In a reneg use the same client_version we used last time
authorMatt Caswell <matt@openssl.org>
Mon, 23 Apr 2018 16:14:47 +0000 (17:14 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 24 Apr 2018 08:54:31 +0000 (09:54 +0100)
commit447cc0ad732858f3ab80b2dc52f15fd045b25363
tree734ec9af871268dfcf22c133d123b4dd150db2f2
parentac98d3860206bd31fd484baf163398bfb41e8595
In a reneg use the same client_version we used last time

In 1.0.2 and below we always send the same client_version in a reneg
ClientHello that we sent the first time around, regardless of what
version eventually gets negotiated. According to a comment in
statem_clnt.c this is a workaround for some buggy servers that choked if
we changed the version used in the RSA encrypted premaster secret.

In 1.1.0+ this behaviour no longer occurs. This restores the original
behaviour.

Fixes #1651

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6059)
ssl/statem/statem_lib.c