granicus.if.org Git - openssl/commit

author	Matt Caswell <matt@openssl.org>
	Mon, 23 Apr 2018 16:14:47 +0000 (17:14 +0100)
committer	Matt Caswell <matt@openssl.org>
	Tue, 24 Apr 2018 08:58:33 +0000 (09:58 +0100)
commit	ba2fd95037b9550e3efb4547034951151cc0e273
tree	60753136964c3167795d1ef23f3239ea7480e43a	tree \| snapshot
parent	0abb903b7618ad404c83ac9b44b2c1bf162b90de	commit \| diff

In a reneg use the same client_version we used last time

In 1.0.2 and below we always send the same client_version in a reneg
ClientHello that we sent the first time around, regardless of what
version eventually gets negotiated. According to a comment in
statem_clnt.c this is a workaround for some buggy servers that choked if
we changed the version used in the RSA encrypted premaster secret.

In 1.1.0+ this behaviour no longer occurs. This restores the original
behaviour.

Fixes #1651

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6060)

ssl/ssl_locl.h		diff \| blob \| history
ssl/statem/statem_lib.c		diff \| blob \| history