From: Rob Stradling <rob@comodo.com>
Date: Tue, 10 Sep 2013 10:03:29 +0000 (+0100)
Subject: Use TLS version supplied by client when fingerprinting Safari.
X-Git-Tag: OpenSSL_1_0_1f~48
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=f4a51970d245a61e991a0c2e196853e81a1a6c53;p=oweals%2Fopenssl.git

Use TLS version supplied by client when fingerprinting Safari.
---

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 4afc3a258b..f671d1d9c3 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -923,7 +923,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, const unsign
 		return;
 	data += size;
 
-	if (TLS1_get_version(s) >= TLS1_2_VERSION)
+	if (TLS1_get_client_version(s) >= TLS1_2_VERSION)
 		{
 		const size_t len1 = sizeof(kSafariExtensionsBlock);
 		const size_t len2 = sizeof(kSafariTLS12ExtensionsBlock);