From 53bb723834f523d09cbb05adad4bc5ce3c672d59 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Wed, 26 Dec 2012 17:09:39 +0000
Subject: [PATCH] Use client version when deciding which cipher suites to
 disable. (backport from HEAD)

---
 ssl/t1_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 31cce72e0e..984d4bbf7a 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -957,7 +957,7 @@ void ssl_set_client_disabled(SSL *s)
 	c->mask_a = 0;
 	c->mask_k = 0;
 	/* If less than TLS 1.2 don't allow TLS 1.2 only ciphers */
-	if (TLS1_get_version(s) < TLS1_2_VERSION)
+	if (TLS1_get_client_version(s) < TLS1_2_VERSION)
 		c->mask_ssl = SSL_TLSV1_2;
 	else
 		c->mask_ssl = 0;
-- 
2.25.1