Change the SSL_IS_DTLS() macro to check the version, rather than using a

flag in the encryption methods. We can do this since there is currently
only one DTLS version. This makes upcoming changes easier.

ok beck@

lib/libssl/d1_lib.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_lib.c,v 1.37 2017/01/23 13:36:13 jsing Exp $ */
+/* $OpenBSD: d1_lib.c,v 1.38 2017/01/25 06:38:01 jsing Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -87,7 +87,7 @@ SSL3_ENC_METHOD DTLSv1_enc_data = {
 	.server_finished_label_len = TLS_MD_SERVER_FINISH_CONST_SIZE,
 	.alert_value = tls1_alert_code,
 	.export_keying_material = tls1_export_keying_material,
-	.enc_flags = SSL_ENC_FLAG_DTLS|SSL_ENC_FLAG_EXPLICIT_IV,
+	.enc_flags = SSL_ENC_FLAG_EXPLICIT_IV,
 };
 
 long

lib/libssl/ssl_locl.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.165 2017/01/25 06:13:02 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.166 2017/01/25 06:38:01 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -328,7 +328,7 @@ __BEGIN_HIDDEN_DECLS
 
 /* Check if an SSL structure is using DTLS. */
 #define SSL_IS_DTLS(s) \
-	(s->method->internal->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
+	(s->method->internal->version == DTLS1_VERSION)
 
 /* See if we need explicit IV. */
 #define SSL_USE_EXPLICIT_IV(s) \
@@ -1049,9 +1049,6 @@ typedef struct ssl3_enc_method {
 /* Uses SHA256 default PRF. */
 #define SSL_ENC_FLAG_SHA256_PRF         (1 << 2)
 
-/* Is DTLS. */
-#define SSL_ENC_FLAG_DTLS               (1 << 3)
-
 /* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
 #define SSL_ENC_FLAG_TLS1_2_CIPHERS     (1 << 4)