<p style="font-family:Calibri,Helvetica,sans-serif;font-size:16px">Hi,</p><p style="font-family:Calibri,Helvetica,sans-serif;font-size:16px">I am sending a Tls 1.3 client hello, and am seeing an issue with<br></p><p style="font-family:Calibri,Helvetica,sans-serif;font-size:16px">ossl_statem_client_write_<wbr>transition in statem_clnt.c.</p><p style="font-family:Calibri,Helvetica,sans-serif;font-size:16px"><br></p><p style="font-family:Calibri,Helvetica,sans-serif;font-size:16px"></p><div style="font-family:Calibri,Helvetica,sans-serif;font-size:16px">    /*<br>     * Note that immediately before/after a ClientHello we don't know what<br>     * version we are going to negotiate yet, so we don't take this branch until<br>     * later<br>     */<br><br><div>/*<br> * ossl_statem_client_write_<wbr>transition() works out what handshake state to<br> * move to next when the client is writing messages to be sent to the server.<br> */<br>WRITE_TRAN ossl_statem_client_write_<wbr>transition(SSL *s)<br>{<br></div><br>    if (SSL_IS_TLS13(s))<br>        return ossl_statem_client13_write_<wbr>transition(s);</div><div style="font-family:Calibri,Helvetica,sans-serif;font-size:16px">}</div><p style="font-family:Calibri,Helvetica,sans-serif;font-size:16px">And in:</p><p style="font-family:Calibri,Helvetica,sans-serif;font-size:16px"><br></p><p style="font-family:Calibri,Helvetica,sans-serif;font-size:16px"></p><div style="font-family:Calibri,Helvetica,sans-serif;font-size:16px">/*<br> * ossl_statem_client_write_trans<wbr>ition() works out what handshake state to<br> * move to next when the client is writing messages to be sent to the server.<br> */<br>WRITE_TRAN ossl_statem_client_write_trans<wbr>ition(SSL *s)<br>{<br><br><div>   /*<br>     * Note: There are no cases for TLS_ST_BEFORE because we haven't negotiated<br>     * TLSv1.3 yet at that point. They are handled by<br>     * ossl_statem_client_write_trans<wbr>ition().<br>     */<br></div><br><div>    switch (st->hand_state) {<br>    default:<br>        /* Shouldn't happen */<br>        return WRITE_TRAN_ERROR;<br><br>}<br><br>With a TLS 1.3 client hello, using tls 1.3 version, the st->hand_state is TLS_ST_BEFORE and so, the default error is returned.<br><br>When I added :<br><br><div>    case TLS_ST_BEFORE:<br>        st->hand_state = TLS_ST_CW_CLNT_HELLO;<br>        return WRITE_TRAN_CONTINUE;<br><br>The client hello gets sent out, but I only saw a TLS 1.2 version being sent.</div><div>Is this a bug?<br><br>Thanks,<br>Mahesh</div></div></div>