Use TLS version supplied by client when fingerprinting Safari.
authorRob Stradling <rob@comodo.com>
Tue, 10 Sep 2013 10:03:29 +0000 (11:03 +0100)
committerBen Laurie <ben@links.org>
Mon, 16 Sep 2013 14:07:52 +0000 (15:07 +0100)
ssl/t1_lib.c

index 4afc3a258b21ec43b27341a9d9dbc743cf640a42..f671d1d9c321e8b5edc542ca8e82cd744926e9c7 100644 (file)
@@ -923,7 +923,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, const unsign
                return;
        data += size;
 
-       if (TLS1_get_version(s) >= TLS1_2_VERSION)
+       if (TLS1_get_client_version(s) >= TLS1_2_VERSION)
                {
                const size_t len1 = sizeof(kSafariExtensionsBlock);
                const size_t len2 = sizeof(kSafariTLS12ExtensionsBlock);