_version(s) < TLS1_2_VERSION)
 				{
 				q=md_buf;
 				j=0;
@@ -1904,7 +1904,7 @@ int ssl3_send_server_key_exchange(SSL *s)
 				{
 				/* For TLS1.2 and later send signature
 				 * algorithm */
-				if (s->version >= TLS1_2_VERSION)
+				if (TLS1_get_version(s) >= TLS1_2_VERSION)
 					{
 					if (!tls12_get_sigandhash(p, pkey, md))
 						{
@@ -1931,7 +1931,7 @@ int ssl3_send_server_key_exchange(SSL *s)
 					}
 				s2n(i,p);
 				n+=i+2;
-				if (s->version >= TLS1_2_VERSION)
+				if (TLS1_get_version(s) >= TLS1_2_VERSION)
 					n+= 2;
 				}
 			else
@@ -1987,7 +1987,7 @@ int ssl3_send_certificate_request(SSL *s)
 		p+=n;
 		n++;
 
-		if (s->version >= TLS1_2_VERSION)
+		if (TLS1_get_version(s) >= TLS1_2_VERSION)
 			{
 			nl = tls12_get_req_sig_algs(s, p + 2);
 			s2n(nl, p);
@@ -2920,7 +2920,7 @@ int ssl3_get_cert_verify(SSL *s)
 		} 
 	else 
 		{	
-		if (s->version >= TLS1_2_VERSION)
+		if (TLS1_get_version(s) >= TLS1_2_VERSION)
 			{
 			int sigalg = tls12_get_sigid(pkey);
 			/* Should never happen */
@@ -2967,7 +2967,7 @@ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
 		goto f_err;
 		}
 
-	if (s->version >= TLS1_2_VERSION)
+	if (TLS1_get_version(s) >= TLS1_2_VERSION)
 		{
 		long hdatalen = 0;
 		void *hdata;
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index b21b42927d..2cd78c13cc 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2094,7 +2094,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
 			SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
 			return 0;
 			}
-		if ((alg_k & SSL_kECDHe) && s->version < TLS1_2_VERSION)
+		if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < TLS1_2_VERSION)
 			{
 			/* signature alg must be ECDSA */
 			if (signature_nid != NID_ecdsa_with_SHA1)
@@ -2103,7 +2103,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
 				return 0;
 				}
 			}
-		if ((alg_k & SSL_kECDHr) && s->version < TLS1_2_VERSION)
+		if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < TLS1_2_VERSION)
 			{
 			/* signature alg must be RSA */
 
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 7222f4a757..391b330c68 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -502,7 +502,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
 		}
 		skip_ext:
 
-	if (s->version >= TLS1_2_VERSION)
+	if (TLS1_get_version(s) >= TLS1_2_VERSION)
 		{
 		if ((size_t)(limit - ret) < sizeof(tls12_sigalgs) + 6)
 			return NULL; 
@@ -1988,7 +1988,7 @@ int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize)
 	const EVP_MD *md;
 	CERT *c = s->cert;
 	/* Extension ignored for TLS versions below 1.2 */
-	if (s->version < TLS1_2_VERSION)
+	if (TLS1_get_version(s) < TLS1_2_VERSION)
 		return 1;
 	/* Should never happen */
 	if (!c)
diff --git a/ssl/tls1.h b/ssl/tls1.h
index b517877ba1..1246e4adef 100644
--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@@ -171,6 +171,9 @@ extern "C" {
 #define TLS1_VERSION_MAJOR		0x03
 #define TLS1_VERSION_MINOR		0x01
 
+#define TLS1_get_version(s) \
+		((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0)
+
 #define TLS1_AD_DECRYPTION_FAILED	21
 #define TLS1_AD_RECORD_OVERFLOW		22
 #define TLS1_AD_UNKNOWN_CA		48	/* fatal */
-- 
2.25.1