Send TLSv1.2 as the record version when using TLSv1.3

Reviewed-by: N Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4701)

Send TLSv1.2 as the record version when using TLSv1.3
Reviewed-by: N Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4701)
2d729db2 · Matt Caswell · a5816a5a · 2d729db2 · 2d729db2
隐藏空白更改
内联并排

Showing with 4 addition and 3 deletion

ssl/record/rec_layer_s3.c ssl/record/rec_layer_s3.c +2 -1

test/recipes/70-test_sslversions.t test/recipes/70-test_sslversions.t +2 -2

未找到文件。
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -816,7 +816,8 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
    /* Clear our SSL3_RECORD structures */
    memset(wr, 0, sizeof(wr));
    for (j = 0; j < numpipes; j++) {
-        unsigned int version = SSL_TREAT_AS_TLS13(s) ? TLS1_VERSION : s->version;
+        unsigned int version = SSL_TREAT_AS_TLS13(s) ? TLS1_2_VERSION
+                                                     : s->version;
        unsigned char *compressdata = NULL;
        size_t maxcomplen;
        unsigned int rectype;

--- a/test/recipes/70-test_sslversions.t
+++ b/test/recipes/70-test_sslversions.t
@@ -87,7 +87,7 @@ $testtype = REVERSE_ORDER_VERSIONS;
 $proxy->start();
 $record = pop @{$proxy->record_list};
 ok(TLSProxy::Message->success()
-   && $record->version() == TLSProxy::Record::VERS_TLS_1_0
+   && $record->version() == TLSProxy::Record::VERS_TLS_1_2
   && TLSProxy::Proxy->is_tls13(),
   "Reverse order versions");

@@ -107,7 +107,7 @@ $testtype = WITH_TLS1_4;
 $proxy->start();
 $record = pop @{$proxy->record_list};
 ok(TLSProxy::Message->success()
-   && $record->version() == TLSProxy::Record::VERS_TLS_1_0
+   && $record->version() == TLSProxy::Record::VERS_TLS_1_2
   && TLSProxy::Proxy->is_tls13(),
   "TLS1.4 in supported versions extension");