1 /* $OpenBSD: ssl_methods.c,v 1.27 2021/07/03 16:06:45 jsing Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include "dtls_locl.h" 60 #include "ssl_locl.h" 61 #include "tls13_internal.h" 62 63 static const SSL_METHOD DTLS_method_data = { 64 .dtls = 1, 65 .server = 1, 66 .version = DTLS1_2_VERSION, 67 .min_tls_version = TLS1_1_VERSION, 68 .max_tls_version = TLS1_2_VERSION, 69 .ssl_new = dtls1_new, 70 .ssl_clear = dtls1_clear, 71 .ssl_free = dtls1_free, 72 .ssl_accept = ssl3_accept, 73 .ssl_connect = ssl3_connect, 74 .ssl_shutdown = ssl3_shutdown, 75 .ssl_renegotiate = ssl3_renegotiate, 76 .ssl_renegotiate_check = ssl3_renegotiate_check, 77 .ssl_pending = ssl3_pending, 78 .ssl_read_bytes = dtls1_read_bytes, 79 .ssl_write_bytes = dtls1_write_app_data_bytes, 80 .ssl_dispatch_alert = dtls1_dispatch_alert, 81 .get_cipher = dtls1_get_cipher, 82 .enc_flags = TLSV1_2_ENC_FLAGS, 83 }; 84 85 static const SSL_METHOD DTLS_client_method_data = { 86 .dtls = 1, 87 .server = 0, 88 .version = DTLS1_2_VERSION, 89 .min_tls_version = TLS1_1_VERSION, 90 .max_tls_version = TLS1_2_VERSION, 91 .ssl_new = dtls1_new, 92 .ssl_clear = dtls1_clear, 93 .ssl_free = dtls1_free, 94 .ssl_accept = ssl_undefined_function, 95 .ssl_connect = ssl3_connect, 96 .ssl_shutdown = ssl3_shutdown, 97 .ssl_renegotiate = ssl3_renegotiate, 98 .ssl_renegotiate_check = ssl3_renegotiate_check, 99 .ssl_pending = ssl3_pending, 100 .ssl_read_bytes = dtls1_read_bytes, 101 .ssl_write_bytes = dtls1_write_app_data_bytes, 102 .ssl_dispatch_alert = dtls1_dispatch_alert, 103 .get_cipher = dtls1_get_cipher, 104 .enc_flags = TLSV1_2_ENC_FLAGS, 105 }; 106 107 static const SSL_METHOD DTLSv1_method_data = { 108 .dtls = 1, 109 .server = 1, 110 .version = DTLS1_VERSION, 111 .min_tls_version = TLS1_1_VERSION, 112 .max_tls_version = TLS1_1_VERSION, 113 .ssl_new = dtls1_new, 114 .ssl_clear = dtls1_clear, 115 .ssl_free = dtls1_free, 116 .ssl_accept = ssl3_accept, 117 .ssl_connect = ssl3_connect, 118 .ssl_shutdown = ssl3_shutdown, 119 .ssl_renegotiate = ssl3_renegotiate, 120 .ssl_renegotiate_check = ssl3_renegotiate_check, 121 .ssl_pending = ssl3_pending, 122 .ssl_read_bytes = dtls1_read_bytes, 123 .ssl_write_bytes = dtls1_write_app_data_bytes, 124 .ssl_dispatch_alert = dtls1_dispatch_alert, 125 .get_cipher = dtls1_get_cipher, 126 .enc_flags = TLSV1_1_ENC_FLAGS, 127 }; 128 129 static const SSL_METHOD DTLSv1_client_method_data = { 130 .dtls = 1, 131 .server = 0, 132 .version = DTLS1_VERSION, 133 .min_tls_version = TLS1_1_VERSION, 134 .max_tls_version = TLS1_1_VERSION, 135 .ssl_new = dtls1_new, 136 .ssl_clear = dtls1_clear, 137 .ssl_free = dtls1_free, 138 .ssl_accept = ssl_undefined_function, 139 .ssl_connect = ssl3_connect, 140 .ssl_shutdown = ssl3_shutdown, 141 .ssl_renegotiate = ssl3_renegotiate, 142 .ssl_renegotiate_check = ssl3_renegotiate_check, 143 .ssl_pending = ssl3_pending, 144 .ssl_read_bytes = dtls1_read_bytes, 145 .ssl_write_bytes = dtls1_write_app_data_bytes, 146 .ssl_dispatch_alert = dtls1_dispatch_alert, 147 .get_cipher = dtls1_get_cipher, 148 .enc_flags = TLSV1_1_ENC_FLAGS, 149 }; 150 151 static const SSL_METHOD DTLSv1_2_method_data = { 152 .dtls = 1, 153 .server = 1, 154 .version = DTLS1_2_VERSION, 155 .min_tls_version = TLS1_2_VERSION, 156 .max_tls_version = TLS1_2_VERSION, 157 .ssl_new = dtls1_new, 158 .ssl_clear = dtls1_clear, 159 .ssl_free = dtls1_free, 160 .ssl_accept = ssl3_accept, 161 .ssl_connect = ssl3_connect, 162 .ssl_shutdown = ssl3_shutdown, 163 .ssl_renegotiate = ssl3_renegotiate, 164 .ssl_renegotiate_check = ssl3_renegotiate_check, 165 .ssl_pending = ssl3_pending, 166 .ssl_read_bytes = dtls1_read_bytes, 167 .ssl_write_bytes = dtls1_write_app_data_bytes, 168 .ssl_dispatch_alert = dtls1_dispatch_alert, 169 .get_cipher = dtls1_get_cipher, 170 .enc_flags = TLSV1_2_ENC_FLAGS, 171 }; 172 173 static const SSL_METHOD DTLSv1_2_client_method_data = { 174 .dtls = 1, 175 .server = 0, 176 .version = DTLS1_2_VERSION, 177 .min_tls_version = TLS1_2_VERSION, 178 .max_tls_version = TLS1_2_VERSION, 179 .ssl_new = dtls1_new, 180 .ssl_clear = dtls1_clear, 181 .ssl_free = dtls1_free, 182 .ssl_accept = ssl_undefined_function, 183 .ssl_connect = ssl3_connect, 184 .ssl_shutdown = ssl3_shutdown, 185 .ssl_renegotiate = ssl3_renegotiate, 186 .ssl_renegotiate_check = ssl3_renegotiate_check, 187 .ssl_pending = ssl3_pending, 188 .ssl_read_bytes = dtls1_read_bytes, 189 .ssl_write_bytes = dtls1_write_app_data_bytes, 190 .ssl_dispatch_alert = dtls1_dispatch_alert, 191 .get_cipher = dtls1_get_cipher, 192 .enc_flags = TLSV1_2_ENC_FLAGS, 193 }; 194 195 const SSL_METHOD * 196 DTLSv1_client_method(void) 197 { 198 return &DTLSv1_client_method_data; 199 } 200 201 const SSL_METHOD * 202 DTLSv1_method(void) 203 { 204 return &DTLSv1_method_data; 205 } 206 207 const SSL_METHOD * 208 DTLSv1_server_method(void) 209 { 210 return &DTLSv1_method_data; 211 } 212 213 const SSL_METHOD * 214 DTLSv1_2_client_method(void) 215 { 216 return &DTLSv1_2_client_method_data; 217 } 218 219 const SSL_METHOD * 220 DTLSv1_2_method(void) 221 { 222 return &DTLSv1_2_method_data; 223 } 224 225 const SSL_METHOD * 226 DTLSv1_2_server_method(void) 227 { 228 return &DTLSv1_2_method_data; 229 } 230 231 const SSL_METHOD * 232 DTLS_client_method(void) 233 { 234 return &DTLS_client_method_data; 235 } 236 237 const SSL_METHOD * 238 DTLS_method(void) 239 { 240 return &DTLS_method_data; 241 } 242 243 const SSL_METHOD * 244 DTLS_server_method(void) 245 { 246 return &DTLS_method_data; 247 } 248 249 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER) 250 static const SSL_METHOD TLS_method_data = { 251 .dtls = 0, 252 .server = 1, 253 .version = TLS1_3_VERSION, 254 .min_tls_version = TLS1_VERSION, 255 .max_tls_version = TLS1_3_VERSION, 256 .ssl_new = tls1_new, 257 .ssl_clear = tls1_clear, 258 .ssl_free = tls1_free, 259 .ssl_accept = tls13_legacy_accept, 260 .ssl_connect = tls13_legacy_connect, 261 .ssl_shutdown = tls13_legacy_shutdown, 262 .ssl_renegotiate = ssl_undefined_function, 263 .ssl_renegotiate_check = ssl_ok, 264 .ssl_pending = tls13_legacy_pending, 265 .ssl_read_bytes = tls13_legacy_read_bytes, 266 .ssl_write_bytes = tls13_legacy_write_bytes, 267 .ssl_dispatch_alert = ssl3_dispatch_alert, 268 .get_cipher = ssl3_get_cipher, 269 .enc_flags = TLSV1_3_ENC_FLAGS, 270 }; 271 #endif 272 273 static const SSL_METHOD TLS_legacy_method_data = { 274 .dtls = 0, 275 .server = 1, 276 .version = TLS1_2_VERSION, 277 .min_tls_version = TLS1_VERSION, 278 .max_tls_version = TLS1_2_VERSION, 279 .ssl_new = tls1_new, 280 .ssl_clear = tls1_clear, 281 .ssl_free = tls1_free, 282 .ssl_accept = ssl3_accept, 283 .ssl_connect = ssl3_connect, 284 .ssl_shutdown = ssl3_shutdown, 285 .ssl_renegotiate = ssl_undefined_function, 286 .ssl_renegotiate_check = ssl_ok, 287 .ssl_pending = ssl3_pending, 288 .ssl_read_bytes = ssl3_read_bytes, 289 .ssl_write_bytes = ssl3_write_bytes, 290 .ssl_dispatch_alert = ssl3_dispatch_alert, 291 .get_cipher = ssl3_get_cipher, 292 .enc_flags = TLSV1_2_ENC_FLAGS, 293 }; 294 295 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) 296 static const SSL_METHOD TLS_client_method_data = { 297 .dtls = 0, 298 .server = 0, 299 .version = TLS1_3_VERSION, 300 .min_tls_version = TLS1_VERSION, 301 .max_tls_version = TLS1_3_VERSION, 302 .ssl_new = tls1_new, 303 .ssl_clear = tls1_clear, 304 .ssl_free = tls1_free, 305 .ssl_accept = tls13_legacy_accept, 306 .ssl_connect = tls13_legacy_connect, 307 .ssl_shutdown = tls13_legacy_shutdown, 308 .ssl_renegotiate = ssl_undefined_function, 309 .ssl_renegotiate_check = ssl_ok, 310 .ssl_pending = tls13_legacy_pending, 311 .ssl_read_bytes = tls13_legacy_read_bytes, 312 .ssl_write_bytes = tls13_legacy_write_bytes, 313 .ssl_dispatch_alert = ssl3_dispatch_alert, 314 .get_cipher = ssl3_get_cipher, 315 .enc_flags = TLSV1_3_ENC_FLAGS, 316 }; 317 318 #else 319 320 static const SSL_METHOD TLS_legacy_client_method_data = { 321 .dtls = 0, 322 .server = 0, 323 .version = TLS1_2_VERSION, 324 .min_tls_version = TLS1_VERSION, 325 .max_tls_version = TLS1_2_VERSION, 326 .ssl_new = tls1_new, 327 .ssl_clear = tls1_clear, 328 .ssl_free = tls1_free, 329 .ssl_accept = ssl3_accept, 330 .ssl_connect = ssl3_connect, 331 .ssl_shutdown = ssl3_shutdown, 332 .ssl_renegotiate = ssl_undefined_function, 333 .ssl_renegotiate_check = ssl_ok, 334 .ssl_pending = ssl3_pending, 335 .ssl_read_bytes = ssl3_read_bytes, 336 .ssl_write_bytes = ssl3_write_bytes, 337 .ssl_dispatch_alert = ssl3_dispatch_alert, 338 .get_cipher = ssl3_get_cipher, 339 .enc_flags = TLSV1_2_ENC_FLAGS, 340 }; 341 #endif 342 343 static const SSL_METHOD TLSv1_method_data = { 344 .dtls = 0, 345 .server = 1, 346 .version = TLS1_VERSION, 347 .min_tls_version = TLS1_VERSION, 348 .max_tls_version = TLS1_VERSION, 349 .ssl_new = tls1_new, 350 .ssl_clear = tls1_clear, 351 .ssl_free = tls1_free, 352 .ssl_accept = ssl3_accept, 353 .ssl_connect = ssl3_connect, 354 .ssl_shutdown = ssl3_shutdown, 355 .ssl_renegotiate = ssl3_renegotiate, 356 .ssl_renegotiate_check = ssl3_renegotiate_check, 357 .ssl_pending = ssl3_pending, 358 .ssl_read_bytes = ssl3_read_bytes, 359 .ssl_write_bytes = ssl3_write_bytes, 360 .ssl_dispatch_alert = ssl3_dispatch_alert, 361 .get_cipher = ssl3_get_cipher, 362 .enc_flags = TLSV1_ENC_FLAGS, 363 }; 364 365 static const SSL_METHOD TLSv1_client_method_data = { 366 .dtls = 0, 367 .server = 0, 368 .version = TLS1_VERSION, 369 .min_tls_version = TLS1_VERSION, 370 .max_tls_version = TLS1_VERSION, 371 .ssl_new = tls1_new, 372 .ssl_clear = tls1_clear, 373 .ssl_free = tls1_free, 374 .ssl_accept = ssl_undefined_function, 375 .ssl_connect = ssl3_connect, 376 .ssl_shutdown = ssl3_shutdown, 377 .ssl_renegotiate = ssl3_renegotiate, 378 .ssl_renegotiate_check = ssl3_renegotiate_check, 379 .ssl_pending = ssl3_pending, 380 .ssl_read_bytes = ssl3_read_bytes, 381 .ssl_write_bytes = ssl3_write_bytes, 382 .ssl_dispatch_alert = ssl3_dispatch_alert, 383 .get_cipher = ssl3_get_cipher, 384 .enc_flags = TLSV1_ENC_FLAGS, 385 }; 386 387 static const SSL_METHOD TLSv1_1_method_data = { 388 .dtls = 0, 389 .server = 1, 390 .version = TLS1_1_VERSION, 391 .min_tls_version = TLS1_1_VERSION, 392 .max_tls_version = TLS1_1_VERSION, 393 .ssl_new = tls1_new, 394 .ssl_clear = tls1_clear, 395 .ssl_free = tls1_free, 396 .ssl_accept = ssl3_accept, 397 .ssl_connect = ssl3_connect, 398 .ssl_shutdown = ssl3_shutdown, 399 .ssl_renegotiate = ssl3_renegotiate, 400 .ssl_renegotiate_check = ssl3_renegotiate_check, 401 .ssl_pending = ssl3_pending, 402 .ssl_read_bytes = ssl3_read_bytes, 403 .ssl_write_bytes = ssl3_write_bytes, 404 .ssl_dispatch_alert = ssl3_dispatch_alert, 405 .get_cipher = ssl3_get_cipher, 406 .enc_flags = TLSV1_1_ENC_FLAGS, 407 }; 408 409 static const SSL_METHOD TLSv1_1_client_method_data = { 410 .dtls = 0, 411 .server = 0, 412 .version = TLS1_1_VERSION, 413 .min_tls_version = TLS1_1_VERSION, 414 .max_tls_version = TLS1_1_VERSION, 415 .ssl_new = tls1_new, 416 .ssl_clear = tls1_clear, 417 .ssl_free = tls1_free, 418 .ssl_accept = ssl_undefined_function, 419 .ssl_connect = ssl3_connect, 420 .ssl_shutdown = ssl3_shutdown, 421 .ssl_renegotiate = ssl3_renegotiate, 422 .ssl_renegotiate_check = ssl3_renegotiate_check, 423 .ssl_pending = ssl3_pending, 424 .ssl_read_bytes = ssl3_read_bytes, 425 .ssl_write_bytes = ssl3_write_bytes, 426 .ssl_dispatch_alert = ssl3_dispatch_alert, 427 .get_cipher = ssl3_get_cipher, 428 .enc_flags = TLSV1_1_ENC_FLAGS, 429 }; 430 431 static const SSL_METHOD TLSv1_2_method_data = { 432 .dtls = 0, 433 .server = 1, 434 .version = TLS1_2_VERSION, 435 .min_tls_version = TLS1_2_VERSION, 436 .max_tls_version = TLS1_2_VERSION, 437 .ssl_new = tls1_new, 438 .ssl_clear = tls1_clear, 439 .ssl_free = tls1_free, 440 .ssl_accept = ssl3_accept, 441 .ssl_connect = ssl3_connect, 442 .ssl_shutdown = ssl3_shutdown, 443 .ssl_renegotiate = ssl3_renegotiate, 444 .ssl_renegotiate_check = ssl3_renegotiate_check, 445 .ssl_pending = ssl3_pending, 446 .ssl_read_bytes = ssl3_read_bytes, 447 .ssl_write_bytes = ssl3_write_bytes, 448 .ssl_dispatch_alert = ssl3_dispatch_alert, 449 .get_cipher = ssl3_get_cipher, 450 .enc_flags = TLSV1_2_ENC_FLAGS, 451 }; 452 453 static const SSL_METHOD TLSv1_2_client_method_data = { 454 .dtls = 0, 455 .server = 0, 456 .version = TLS1_2_VERSION, 457 .min_tls_version = TLS1_2_VERSION, 458 .max_tls_version = TLS1_2_VERSION, 459 .ssl_new = tls1_new, 460 .ssl_clear = tls1_clear, 461 .ssl_free = tls1_free, 462 .ssl_accept = ssl_undefined_function, 463 .ssl_connect = ssl3_connect, 464 .ssl_shutdown = ssl3_shutdown, 465 .ssl_renegotiate = ssl3_renegotiate, 466 .ssl_renegotiate_check = ssl3_renegotiate_check, 467 .ssl_pending = ssl3_pending, 468 .ssl_read_bytes = ssl3_read_bytes, 469 .ssl_write_bytes = ssl3_write_bytes, 470 .ssl_dispatch_alert = ssl3_dispatch_alert, 471 .get_cipher = ssl3_get_cipher, 472 .enc_flags = TLSV1_2_ENC_FLAGS, 473 }; 474 475 const SSL_METHOD * 476 TLS_client_method(void) 477 { 478 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) 479 return (&TLS_client_method_data); 480 #else 481 return (&TLS_legacy_client_method_data); 482 #endif 483 } 484 485 const SSL_METHOD * 486 TLS_method(void) 487 { 488 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER) 489 return (&TLS_method_data); 490 #else 491 return tls_legacy_method(); 492 #endif 493 } 494 495 const SSL_METHOD * 496 TLS_server_method(void) 497 { 498 return TLS_method(); 499 } 500 501 const SSL_METHOD * 502 tls_legacy_method(void) 503 { 504 return (&TLS_legacy_method_data); 505 } 506 507 const SSL_METHOD * 508 SSLv23_client_method(void) 509 { 510 return TLS_client_method(); 511 } 512 513 const SSL_METHOD * 514 SSLv23_method(void) 515 { 516 return TLS_method(); 517 } 518 519 const SSL_METHOD * 520 SSLv23_server_method(void) 521 { 522 return TLS_method(); 523 } 524 525 const SSL_METHOD * 526 TLSv1_client_method(void) 527 { 528 return (&TLSv1_client_method_data); 529 } 530 531 const SSL_METHOD * 532 TLSv1_method(void) 533 { 534 return (&TLSv1_method_data); 535 } 536 537 const SSL_METHOD * 538 TLSv1_server_method(void) 539 { 540 return (&TLSv1_method_data); 541 } 542 543 const SSL_METHOD * 544 TLSv1_1_client_method(void) 545 { 546 return (&TLSv1_1_client_method_data); 547 } 548 549 const SSL_METHOD * 550 TLSv1_1_method(void) 551 { 552 return (&TLSv1_1_method_data); 553 } 554 555 const SSL_METHOD * 556 TLSv1_1_server_method(void) 557 { 558 return (&TLSv1_1_method_data); 559 } 560 561 const SSL_METHOD * 562 TLSv1_2_client_method(void) 563 { 564 return (&TLSv1_2_client_method_data); 565 } 566 567 const SSL_METHOD * 568 TLSv1_2_method(void) 569 { 570 return (&TLSv1_2_method_data); 571 } 572 573 const SSL_METHOD * 574 TLSv1_2_server_method(void) 575 { 576 return (&TLSv1_2_method_data); 577 } 578 579 const SSL_METHOD * 580 ssl_get_method(uint16_t version) 581 { 582 if (version == TLS1_3_VERSION) 583 return (TLS_method()); 584 if (version == TLS1_2_VERSION) 585 return (TLSv1_2_method()); 586 if (version == TLS1_1_VERSION) 587 return (TLSv1_1_method()); 588 if (version == TLS1_VERSION) 589 return (TLSv1_method()); 590 if (version == DTLS1_VERSION) 591 return (DTLSv1_method()); 592 if (version == DTLS1_2_VERSION) 593 return (DTLSv1_2_method()); 594 595 return (NULL); 596 } 597