From: Frederik Wedel-Heinen <frederik.wedel-heinen@dencrypt.dk>
Date: Fri, 16 Feb 2024 10:44:01 +0000 (+0100)
Subject: Future proof RLAYER_USE_EXPLICIT_IV by checking dtls versions directly.
X-Git-Tag: openssl-3.3.0-alpha1~74
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=709637c8764e153f77c1d55d00b37fb08634aca9

Future proof RLAYER_USE_EXPLICIT_IV by checking dtls versions directly.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23611)
---

diff --git a/ssl/record/methods/recmethod_local.h b/ssl/record/methods/recmethod_local.h
index 5c4550bb82..1267f81385 100644
--- a/ssl/record/methods/recmethod_local.h
+++ b/ssl/record/methods/recmethod_local.h
@@ -395,7 +395,9 @@ void ossl_rlayer_fatal(OSSL_RECORD_LAYER *rl, int al, int reason,
 
 #define RLAYER_USE_EXPLICIT_IV(rl) ((rl)->version == TLS1_1_VERSION \
                                     || (rl)->version == TLS1_2_VERSION \
-                                    || (rl)->isdtls)
+                                    || (rl)->version == DTLS1_BAD_VER \
+                                    || (rl)->version == DTLS1_VERSION \
+                                    || (rl)->version == DTLS1_2_VERSION)
 
 void ossl_tls_rl_record_set_seq_num(TLS_RL_RECORD *r,
                                     const unsigned char *seq_num);