Adds some more changes dtls specific functions to make them more in sync with their...

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22360)

diff --git a/ssl/record/methods/dtls_meth.c b/ssl/record/methods/dtls_meth.c
index a69629b07b53ec7f5ecb2142dda93b270e7f4d3c..6cda9f582f88fe0543b71a7cf430cf2e8b95bd82 100644 (file)
--- a/ssl/record/methods/dtls_meth.c
+++ b/ssl/record/methods/dtls_meth.c
@@ -449,7 +449,10 @@ int dtls_get_more_records(OSSL_RECORD_LAYER *rl)
          * Lets check the version. We tolerate alerts that don't have the exact
          * version number (e.g. because of protocol version errors)
          */
-        if (!rl->is_first_record && rr->type != SSL3_RT_ALERT) {
+        if (!rl->is_first_record && rr->type != SSL3_RT_ALERT
+                /* DTLSv1.3 records sets the legacy version field to DTLSv1.2 */
+                && !(rr->rec_version == DTLS1_2_VERSION
+                     && rl->version == DTLS1_3_VERSION)) {
             if (rr->rec_version != rl->version) {
                 /* unexpected version, silently discard */
                 rr->length = 0;
@@ -665,6 +668,9 @@ dtls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers,
     case DTLS_ANY_VERSION:
         (*retrl)->funcs = &dtls_any_funcs;
         break;
+    case DTLS1_3_VERSION:
+        (*retrl)->funcs = &dtls_1_3_funcs;
+        break;
     case DTLS1_2_VERSION:
     case DTLS1_VERSION:
     case DTLS1_BAD_VER:
@@ -782,7 +788,7 @@ const OSSL_RECORD_METHOD ossl_dtls_record_method = {
     tls_get_alert_code,
     tls_set1_bio,
     tls_set_protocol_version,
-    NULL,
+    tls_set_plain_alerts,
     tls_set_first_handshake,
     tls_set_max_pipelines,
     dtls_set_in_init,