commit b35fe5638a60437422c78b36162fa5f6e61fed22
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Sat Aug 09 17:00:46 2014 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Tue Oct 21 16:30:20 2014 +0200
tree 94bab311eea01c398bc2fcd82473a74315f287bb
parent 4ba6ab6d0ded99c5b7f02cbcfe3e69f80fe44840

Fix HelloVerifyRequest version handling

library/ssl_cli.c

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 0f4fd6c..12a8ff5 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -975,9 +975,14 @@
     ssl_read_version( &major_ver, &minor_ver, ssl->transport, p );
     p += 2;
 
-    if( major_ver != SSL_MAJOR_VERSION_3 ||
+    /*
+     * Since the RFC is not clear on this point, accept DTLS 1.0 (TLS 1.1)
+     * even is lower than our min version.
+     */
+    if( major_ver < SSL_MAJOR_VERSION_3 ||
         minor_ver < SSL_MINOR_VERSION_2 ||
-        minor_ver > SSL_MINOR_VERSION_3 )
+        major_ver > ssl->max_major_ver  ||
+        minor_ver > ssl->max_minor_ver  )
     {
         SSL_DEBUG_MSG( 1, ( "bad server version" ) );
 

library/ssl_srv.c

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index a66fcb3..fbdf984 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1981,8 +1981,9 @@
      * } HelloVerifyRequest;
      */
 
-    /* For now, use fixed version = DTLS 1.0 */
-    ssl_write_version( SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
+    /* The RFC is not clear on this point, but sending the actual negotiated
+     * version looks like the most interoperable thing to do. */
+    ssl_write_version( ssl->major_ver, ssl->minor_ver,
                        ssl->transport, p );
     SSL_DEBUG_BUF( 3, "server version", (unsigned char *) p, 2 );
     p += 2;