Rename clienthello.version to clienthello.legacy_version

For consistency with the TLSv1.3 spec.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 79f47fc590c62c00a9f0c2b1c77b7f03c2f9e5ce..79542386bcd7d61507e2b39aa143743e79893b81 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1633,7 +1633,7 @@ typedef struct raw_extension_st {
 
 typedef struct {
     unsigned int isv2;
-    unsigned int version;
+    unsigned int legacy_version;
     unsigned char random[SSL3_RANDOM_SIZE];
     size_t session_id_len;
     unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];

diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index 02537fac79edb954e9c47af8201d5aa7caa7c3d8..a3a31bc74044b67306b2af1eb25289f547b2356e 100644 (file)
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -992,7 +992,7 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello)
      * handle version.
      */
     int server_version = s->method->version;
-    int client_version = hello->version;
+    int client_version = hello->legacy_version;
     const version_info *vent;
     const version_info *table;
     int disabled = 0;

diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 3935c79acdb0cd8153b8a90f64efe0801ded35af..2ec862caca28a2574e59de94ff3aa1e4c72b33db 100644 (file)
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -939,7 +939,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
         }
     }
 
-    if (!PACKET_get_net_2(pkt, &clienthello.version)) {
+    if (!PACKET_get_net_2(pkt, &clienthello.legacy_version)) {
         al = SSL_AD_DECODE_ERROR;
         SSLerr(SSL_F_TLS_PROCESS_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
         goto err;
@@ -1082,8 +1082,8 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
     /* Choose the version */
 
     if (clienthello.isv2) {
-        if (clienthello.version == SSL2_VERSION
-                || (clienthello.version & 0xff00)
+        if (clienthello.legacy_version == SSL2_VERSION
+                || (clienthello.legacy_version & 0xff00)
                    != (SSL3_VERSION_MAJOR << 8)) {
             /*
              * This is real SSLv2 or something complete unknown. We don't
@@ -1093,7 +1093,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
             goto err;
         }
         /* SSLv3/TLS */
-        s->client_version = clienthello.version;
+        s->client_version = clienthello.legacy_version;
     }
     /*
      * Do SSL/TLS version negotiation if applicable. For DTLS we just check
@@ -1102,7 +1102,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
     if (!SSL_IS_DTLS(s)) {
         protverr = ssl_choose_server_version(s, &clienthello);
     } else if (s->method->version != DTLS_ANY_VERSION &&
-               DTLS_VERSION_LT((int)clienthello.version, s->version)) {
+               DTLS_VERSION_LT((int)clienthello.legacy_version, s->version)) {
         protverr = SSL_R_VERSION_TOO_LOW;
     } else {
         protverr = 0;
@@ -1112,7 +1112,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
         SSLerr(SSL_F_TLS_PROCESS_CLIENT_HELLO, protverr);
         if ((!s->enc_write_ctx && !s->write_hash)) {
             /* like ssl3_get_record, send alert using remote version number */
-            s->version = s->client_version = clienthello.version;
+            s->version = s->client_version = clienthello.legacy_version;
         }
         al = SSL_AD_PROTOCOL_VERSION;
         goto f_err;