From: Matt Caswell <matt@openssl.org>
Date: Mon, 31 Oct 2016 18:12:33 +0000 (+0000)
Subject: Look at the supported_versions extension even if the server <TLS1.3
X-Git-Tag: OpenSSL_1_1_1-pre1~3124
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=7b21c00e1c8841a1efe654e0488d4fc9af47db4c;p=oweals%2Fopenssl.git
Look at the supported_versions extension even if the server <TLS1.3
If supported_versions is present it takes precedence.
Reviewed-by: Rich Salz <rsalz@openssl.org>
---
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index c05f645d87..be604dd123 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -1024,13 +1024,7 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello)
hello->num_extensions,
TLSEXT_TYPE_supported_versions);
- /*
- * TODO(TLS1.3): We only look at this if our max protocol version is TLS1.3
- * or above. Should we allow it for lower versions too?
- */
- if (suppversions != NULL && !SSL_IS_DTLS(s)
- && (s->max_proto_version == 0
- || TLS1_3_VERSION <= s->max_proto_version)) {
+ if (suppversions != NULL && !SSL_IS_DTLS(s)) {
unsigned int candidate_vers = 0;
unsigned int best_vers = 0;
const SSL_METHOD *best_method = NULL;
diff --git a/test/ssl-tests/protocol_version.pm b/test/ssl-tests/protocol_version.pm
index 9abcaae5e2..cc39c757c4 100644
--- a/test/ssl-tests/protocol_version.pm
+++ b/test/ssl-tests/protocol_version.pm
@@ -236,9 +236,10 @@ sub expected_result {
return ("ServerFail", undef);
} elsif ($c_min > $s_max) {
my @prots = @$protocols;
- if ($prots[$c_min] eq "TLSv1.3") {
- # Client won't have sent any ciphersuite the server recognises
- return ("ServerFail", undef);
+ if ($prots[$c_max] eq "TLSv1.3") {
+ # Client will have sent supported_versions, so server will know
+ # that there are no overlapping versions.
+ return ("ServerFail", undef);
} else {
# Server will try with a version that is lower than the lowest
# supported client version.