crypto/libressl/ssl/ssl_methods.c

   1 /* $OpenBSD: ssl_methods.c,v 1.28 2021/07/26 03:17:38 jsing Exp $ */
   2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
   3  * All rights reserved.
   4  *
   5  * This package is an SSL implementation written
   6  * by Eric Young (eay@cryptsoft.com).
   7  * The implementation was written so as to conform with Netscapes SSL.
   8  *
   9  * This library is free for commercial and non-commercial use as long as
  10  * the following conditions are aheared to.  The following conditions
  11  * apply to all code found in this distribution, be it the RC4, RSA,
  12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  13  * included with this distribution is covered by the same copyright terms
  14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15  *
  16  * Copyright remains Eric Young's, and as such any Copyright notices in
  17  * the code are not to be removed.
  18  * If this package is used in a product, Eric Young should be given attribution
  19  * as the author of the parts of the library used.
  20  * This can be in the form of a textual message at program startup or
  21  * in documentation (online or textual) provided with the package.
  22  *
  23  * Redistribution and use in source and binary forms, with or without
  24  * modification, are permitted provided that the following conditions
  25  * are met:
  26  * 1. Redistributions of source code must retain the copyright
  27  *    notice, this list of conditions and the following disclaimer.
  28  * 2. Redistributions in binary form must reproduce the above copyright
  29  *    notice, this list of conditions and the following disclaimer in the
  30  *    documentation and/or other materials provided with the distribution.
  31  * 3. All advertising materials mentioning features or use of this software
  32  *    must display the following acknowledgement:
  33  *    "This product includes cryptographic software written by
  34  *     Eric Young (eay@cryptsoft.com)"
  35  *    The word 'cryptographic' can be left out if the rouines from the library
  36  *    being used are not cryptographic related :-).
  37  * 4. If you include any Windows specific code (or a derivative thereof) from
  38  *    the apps directory (application code) you must include an acknowledgement:
  39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40  *
  41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51  * SUCH DAMAGE.
  52  *
  53  * The licence and distribution terms for any publically available version or
  54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  55  * copied and put under another distribution licence
  56  * [including the GNU Public Licence.]
  57  */
  58
  59 #include "dtls_locl.h"
  60 #include "ssl_locl.h"
  61 #include "tls13_internal.h"
  62
  63 static const SSL_METHOD DTLS_method_data = {
  64         .dtls = 1,
  65         .server = 1,
  66         .version = DTLS1_2_VERSION,
  67         .min_tls_version = TLS1_1_VERSION,
  68         .max_tls_version = TLS1_2_VERSION,
  69         .ssl_new = dtls1_new,
  70         .ssl_clear = dtls1_clear,
  71         .ssl_free = dtls1_free,
  72         .ssl_accept = ssl3_accept,
  73         .ssl_connect = ssl3_connect,
  74         .ssl_shutdown = ssl3_shutdown,
  75         .ssl_renegotiate = ssl3_renegotiate,
  76         .ssl_renegotiate_check = ssl3_renegotiate_check,
  77         .ssl_pending = ssl3_pending,
  78         .ssl_read_bytes = dtls1_read_bytes,
  79         .ssl_write_bytes = dtls1_write_app_data_bytes,
  80         .get_cipher = dtls1_get_cipher,
  81         .enc_flags = TLSV1_2_ENC_FLAGS,
  82 };
  83
  84 static const SSL_METHOD DTLS_client_method_data = {
  85         .dtls = 1,
  86         .server = 0,
  87         .version = DTLS1_2_VERSION,
  88         .min_tls_version = TLS1_1_VERSION,
  89         .max_tls_version = TLS1_2_VERSION,
  90         .ssl_new = dtls1_new,
  91         .ssl_clear = dtls1_clear,
  92         .ssl_free = dtls1_free,
  93         .ssl_accept = ssl_undefined_function,
  94         .ssl_connect = ssl3_connect,
  95         .ssl_shutdown = ssl3_shutdown,
  96         .ssl_renegotiate = ssl3_renegotiate,
  97         .ssl_renegotiate_check = ssl3_renegotiate_check,
  98         .ssl_pending = ssl3_pending,
  99         .ssl_read_bytes = dtls1_read_bytes,
 100         .ssl_write_bytes = dtls1_write_app_data_bytes,
 101         .get_cipher = dtls1_get_cipher,
 102         .enc_flags = TLSV1_2_ENC_FLAGS,
 103 };
 104
 105 static const SSL_METHOD DTLSv1_method_data = {
 106         .dtls = 1,
 107         .server = 1,
 108         .version = DTLS1_VERSION,
 109         .min_tls_version = TLS1_1_VERSION,
 110         .max_tls_version = TLS1_1_VERSION,
 111         .ssl_new = dtls1_new,
 112         .ssl_clear = dtls1_clear,
 113         .ssl_free = dtls1_free,
 114         .ssl_accept = ssl3_accept,
 115         .ssl_connect = ssl3_connect,
 116         .ssl_shutdown = ssl3_shutdown,
 117         .ssl_renegotiate = ssl3_renegotiate,
 118         .ssl_renegotiate_check = ssl3_renegotiate_check,
 119         .ssl_pending = ssl3_pending,
 120         .ssl_read_bytes = dtls1_read_bytes,
 121         .ssl_write_bytes = dtls1_write_app_data_bytes,
 122         .get_cipher = dtls1_get_cipher,
 123         .enc_flags = TLSV1_1_ENC_FLAGS,
 124 };
 125
 126 static const SSL_METHOD DTLSv1_client_method_data = {
 127         .dtls = 1,
 128         .server = 0,
 129         .version = DTLS1_VERSION,
 130         .min_tls_version = TLS1_1_VERSION,
 131         .max_tls_version = TLS1_1_VERSION,
 132         .ssl_new = dtls1_new,
 133         .ssl_clear = dtls1_clear,
 134         .ssl_free = dtls1_free,
 135         .ssl_accept = ssl_undefined_function,
 136         .ssl_connect = ssl3_connect,
 137         .ssl_shutdown = ssl3_shutdown,
 138         .ssl_renegotiate = ssl3_renegotiate,
 139         .ssl_renegotiate_check = ssl3_renegotiate_check,
 140         .ssl_pending = ssl3_pending,
 141         .ssl_read_bytes = dtls1_read_bytes,
 142         .ssl_write_bytes = dtls1_write_app_data_bytes,
 143         .get_cipher = dtls1_get_cipher,
 144         .enc_flags = TLSV1_1_ENC_FLAGS,
 145 };
 146
 147 static const SSL_METHOD DTLSv1_2_method_data = {
 148         .dtls = 1,
 149         .server = 1,
 150         .version = DTLS1_2_VERSION,
 151         .min_tls_version = TLS1_2_VERSION,
 152         .max_tls_version = TLS1_2_VERSION,
 153         .ssl_new = dtls1_new,
 154         .ssl_clear = dtls1_clear,
 155         .ssl_free = dtls1_free,
 156         .ssl_accept = ssl3_accept,
 157         .ssl_connect = ssl3_connect,
 158         .ssl_shutdown = ssl3_shutdown,
 159         .ssl_renegotiate = ssl3_renegotiate,
 160         .ssl_renegotiate_check = ssl3_renegotiate_check,
 161         .ssl_pending = ssl3_pending,
 162         .ssl_read_bytes = dtls1_read_bytes,
 163         .ssl_write_bytes = dtls1_write_app_data_bytes,
 164         .get_cipher = dtls1_get_cipher,
 165         .enc_flags = TLSV1_2_ENC_FLAGS,
 166 };
 167
 168 static const SSL_METHOD DTLSv1_2_client_method_data = {
 169         .dtls = 1,
 170         .server = 0,
 171         .version = DTLS1_2_VERSION,
 172         .min_tls_version = TLS1_2_VERSION,
 173         .max_tls_version = TLS1_2_VERSION,
 174         .ssl_new = dtls1_new,
 175         .ssl_clear = dtls1_clear,
 176         .ssl_free = dtls1_free,
 177         .ssl_accept = ssl_undefined_function,
 178         .ssl_connect = ssl3_connect,
 179         .ssl_shutdown = ssl3_shutdown,
 180         .ssl_renegotiate = ssl3_renegotiate,
 181         .ssl_renegotiate_check = ssl3_renegotiate_check,
 182         .ssl_pending = ssl3_pending,
 183         .ssl_read_bytes = dtls1_read_bytes,
 184         .ssl_write_bytes = dtls1_write_app_data_bytes,
 185         .get_cipher = dtls1_get_cipher,
 186         .enc_flags = TLSV1_2_ENC_FLAGS,
 187 };
 188
 189 const SSL_METHOD *
 190 DTLSv1_client_method(void)
 191 {
 192         return &DTLSv1_client_method_data;
 193 }
 194
 195 const SSL_METHOD *
 196 DTLSv1_method(void)
 197 {
 198         return &DTLSv1_method_data;
 199 }
 200
 201 const SSL_METHOD *
 202 DTLSv1_server_method(void)
 203 {
 204         return &DTLSv1_method_data;
 205 }
 206
 207 const SSL_METHOD *
 208 DTLSv1_2_client_method(void)
 209 {
 210         return &DTLSv1_2_client_method_data;
 211 }
 212
 213 const SSL_METHOD *
 214 DTLSv1_2_method(void)
 215 {
 216         return &DTLSv1_2_method_data;
 217 }
 218
 219 const SSL_METHOD *
 220 DTLSv1_2_server_method(void)
 221 {
 222         return &DTLSv1_2_method_data;
 223 }
 224
 225 const SSL_METHOD *
 226 DTLS_client_method(void)
 227 {
 228         return &DTLS_client_method_data;
 229 }
 230
 231 const SSL_METHOD *
 232 DTLS_method(void)
 233 {
 234         return &DTLS_method_data;
 235 }
 236
 237 const SSL_METHOD *
 238 DTLS_server_method(void)
 239 {
 240         return &DTLS_method_data;
 241 }
 242
 243 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER)
 244 static const SSL_METHOD TLS_method_data = {
 245         .dtls = 0,
 246         .server = 1,
 247         .version = TLS1_3_VERSION,
 248         .min_tls_version = TLS1_VERSION,
 249         .max_tls_version = TLS1_3_VERSION,
 250         .ssl_new = tls1_new,
 251         .ssl_clear = tls1_clear,
 252         .ssl_free = tls1_free,
 253         .ssl_accept = tls13_legacy_accept,
 254         .ssl_connect = tls13_legacy_connect,
 255         .ssl_shutdown = tls13_legacy_shutdown,
 256         .ssl_renegotiate = ssl_undefined_function,
 257         .ssl_renegotiate_check = ssl_ok,
 258         .ssl_pending = tls13_legacy_pending,
 259         .ssl_read_bytes = tls13_legacy_read_bytes,
 260         .ssl_write_bytes = tls13_legacy_write_bytes,
 261         .get_cipher = ssl3_get_cipher,
 262         .enc_flags = TLSV1_3_ENC_FLAGS,
 263 };
 264 #endif
 265
 266 static const SSL_METHOD TLS_legacy_method_data = {
 267         .dtls = 0,
 268         .server = 1,
 269         .version = TLS1_2_VERSION,
 270         .min_tls_version = TLS1_VERSION,
 271         .max_tls_version = TLS1_2_VERSION,
 272         .ssl_new = tls1_new,
 273         .ssl_clear = tls1_clear,
 274         .ssl_free = tls1_free,
 275         .ssl_accept = ssl3_accept,
 276         .ssl_connect = ssl3_connect,
 277         .ssl_shutdown = ssl3_shutdown,
 278         .ssl_renegotiate = ssl_undefined_function,
 279         .ssl_renegotiate_check = ssl_ok,
 280         .ssl_pending = ssl3_pending,
 281         .ssl_read_bytes = ssl3_read_bytes,
 282         .ssl_write_bytes = ssl3_write_bytes,
 283         .get_cipher = ssl3_get_cipher,
 284         .enc_flags = TLSV1_2_ENC_FLAGS,
 285 };
 286
 287 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT)
 288 static const SSL_METHOD TLS_client_method_data = {
 289         .dtls = 0,
 290         .server = 0,
 291         .version = TLS1_3_VERSION,
 292         .min_tls_version = TLS1_VERSION,
 293         .max_tls_version = TLS1_3_VERSION,
 294         .ssl_new = tls1_new,
 295         .ssl_clear = tls1_clear,
 296         .ssl_free = tls1_free,
 297         .ssl_accept = tls13_legacy_accept,
 298         .ssl_connect = tls13_legacy_connect,
 299         .ssl_shutdown = tls13_legacy_shutdown,
 300         .ssl_renegotiate = ssl_undefined_function,
 301         .ssl_renegotiate_check = ssl_ok,
 302         .ssl_pending = tls13_legacy_pending,
 303         .ssl_read_bytes = tls13_legacy_read_bytes,
 304         .ssl_write_bytes = tls13_legacy_write_bytes,
 305         .get_cipher = ssl3_get_cipher,
 306         .enc_flags = TLSV1_3_ENC_FLAGS,
 307 };
 308
 309 #else
 310
 311 static const SSL_METHOD TLS_legacy_client_method_data = {
 312         .dtls = 0,
 313         .server = 0,
 314         .version = TLS1_2_VERSION,
 315         .min_tls_version = TLS1_VERSION,
 316         .max_tls_version = TLS1_2_VERSION,
 317         .ssl_new = tls1_new,
 318         .ssl_clear = tls1_clear,
 319         .ssl_free = tls1_free,
 320         .ssl_accept = ssl3_accept,
 321         .ssl_connect = ssl3_connect,
 322         .ssl_shutdown = ssl3_shutdown,
 323         .ssl_renegotiate = ssl_undefined_function,
 324         .ssl_renegotiate_check = ssl_ok,
 325         .ssl_pending = ssl3_pending,
 326         .ssl_read_bytes = ssl3_read_bytes,
 327         .ssl_write_bytes = ssl3_write_bytes,
 328         .get_cipher = ssl3_get_cipher,
 329         .enc_flags = TLSV1_2_ENC_FLAGS,
 330 };
 331 #endif
 332
 333 static const SSL_METHOD TLSv1_method_data = {
 334         .dtls = 0,
 335         .server = 1,
 336         .version = TLS1_VERSION,
 337         .min_tls_version = TLS1_VERSION,
 338         .max_tls_version = TLS1_VERSION,
 339         .ssl_new = tls1_new,
 340         .ssl_clear = tls1_clear,
 341         .ssl_free = tls1_free,
 342         .ssl_accept = ssl3_accept,
 343         .ssl_connect = ssl3_connect,
 344         .ssl_shutdown = ssl3_shutdown,
 345         .ssl_renegotiate = ssl3_renegotiate,
 346         .ssl_renegotiate_check = ssl3_renegotiate_check,
 347         .ssl_pending = ssl3_pending,
 348         .ssl_read_bytes = ssl3_read_bytes,
 349         .ssl_write_bytes = ssl3_write_bytes,
 350         .get_cipher = ssl3_get_cipher,
 351         .enc_flags = TLSV1_ENC_FLAGS,
 352 };
 353
 354 static const SSL_METHOD TLSv1_client_method_data = {
 355         .dtls = 0,
 356         .server = 0,
 357         .version = TLS1_VERSION,
 358         .min_tls_version = TLS1_VERSION,
 359         .max_tls_version = TLS1_VERSION,
 360         .ssl_new = tls1_new,
 361         .ssl_clear = tls1_clear,
 362         .ssl_free = tls1_free,
 363         .ssl_accept = ssl_undefined_function,
 364         .ssl_connect = ssl3_connect,
 365         .ssl_shutdown = ssl3_shutdown,
 366         .ssl_renegotiate = ssl3_renegotiate,
 367         .ssl_renegotiate_check = ssl3_renegotiate_check,
 368         .ssl_pending = ssl3_pending,
 369         .ssl_read_bytes = ssl3_read_bytes,
 370         .ssl_write_bytes = ssl3_write_bytes,
 371         .get_cipher = ssl3_get_cipher,
 372         .enc_flags = TLSV1_ENC_FLAGS,
 373 };
 374
 375 static const SSL_METHOD TLSv1_1_method_data = {
 376         .dtls = 0,
 377         .server = 1,
 378         .version = TLS1_1_VERSION,
 379         .min_tls_version = TLS1_1_VERSION,
 380         .max_tls_version = TLS1_1_VERSION,
 381         .ssl_new = tls1_new,
 382         .ssl_clear = tls1_clear,
 383         .ssl_free = tls1_free,
 384         .ssl_accept = ssl3_accept,
 385         .ssl_connect = ssl3_connect,
 386         .ssl_shutdown = ssl3_shutdown,
 387         .ssl_renegotiate = ssl3_renegotiate,
 388         .ssl_renegotiate_check = ssl3_renegotiate_check,
 389         .ssl_pending = ssl3_pending,
 390         .ssl_read_bytes = ssl3_read_bytes,
 391         .ssl_write_bytes = ssl3_write_bytes,
 392         .get_cipher = ssl3_get_cipher,
 393         .enc_flags = TLSV1_1_ENC_FLAGS,
 394 };
 395
 396 static const SSL_METHOD TLSv1_1_client_method_data = {
 397         .dtls = 0,
 398         .server = 0,
 399         .version = TLS1_1_VERSION,
 400         .min_tls_version = TLS1_1_VERSION,
 401         .max_tls_version = TLS1_1_VERSION,
 402         .ssl_new = tls1_new,
 403         .ssl_clear = tls1_clear,
 404         .ssl_free = tls1_free,
 405         .ssl_accept = ssl_undefined_function,
 406         .ssl_connect = ssl3_connect,
 407         .ssl_shutdown = ssl3_shutdown,
 408         .ssl_renegotiate = ssl3_renegotiate,
 409         .ssl_renegotiate_check = ssl3_renegotiate_check,
 410         .ssl_pending = ssl3_pending,
 411         .ssl_read_bytes = ssl3_read_bytes,
 412         .ssl_write_bytes = ssl3_write_bytes,
 413         .get_cipher = ssl3_get_cipher,
 414         .enc_flags = TLSV1_1_ENC_FLAGS,
 415 };
 416
 417 static const SSL_METHOD TLSv1_2_method_data = {
 418         .dtls = 0,
 419         .server = 1,
 420         .version = TLS1_2_VERSION,
 421         .min_tls_version = TLS1_2_VERSION,
 422         .max_tls_version = TLS1_2_VERSION,
 423         .ssl_new = tls1_new,
 424         .ssl_clear = tls1_clear,
 425         .ssl_free = tls1_free,
 426         .ssl_accept = ssl3_accept,
 427         .ssl_connect = ssl3_connect,
 428         .ssl_shutdown = ssl3_shutdown,
 429         .ssl_renegotiate = ssl3_renegotiate,
 430         .ssl_renegotiate_check = ssl3_renegotiate_check,
 431         .ssl_pending = ssl3_pending,
 432         .ssl_read_bytes = ssl3_read_bytes,
 433         .ssl_write_bytes = ssl3_write_bytes,
 434         .get_cipher = ssl3_get_cipher,
 435         .enc_flags = TLSV1_2_ENC_FLAGS,
 436 };
 437
 438 static const SSL_METHOD TLSv1_2_client_method_data = {
 439         .dtls = 0,
 440         .server = 0,
 441         .version = TLS1_2_VERSION,
 442         .min_tls_version = TLS1_2_VERSION,
 443         .max_tls_version = TLS1_2_VERSION,
 444         .ssl_new = tls1_new,
 445         .ssl_clear = tls1_clear,
 446         .ssl_free = tls1_free,
 447         .ssl_accept = ssl_undefined_function,
 448         .ssl_connect = ssl3_connect,
 449         .ssl_shutdown = ssl3_shutdown,
 450         .ssl_renegotiate = ssl3_renegotiate,
 451         .ssl_renegotiate_check = ssl3_renegotiate_check,
 452         .ssl_pending = ssl3_pending,
 453         .ssl_read_bytes = ssl3_read_bytes,
 454         .ssl_write_bytes = ssl3_write_bytes,
 455         .get_cipher = ssl3_get_cipher,
 456         .enc_flags = TLSV1_2_ENC_FLAGS,
 457 };
 458
 459 const SSL_METHOD *
 460 TLS_client_method(void)
 461 {
 462 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT)
 463         return (&TLS_client_method_data);
 464 #else
 465         return (&TLS_legacy_client_method_data);
 466 #endif
 467 }
 468
 469 const SSL_METHOD *
 470 TLS_method(void)
 471 {
 472 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER)
 473         return (&TLS_method_data);
 474 #else
 475         return tls_legacy_method();
 476 #endif
 477 }
 478
 479 const SSL_METHOD *
 480 TLS_server_method(void)
 481 {
 482         return TLS_method();
 483 }
 484
 485 const SSL_METHOD *
 486 tls_legacy_method(void)
 487 {
 488         return (&TLS_legacy_method_data);
 489 }
 490
 491 const SSL_METHOD *
 492 SSLv23_client_method(void)
 493 {
 494         return TLS_client_method();
 495 }
 496
 497 const SSL_METHOD *
 498 SSLv23_method(void)
 499 {
 500         return TLS_method();
 501 }
 502
 503 const SSL_METHOD *
 504 SSLv23_server_method(void)
 505 {
 506         return TLS_method();
 507 }
 508
 509 const SSL_METHOD *
 510 TLSv1_client_method(void)
 511 {
 512         return (&TLSv1_client_method_data);
 513 }
 514
 515 const SSL_METHOD *
 516 TLSv1_method(void)
 517 {
 518         return (&TLSv1_method_data);
 519 }
 520
 521 const SSL_METHOD *
 522 TLSv1_server_method(void)
 523 {
 524         return (&TLSv1_method_data);
 525 }
 526
 527 const SSL_METHOD *
 528 TLSv1_1_client_method(void)
 529 {
 530         return (&TLSv1_1_client_method_data);
 531 }
 532
 533 const SSL_METHOD *
 534 TLSv1_1_method(void)
 535 {
 536         return (&TLSv1_1_method_data);
 537 }
 538
 539 const SSL_METHOD *
 540 TLSv1_1_server_method(void)
 541 {
 542         return (&TLSv1_1_method_data);
 543 }
 544
 545 const SSL_METHOD *
 546 TLSv1_2_client_method(void)
 547 {
 548         return (&TLSv1_2_client_method_data);
 549 }
 550
 551 const SSL_METHOD *
 552 TLSv1_2_method(void)
 553 {
 554         return (&TLSv1_2_method_data);
 555 }
 556
 557 const SSL_METHOD *
 558 TLSv1_2_server_method(void)
 559 {
 560         return (&TLSv1_2_method_data);
 561 }
 562
 563 const SSL_METHOD *
 564 ssl_get_method(uint16_t version)
 565 {
 566         if (version == TLS1_3_VERSION)
 567                 return (TLS_method());
 568         if (version == TLS1_2_VERSION)
 569                 return (TLSv1_2_method());
 570         if (version == TLS1_1_VERSION)
 571                 return (TLSv1_1_method());
 572         if (version == TLS1_VERSION)
 573                 return (TLSv1_method());
 574         if (version == DTLS1_VERSION)
 575                 return (DTLSv1_method());
 576         if (version == DTLS1_2_VERSION)
 577                 return (DTLSv1_2_method());
 578
 579         return (NULL);
 580 }