if (version != s->version)
{
SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
- /* Send back error using their
- * version number :-) */
- s->version=version;
+ if ((s->version & 0xFF00) == (version & 0xFF00))
+ /* Send back error using their minor version number :-) */
+ s->version = (unsigned short)version;
al=SSL_AD_PROTOCOL_VERSION;
goto f_err;
}
#else
s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
#endif
+ s->renegotiate=1;
s->new_session=1;
}
i=s->handshake_func(s);
int ssl3_do_change_cipher_spec(SSL *s)
{
int i;
+#ifdef OPENSSL_NO_NPN
const char *sender;
int slen;
+#endif
if (s->state & SSL_ST_ACCEPT)
i=SSL3_CHANGE_CIPHER_SERVER_READ;
if (!s->method->ssl3_enc->change_cipher_state(s,i))
return(0);
+#ifdef OPENSSL_NO_NPN
/* we have to record the message digest at
* this point so we can get it before we read
* the finished message */
s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
sender,slen,s->s3->tmp.peer_finish_md);
+#endif
return(1);
}