The record version for ClientHello2 should be TLS1.2

According to TLSv1.3 draft-24 the record version for ClientHello2 should be TLS1.2, and not TLS1.0 as it is now. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5377)
2025-03-19 19:50:42 +08:00 · 2018-02-15 14:29:45 +00:00 · 2018-02-15 14:29:45 +00:00 · 5f7470df83
commit 5f7470df83
parent b761ff4e77
2 changed files with 6 additions and 2 deletions
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@ -839,7 +839,9 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
         * and record version number > TLS 1.0
         */
        if (SSL_get_state(s) == TLS_ST_CW_CLNT_HELLO
-            && !s->renegotiate && TLS1_get_version(s) > TLS1_VERSION)
+                && !s->renegotiate
+                && TLS1_get_version(s) > TLS1_VERSION
+                && s->hello_retry_request == SSL_HRR_NONE)
            version = TLS1_VERSION;

        maxcomplen = pipelens[j];
--- a/test/tls13ccstest.c
+++ b/test/tls13ccstest.c
@ -118,7 +118,7 @@ static int watchccs_write(BIO *bio, const char *in, int inl)
                return 0;
            if (msgtype == SSL3_MT_CLIENT_HELLO) {
                chseen++;
-                expectedrecvers = TLS1_VERSION;
+
                /*
                 * Skip legacy_version (2 bytes) and Random (32 bytes) to read
                 * session_id.
@ -128,6 +128,8 @@ static int watchccs_write(BIO *bio, const char *in, int inl)
                    return 0;

                if (chseen == 1) {
+                    expectedrecvers = TLS1_VERSION;
+
                    /* Save the session id for later */
                    chsessidlen = PACKET_remaining(&sessionid);
                    if (!PACKET_copy_bytes(&sessionid, chsessid, chsessidlen))