Wrong SSL version in DTLS1_BAD_VER ClientHello
authorDavid Woodhouse <dwmw2@infradead.org>
Mon, 2 Mar 2015 16:20:15 +0000 (16:20 +0000)
committerMatt Caswell <matt@openssl.org>
Mon, 9 Mar 2015 11:04:39 +0000 (11:04 +0000)
commitf7683aaf36341dc65672ac2ccdbfd4a232e3626d
treeb1aa4384c05e455e742548c6426a9833d1366c25
parent5178a16c4375471d25e1f5ef5de46febb62a5529
Wrong SSL version in DTLS1_BAD_VER ClientHello

Since commit 741c9959 ("DTLS revision."), we put the wrong protocol
version into our ClientHello for DTLS1_BAD_VER. The old DTLS
code which used ssl->version was replaced by the more generic SSL3 code
which uses ssl->client_version. The Cisco ASA no longer likes our
ClientHello.

RT#3711

Reviewed-by: Rich Salz <rsalz@openssl.org>
ssl/d1_lib.c