From 6a0b803fc067efc271e2ccd20d12e69618bed0a2 Mon Sep 17 00:00:00 2001
From: Rob Stradling <rob@comodo.com>
Date: Tue, 10 Sep 2013 11:46:42 +0100
Subject: [PATCH] Use TLS version supplied by client when fingerprinting
 Safari.

---
 ssl/t1_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 1992b918b3..a240587eec 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1819,7 +1819,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, const unsign
 		return;
 	data += size;
 
-	if (TLS1_get_version(s) >= TLS1_2_VERSION)
+	if (TLS1_get_client_version(s) >= TLS1_2_VERSION)
 		{
 		const size_t len1 = sizeof(kSafariExtensionsBlock);
 		const size_t len2 = sizeof(kSafariTLS12ExtensionsBlock);
-- 
2.25.1