From: Frederik Wedel-Heinen Date: Mon, 16 Oct 2023 08:02:32 +0000 (+0200) Subject: Adds some more changes dtls specific functions to make them more in sync with their... X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c967dc7a5c22ca1fd092ec99f3e6a0cef197199f;p=thirdparty%2Fopenssl.git Adds some more changes dtls specific functions to make them more in sync with their tls counterparts. Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/22360) --- diff --git a/ssl/record/methods/dtls_meth.c b/ssl/record/methods/dtls_meth.c index a69629b07b5..6cda9f582f8 100644 --- a/ssl/record/methods/dtls_meth.c +++ b/ssl/record/methods/dtls_meth.c @@ -449,7 +449,10 @@ int dtls_get_more_records(OSSL_RECORD_LAYER *rl) * Lets check the version. We tolerate alerts that don't have the exact * version number (e.g. because of protocol version errors) */ - if (!rl->is_first_record && rr->type != SSL3_RT_ALERT) { + if (!rl->is_first_record && rr->type != SSL3_RT_ALERT + /* DTLSv1.3 records sets the legacy version field to DTLSv1.2 */ + && !(rr->rec_version == DTLS1_2_VERSION + && rl->version == DTLS1_3_VERSION)) { if (rr->rec_version != rl->version) { /* unexpected version, silently discard */ rr->length = 0; @@ -665,6 +668,9 @@ dtls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, case DTLS_ANY_VERSION: (*retrl)->funcs = &dtls_any_funcs; break; + case DTLS1_3_VERSION: + (*retrl)->funcs = &dtls_1_3_funcs; + break; case DTLS1_2_VERSION: case DTLS1_VERSION: case DTLS1_BAD_VER: @@ -782,7 +788,7 @@ const OSSL_RECORD_METHOD ossl_dtls_record_method = { tls_get_alert_code, tls_set1_bio, tls_set_protocol_version, - NULL, + tls_set_plain_alerts, tls_set_first_handshake, tls_set_max_pipelines, dtls_set_in_init,