From: Matt Caswell Date: Mon, 31 Oct 2016 18:12:33 +0000 (+0000) Subject: Look at the supported_versions extension even if the server --- diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index c05f645d87..be604dd123 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -1024,13 +1024,7 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello) hello->num_extensions, TLSEXT_TYPE_supported_versions); - /* - * TODO(TLS1.3): We only look at this if our max protocol version is TLS1.3 - * or above. Should we allow it for lower versions too? - */ - if (suppversions != NULL && !SSL_IS_DTLS(s) - && (s->max_proto_version == 0 - || TLS1_3_VERSION <= s->max_proto_version)) { + if (suppversions != NULL && !SSL_IS_DTLS(s)) { unsigned int candidate_vers = 0; unsigned int best_vers = 0; const SSL_METHOD *best_method = NULL; diff --git a/test/ssl-tests/protocol_version.pm b/test/ssl-tests/protocol_version.pm index 9abcaae5e2..cc39c757c4 100644 --- a/test/ssl-tests/protocol_version.pm +++ b/test/ssl-tests/protocol_version.pm @@ -236,9 +236,10 @@ sub expected_result { return ("ServerFail", undef); } elsif ($c_min > $s_max) { my @prots = @$protocols; - if ($prots[$c_min] eq "TLSv1.3") { - # Client won't have sent any ciphersuite the server recognises - return ("ServerFail", undef); + if ($prots[$c_max] eq "TLSv1.3") { + # Client will have sent supported_versions, so server will know + # that there are no overlapping versions. + return ("ServerFail", undef); } else { # Server will try with a version that is lower than the lowest # supported client version.