* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
#ifdef SSL_DEBUG
if (SSL_USE_SIGALGS(s))
- fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
+ fprintf(stderr, "USING TLSv1.2 HASH %s\n",
+ md == NULL ? "n/a" : EVP_MD_name(md));
#endif
/* Check for broken implementations of GOST ciphersuites */
}
#ifdef SSL_DEBUG
- fprintf(stderr, "Using client verify alg %s\n", EVP_MD_name(md));
+ fprintf(stderr, "Using client verify alg %s\n",
+ md == NULL ? "n/a" : EVP_MD_name(md));
#endif
if (EVP_DigestVerifyInit(mctx, &pctx, md, NULL, pkey) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
/* N.B. s->ctx may not equal s->session_ctx */
tsan_counter(&s->ctx->stats.sess_accept_good);
s->handshake_func = ossl_statem_accept;
-
- if (SSL_IS_DTLS(s) && !s->hit) {
- /*
- * We are finishing after the client. We start the timer going
- * in case there are any retransmits of our final flight
- * required.
- */
- dtls1_start_timer(s);
- }
} else {
if (SSL_IS_TLS13(s)) {
/*
s->handshake_func = ossl_statem_connect;
tsan_counter(&s->session_ctx->stats.sess_connect_good);
-
- if (SSL_IS_DTLS(s) && s->hit) {
- /*
- * We are finishing after the server. We start the timer going
- * in case there are any retransmits of our final flight
- * required.
- */
- dtls1_start_timer(s);
- }
}
if (SSL_IS_DTLS(s)) {
const SSL_METHOD *(*smeth) (void);
} version_info;
-#if TLS_MAX_VERSION != TLS1_3_VERSION
+#if TLS_MAX_VERSION_INTERNAL != TLS1_3_VERSION
# error Code needs update for TLS_method() support beyond TLS1_3_VERSION.
#endif
{0, NULL, NULL},
};
-#if DTLS_MAX_VERSION != DTLS1_2_VERSION
+#if DTLS_MAX_VERSION_INTERNAL != DTLS1_2_VERSION
# error Code needs update for DTLS_method() support beyond DTLS1_2_VERSION.
#endif
return 0;
case TLS_ANY_VERSION:
- if (version < SSL3_VERSION || version > TLS_MAX_VERSION)
+ if (version < SSL3_VERSION || version > TLS_MAX_VERSION_INTERNAL)
return 0;
break;
case DTLS_ANY_VERSION:
- if (DTLS_VERSION_GT(version, DTLS_MAX_VERSION) ||
+ if (DTLS_VERSION_GT(version, DTLS_MAX_VERSION_INTERNAL) ||
DTLS_VERSION_LT(version, DTLS1_BAD_VER))
return 0;
break;
* With version-flexible methods we have an initial state with:
*
* s->method->version == (D)TLS_ANY_VERSION,
- * s->version == (D)TLS_MAX_VERSION.
+ * s->version == (D)TLS_MAX_VERSION_INTERNAL.
*
* So we detect version-flexible methods via the method version, not the
* handle version.