[openssl-commits] [openssl] OpenSSL source code branch master updated. ec1af3c4195c1dfecdd9dc7458850ab1b8b951e0

Matt Caswell matt at openssl.org
Tue Dec 16 14:49:15 UTC 2014

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSSL source code".

The branch, master has been updated
       via  ec1af3c4195c1dfecdd9dc7458850ab1b8b951e0 (commit)
      from  db812f2d70f0695fd53b386fe5e870bef8ca3c22 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit ec1af3c4195c1dfecdd9dc7458850ab1b8b951e0
Author: Adam Langley <agl at google.com>
Date:   Sat Dec 13 20:13:10 2014 +0000

    Don't set client_version to the ServerHello version.
    The client_version needs to be preserved for the RSA key exchange.
    This change also means that renegotiation will, like TLS, repeat the old
    client_version rather than advertise only the final version. (Either way,
    version change on renego is not allowed.) This is necessary in TLS to work
    around an SChannel bug, but it's not strictly necessary in DTLS.
    (From BoringSSL)
    Reviewed-by: Emilia Käsper <emilia at openssl.org>


Summary of changes:
 ssl/s3_clnt.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index e178fe1..1aff833 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -944,7 +944,7 @@ int ssl3_get_server_hello(SSL *s)
 			goto f_err;
-		s->version = s->client_version = s->method->version;
+		s->version = s->method->version;
 	if ((p[0] != (s->version>>8)) || (p[1] != (s->version&0xff)))

OpenSSL source code

More information about the openssl-commits mailing list