Look at the supported_versions extension even if the server <TLS1.3

If supported_versions is present it takes precedence. Reviewed-by: Rich Salz <rsalz@openssl.org>
2024-11-27 05:21:51 +08:00 · 2016-10-31 18:12:33 +00:00 · 2016-10-31 18:12:33 +00:00 · 7b21c00e1c
commit 7b21c00e1c
parent bf85ef1b60
2 changed files with 5 additions and 10 deletions
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@ -1024,13 +1024,7 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello)
                                             hello->num_extensions,
                                             TLSEXT_TYPE_supported_versions);

-    /*
-     * TODO(TLS1.3): We only look at this if our max protocol version is TLS1.3
-     * or above. Should we allow it for lower versions too?
-     */
-    if (suppversions != NULL && !SSL_IS_DTLS(s)
-            && (s->max_proto_version == 0
-                || TLS1_3_VERSION <= s->max_proto_version)) {
+    if (suppversions != NULL && !SSL_IS_DTLS(s)) {
        unsigned int candidate_vers = 0;
        unsigned int best_vers = 0;
        const SSL_METHOD *best_method = NULL;
--- a/test/ssl-tests/protocol_version.pm
+++ b/test/ssl-tests/protocol_version.pm
@ -236,9 +236,10 @@ sub expected_result {
        return ("ServerFail", undef);
    } elsif ($c_min > $s_max) {
        my @prots = @$protocols;
-        if ($prots[$c_min] eq "TLSv1.3") {
-            # Client won't have sent any ciphersuite the server recognises
-                        return ("ServerFail", undef);
+        if ($prots[$c_max] eq "TLSv1.3") {
+            # Client will have sent supported_versions, so server will know
+            # that there are no overlapping versions.
+            return ("ServerFail", undef);
        } else {
            # Server will try with a version that is lower than the lowest
            # supported client version.