Commit 3c9539d2 authored by Matt Caswell's avatar Matt Caswell
Browse files

Ignore the record version in TLS1.3 



The record layer version field must be ignored in TLSv1.3, so we remove the
check when using that version.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
parent 185c29b1

ssl/record/ssl3_record.c

+3 −2
Original line number Diff line number Diff line
@@ -204,8 +204,9 @@ int ssl3_get_record(SSL *s) 
                rr[num_recs].rec_version = version;

                n2s(p, rr[num_recs].length);



                /* Lets check version */

                if (!s->first_packet && version != s->version) {

                /* Lets check version. In TLSv1.3 we ignore this field */

                if (!s->first_packet && s->version != TLS1_3_VERSION

                        && version != s->version) {

                    SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_WRONG_VERSION_NUMBER);

                    if ((s->version & 0xFF00) == (version & 0xFF00)

                        && !s->enc_write_ctx && !s->write_hash) {