Update dtls max version

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22275)

diff --git a/include/openssl/dtls1.h b/include/openssl/dtls1.h
index 5dc6b5419c27521a460a417ddbde8700e3c22b1c..024584f426e9c48eaee0804d3075410cb9416440 100644 (file)
--- a/include/openssl/dtls1.h
+++ b/include/openssl/dtls1.h
@@ -27,7 +27,7 @@ extern "C" {
 /* DTLS*_VERSION constants are defined in prov_ssl.h */
 # ifndef OPENSSL_NO_DEPRECATED_3_0
 #  define DTLS_MIN_VERSION                DTLS1_VERSION
-#  define DTLS_MAX_VERSION                DTLS1_2_VERSION
+#  define DTLS_MAX_VERSION                DTLS1_3_VERSION
 # endif
 # define DTLS1_VERSION_MAJOR             0xFE
 

diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index 2b8df7d26ce859aaaff4e34b727ca5b682ec0b30..701145438cb721ba04792b7d45227ae4bcb0eb3d 100644 (file)
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -45,7 +45,7 @@
 # endif
 
 # define TLS_MAX_VERSION_INTERNAL TLS1_3_VERSION
-# define DTLS_MAX_VERSION_INTERNAL DTLS1_2_VERSION
+# define DTLS_MAX_VERSION_INTERNAL DTLS1_3_VERSION
 
 /*
  * DTLS version numbers are strange because they're inverted. Except for

diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 00a4359bc995d52835113b32356446e5d5e2aa90..5a6fed1c44677e3a8e922c61ed4ab58474467e39 100644 (file)
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -192,7 +192,7 @@ static int ossl_statem_client13_read_transition(SSL_CONNECTION *s, int mt)
         if (mt == SSL3_MT_CERTIFICATE_REQUEST) {
 #if DTLS_MAX_VERSION_INTERNAL != DTLS1_2_VERSION
             /* Restore digest for PHA before adding message.*/
-# error Internal DTLS version error
+# warning Internal DTLS version error
 #endif
             if (!SSL_CONNECTION_IS_DTLS(s)
                 && s->post_handshake_auth == SSL_PHA_EXT_SENT) {

diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index 2424c93484b8a588d2fe5535bd4ba409757fc76c..123c5b01c6956c76f13b774763a76af61ca56e6d 100644 (file)
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -1848,12 +1848,13 @@ static const version_info tls_version_table[] = {
     {0, NULL, NULL},
 };
 
-#if DTLS_MAX_VERSION_INTERNAL != DTLS1_2_VERSION
-# error Code needs update for DTLS_method() support beyond DTLS1_2_VERSION.
+#if DTLS_MAX_VERSION_INTERNAL != DTLS1_3_VERSION
+# error Code needs update for DTLS_method() support beyond DTLS1_3_VERSION.
 #endif
 
 /* Must be in order high to low */
 static const version_info dtls_version_table[] = {
+    {DTLS1_3_VERSION, dtlsv1_3_client_method, dtlsv1_3_server_method},
 #ifndef OPENSSL_NO_DTLS1_2
     {DTLS1_2_VERSION, dtlsv1_2_client_method, dtlsv1_2_server_method},
 #else