Replace some DTLS version checks with SSL_IS_DTLS.

They weren't updated to account for DTLS 1.2. Change-Id: I81b3bfcb84a46d7b233bb567976a7de37bc46b92 Reviewed-on: https://boringssl-review.googlesource.com/1503 Reviewed-by: Adam Langley <agl@google.com>
author: David Benjamin <davidben@chromium.org> 2014-08-13 05:22:28 +0400
committer: Adam Langley <agl@google.com> 2014-08-14 01:58:03 +0400
commit: 09bd58d1f1c71ed7ea687d0295e23793ad3d98fa (patch)
tree: ee720a11b8a300ea039c82f455b973ba919866a7 /ssl/t1_enc.c
parent: 16c623b83d2253e720d79ea1f1e56d81dc3f0059 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 59f70e8e..42e3410c 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -495,8 +495,9 @@ int tls1_change_cipher_state(SSL *s, int which)
 	unsigned key_len, iv_len, mac_secret_len;
 	const unsigned char *key_data;
 
-	/* Reset sequence number to zero. */
-	if (s->version != DTLS1_VERSION)
+	/* Reset sequence number to zero.
+	 * TODO(davidben): Is this redundant with dtls1_reset_seq_numbers? */
+	if (SSL_IS_DTLS(s))
 		memset(is_read ? s->s3->read_sequence : s->s3->write_sequence, 0, 8);
 
 	/* key_arg is used for SSLv2. We don't need it for TLS. */
@@ -735,7 +736,7 @@ int tls1_enc(SSL *s, int send)
 
 		seq = send ? s->s3->write_sequence : s->s3->read_sequence;
 
-		if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER)
+		if (SSL_IS_DTLS(s))
 			{
 			unsigned char dtlsseq[9], *p = dtlsseq;
author	David Benjamin <davidben@chromium.org>	2014-08-13 05:22:28 +0400
committer	Adam Langley <agl@google.com>	2014-08-14 01:58:03 +0400
commit	09bd58d1f1c71ed7ea687d0295e23793ad3d98fa (patch)
tree	ee720a11b8a300ea039c82f455b973ba919866a7 /ssl/t1_enc.c
parent	16c623b83d2253e720d79ea1f1e56d81dc3f0059 (diff)