OpenSSL - Quickly patch openssl issue
authorMatthew Dillon <dillon@apollo.backplane.com>
Sat, 27 Mar 2010 23:32:13 +0000 (16:32 -0700)
committerMatthew Dillon <dillon@apollo.backplane.com>
Sat, 27 Mar 2010 23:32:13 +0000 (16:32 -0700)
Submitted-by: Peter Avalos <pavalos@theshell.com>
crypto/openssl/ssl/s3_pkt.c

index a2ba574..da48cf7 100644 (file)
@@ -291,9 +291,10 @@ again:
                        if (version != s->version)
                                {
                                SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
-                               /* Send back error using their
-                                * version number :-) */
-                               s->version=version;
+                               if ((s->version & 0xFF00) == (version & 0xFF00))
+                                       /* Send back error using their minor version number :-) */
+
+                                       s->version = (unsigned short)version;
                                al=SSL_AD_PROTOCOL_VERSION;
                                goto f_err;
                                }