From 5f7470df83cb179f793026a5950c1446866c9cab Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 15 Feb 2018 14:29:45 +0000 Subject: [PATCH] The record version for ClientHello2 should be TLS1.2 According to TLSv1.3 draft-24 the record version for ClientHello2 should be TLS1.2, and not TLS1.0 as it is now. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5377) --- ssl/record/rec_layer_s3.c | 4 +++- test/tls13ccstest.c | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index ea70258252..0953d2b01d 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -839,7 +839,9 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf, * and record version number > TLS 1.0 */ if (SSL_get_state(s) == TLS_ST_CW_CLNT_HELLO - && !s->renegotiate && TLS1_get_version(s) > TLS1_VERSION) + && !s->renegotiate + && TLS1_get_version(s) > TLS1_VERSION + && s->hello_retry_request == SSL_HRR_NONE) version = TLS1_VERSION; maxcomplen = pipelens[j]; diff --git a/test/tls13ccstest.c b/test/tls13ccstest.c index c51c2cec5f..db9bfe5a57 100644 --- a/test/tls13ccstest.c +++ b/test/tls13ccstest.c @@ -118,7 +118,7 @@ static int watchccs_write(BIO *bio, const char *in, int inl) return 0; if (msgtype == SSL3_MT_CLIENT_HELLO) { chseen++; - expectedrecvers = TLS1_VERSION; + /* * Skip legacy_version (2 bytes) and Random (32 bytes) to read * session_id. @@ -128,6 +128,8 @@ static int watchccs_write(BIO *bio, const char *in, int inl) return 0; if (chseen == 1) { + expectedrecvers = TLS1_VERSION; + /* Save the session id for later */ chsessidlen = PACKET_remaining(&sessionid); if (!PACKET_copy_bytes(&sessionid, chsessid, chsessidlen)) -- 2.25.1