diff options
author | Adam Langley <alangley@gmail.com> | 2021-10-12 13:18:18 -0700 |
---|---|---|
committer | Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2021-10-25 19:53:48 +0000 |
commit | c2827d3b557f5960b457e51f58eae1ec4a08602b (patch) | |
tree | 41682d9d2158d4e8ec3ed655e212ded2a6eba2aa | |
parent | 7cac8faff275f2c47f5c8c6b226eb2f964b13a25 (diff) | |
download | boringssl-c2827d3b557f5960b457e51f58eae1ec4a08602b.zip boringssl-c2827d3b557f5960b457e51f58eae1ec4a08602b.tar.gz boringssl-c2827d3b557f5960b457e51f58eae1ec4a08602b.tar.bz2 |
Add a function to express the desired record version protocol.
This function is currently a no-op, but could be made to do something in
the future to ease the transition of deployments that extract keys from
the handshake and drive the record protocol themselves.
Change-Id: Ib1399e42442dad78173a6462980945559a88a2c7
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/49886
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
-rw-r--r-- | include/openssl/ssl.h | 4 | ||||
-rw-r--r-- | ssl/ssl_versions.cc | 4 |
2 files changed, 8 insertions, 0 deletions
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index f731f8f..057fbc0 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -3887,6 +3887,10 @@ OPENSSL_EXPORT uint64_t SSL_get_read_sequence(const SSL *ssl); // two most significant bytes. OPENSSL_EXPORT uint64_t SSL_get_write_sequence(const SSL *ssl); +// SSL_CTX_set_record_protocol_version returns whether |version| is zero. +OPENSSL_EXPORT int SSL_CTX_set_record_protocol_version(SSL_CTX *ctx, + int version); + // Handshake hints. // diff --git a/ssl/ssl_versions.cc b/ssl/ssl_versions.cc index df499c7..964f7c9 100644 --- a/ssl/ssl_versions.cc +++ b/ssl/ssl_versions.cc @@ -396,3 +396,7 @@ int SSL_SESSION_set_protocol_version(SSL_SESSION *session, uint16_t version) { // used on unit test sessions anyway. return api_version_to_wire(&session->ssl_version, version); } + +int SSL_CTX_set_record_protocol_version(SSL_CTX *ctx, int version) { + return version == 0; +} |