[openssl-commits] [openssl] OpenSSL source code branch OpenSSL_1_0_2-stable updated. OpenSSL_1_0_2-beta3-106-g63ef0db

Matt Caswell matt at openssl.org
Tue Dec 16 14:49:08 UTC 2014

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSSL source code".

The branch, OpenSSL_1_0_2-stable has been updated
       via  63ef0db60f7b9fc0c2bcabdc7e2bd133784ddd60 (commit)
      from  f74f5c8586b2bd30738f0bd45aec1f9e95d5945f (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 63ef0db60f7b9fc0c2bcabdc7e2bd133784ddd60
Author: Adam Langley <agl at google.com>
Date:   Sat Dec 13 20:13:10 2014 +0000

    Don't set client_version to the ServerHello version.
    The client_version needs to be preserved for the RSA key exchange.
    This change also means that renegotiation will, like TLS, repeat the old
    client_version rather than advertise only the final version. (Either way,
    version change on renego is not allowed.) This is necessary in TLS to work
    around an SChannel bug, but it's not strictly necessary in DTLS.
    (From BoringSSL)
    Reviewed-by: Emilia Käsper <emilia at openssl.org>
    (cherry picked from commit ec1af3c4195c1dfecdd9dc7458850ab1b8b951e0)


Summary of changes:
 ssl/s3_clnt.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index c9b5ee1..b16b3c4 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -941,7 +941,7 @@ int ssl3_get_server_hello(SSL *s)
 			goto f_err;
-		s->version = s->client_version = s->method->version;
+		s->version = s->method->version;
 	if ((p[0] != (s->version>>8)) || (p[1] != (s->version&0xff)))

OpenSSL source code

More information about the openssl-commits mailing list