PR: 2811

Reported by: Phil Pennock <openssl-dev@spodhuis.org> Make renegotiation work for TLS 1.2, 1.1 by not using a lower record version client hello workaround if renegotiating.
author: Dr. Stephen Henson <steve@openssl.org> 2012-05-11 13:34:29 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2012-05-11 13:34:29 +0000
commit: c3b130338760a7e52656fd217d1d4c846e85cdff (patch)
tree: 69d0204b76560c6fdf02ffcccd14766ed3b20294
parent: 5762f7778da56b9502534fd236007b9a1b0244d9 (diff)
download: openssl-c3b130338760a7e52656fd217d1d4c846e85cdff.tar.gz
2 files changed, 8 insertions, 2 deletions
diff --git a/CHANGES b/CHANGES
index 2656e6616e..4baace1e62 100644
--- a/CHANGES
+++ b/CHANGES
@@ -289,8 +289,13 @@
      whose return value is often ignored. 
      [Steve Henson]
 
- 
- Changes between 1.0.1b and 1.0.1c [xx XXX xxxx]
+ Changes between 1.0.1c and 1.0.1d [xx XXX xxxx]
+
+  *) Don't use TLS 1.0 record version number in initial client hello
+     if renegotiating.
+     [Steve Henson]
+
+ Changes between 1.0.1b and 1.0.1c [10 May 2012]
 
   *) Sanity check record length before skipping explicit IV in TLS
      1.2, 1.1 and DTLS to avoid DoS attack.
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 2d569cc1ce..dca345865a 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -744,6 +744,7 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 	 * bytes and record version number > TLS 1.0
 	 */
 	if (s->state == SSL3_ST_CW_CLNT_HELLO_B
+				&& !s->renegotiate
 				&& TLS1_get_version(s) > TLS1_VERSION)
 		*(p++) = 0x1;
 	else
author	Dr. Stephen Henson <steve@openssl.org>	2012-05-11 13:34:29 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2012-05-11 13:34:29 +0000
commit	c3b130338760a7e52656fd217d1d4c846e85cdff (patch)
tree	69d0204b76560c6fdf02ffcccd14766ed3b20294
parent	5762f7778da56b9502534fd236007b9a1b0244d9 (diff)
download	openssl-c3b130338760a7e52656fd217d1d4c846e85cdff.tar.gz