* the negotiated version.
*
* For TLS 1.3 we always set the ClientHello version to 1.2 and rely on the
- * supported_versions extension for the reall supported versions.
+ * supported_versions extension for the real supported versions.
*/
if (!WPACKET_put_bytes_u16(pkt,
- (!SSL_IS_DTLS(s) && s->client_version >= TLS1_3_VERSION)
- ? TLS1_2_VERSION : s->client_version)
+ (!SSL_IS_DTLS(s)
+ && s->client_version >= TLS1_3_VERSION)
+ ? TLS1_2_VERSION : s->client_version)
|| !WPACKET_memcpy(pkt, s->s3->client_random, SSL3_RANDOM_SIZE)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
return 0;
const SSL_METHOD *best_method = NULL;
PACKET versionslist;
- if (!PACKET_get_length_prefixed_1(&suppversions->data, &versionslist)
- || PACKET_remaining(&suppversions->data) != 0) {
+ if (!PACKET_as_length_prefixed_1(&suppversions->data, &versionslist)) {
/* Trailing or invalid data? */
return SSL_R_LENGTH_MISMATCH;
}
continue;
for (vent = table;
vent->version != 0 && vent->version != (int)candidate_vers;
- ++vent);
+ ++vent)
+ ;
if (vent->version != 0) {
const SSL_METHOD *method;
return 0;
}
-
- /* TODO(TLS1.3): Should we add this extension for versions < TLS1.3? */
if (!SSL_IS_DTLS(s) && s->version >= TLS1_3_VERSION) {
int min_version, max_version, reason, currv;
if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_supported_versions)
projects / oweals / openssl.git / commitdiff