Don't change version number if session established

When sending an invalid version number alert don't change the
version number to the client version if a session is already
established.

Thanks to Marek Majkowski for additional analysis of this issue.

PR#3191
(cherry picked from commit b77b58a398c8b9b4113f3fb6b48e162a3b8d4527)

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 6591c19c8b6dd1c2450e13e6de24d3efefb429d3..b3c293f672ed9b18fde4a7675e271cccbb545e75 100644 (file)
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -337,7 +337,7 @@ fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length);
                        if (version != s->version)
                                {
                                SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
-                                if ((s->version & 0xFF00) == (version & 0xFF00))
+                                if ((s->version & 0xFF00) == (version & 0xFF00) && !s->enc_write_ctx && !s->write_hash)
                                        /* Send back error using their minor version number :-) */
                                        s->version = (unsigned short)version;
                                al=SSL_AD_PROTOCOL_VERSION;

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 37f3ffb1bf3d51931848a2518edeb5604330c30c..619c710ca4226eb97ad8942e729cc1afae1254ec 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -968,12 +968,13 @@ int ssl3_get_client_hello(SSL *s)
        s->client_version=(((int)p[0])<<8)|(int)p[1];
        p+=2;
 
-       if ((SSL_IS_DTLS(s) && s->client_version > s->version
-                       && s->method->version != DTLS_ANY_VERSION) ||
-           (!SSL_IS_DTLS(s) && s->client_version < s->version))
+       if (SSL_IS_DTLS(s)  ?   (s->client_version > s->version &&
+                                s->method->version != DTLS_ANY_VERSION)
+                           :   (s->client_version < s->version))
                {
                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
-               if ((s->client_version>>8) == SSL3_VERSION_MAJOR)
+               if ((s->client_version>>8) == SSL3_VERSION_MAJOR &&
+                       !s->enc_write_ctx && !s->write_hash)
                        {
                        /* similar to ssl3_get_record, send alert using remote version number */
                        s->version = s->client_version;