Reverting the TLS 1.3 compatibility
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 5008ddb..1d314c2 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -643,7 +643,7 @@
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
- if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+ if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 )
{
unsigned char mac[MBEDTLS_SSL_MAC_ADD];
@@ -5169,7 +5169,7 @@
MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) );
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
- if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+ if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 )
{
if( ( ret = mbedtls_ssl_send_alert_message( ssl,
MBEDTLS_SSL_ALERT_LEVEL_WARNING,
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 5a23894..259ff56 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -948,7 +948,7 @@
#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
- if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+ if( minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 )
{
/* For HMAC-based ciphersuites, initialize the HMAC transforms.
For AEAD-based ciphersuites, there is nothing to do here. */
