Rename clienthello.version to clienthello.legacy_version
authorMatt Caswell <matt@openssl.org>
Mon, 7 Nov 2016 14:59:12 +0000 (14:59 +0000)
committerMatt Caswell <matt@openssl.org>
Wed, 9 Nov 2016 09:10:30 +0000 (09:10 +0000)
For consistency with the TLSv1.3 spec.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
ssl/ssl_locl.h
ssl/statem/statem_lib.c
ssl/statem/statem_srvr.c

index 79f47fc..7954238 100644 (file)
@@ -1633,7 +1633,7 @@ typedef struct raw_extension_st {
 
 typedef struct {
     unsigned int isv2;
-    unsigned int version;
+    unsigned int legacy_version;
     unsigned char random[SSL3_RANDOM_SIZE];
     size_t session_id_len;
     unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
index 02537fa..a3a31bc 100644 (file)
@@ -992,7 +992,7 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello)
      * handle version.
      */
     int server_version = s->method->version;
-    int client_version = hello->version;
+    int client_version = hello->legacy_version;
     const version_info *vent;
     const version_info *table;
     int disabled = 0;
index 3935c79..2ec862c 100644 (file)
@@ -939,7 +939,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
         }
     }
 
-    if (!PACKET_get_net_2(pkt, &clienthello.version)) {
+    if (!PACKET_get_net_2(pkt, &clienthello.legacy_version)) {
         al = SSL_AD_DECODE_ERROR;
         SSLerr(SSL_F_TLS_PROCESS_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
         goto err;
@@ -1082,8 +1082,8 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
     /* Choose the version */
 
     if (clienthello.isv2) {
-        if (clienthello.version == SSL2_VERSION
-                || (clienthello.version & 0xff00)
+        if (clienthello.legacy_version == SSL2_VERSION
+                || (clienthello.legacy_version & 0xff00)
                    != (SSL3_VERSION_MAJOR << 8)) {
             /*
              * This is real SSLv2 or something complete unknown. We don't
@@ -1093,7 +1093,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
             goto err;
         }
         /* SSLv3/TLS */
-        s->client_version = clienthello.version;
+        s->client_version = clienthello.legacy_version;
     }
     /*
      * Do SSL/TLS version negotiation if applicable. For DTLS we just check
@@ -1102,7 +1102,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
     if (!SSL_IS_DTLS(s)) {
         protverr = ssl_choose_server_version(s, &clienthello);
     } else if (s->method->version != DTLS_ANY_VERSION &&
-               DTLS_VERSION_LT((int)clienthello.version, s->version)) {
+               DTLS_VERSION_LT((int)clienthello.legacy_version, s->version)) {
         protverr = SSL_R_VERSION_TOO_LOW;
     } else {
         protverr = 0;
@@ -1112,7 +1112,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
         SSLerr(SSL_F_TLS_PROCESS_CLIENT_HELLO, protverr);
         if ((!s->enc_write_ctx && !s->write_hash)) {
             /* like ssl3_get_record, send alert using remote version number */
-            s->version = s->client_version = clienthello.version;
+            s->version = s->client_version = clienthello.legacy_version;
         }
         al = SSL_AD_PROTOCOL_VERSION;
         goto f_err;