X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fstatem%2Fextensions_srvr.c;fp=ssl%2Fstatem%2Fextensions_srvr.c;h=27ddef9aaf0c2f1fe8194eb11bfbec6d2092bec2;hp=3a0fee6ebc508d203f3a911c891f450a653a79d7;hb=9d2d857f135abd281591ee0c2b58e01a710c3cea;hpb=82ec09ec6d4e35ef359a7cb22c0cb46662f18155

diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 3a0fee6ebc..27ddef9aaf 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -1424,6 +1424,7 @@ EXT_RETURN tls_construct_stoc_supported_groups(SSL *s, WPACKET *pkt,
 {
     const uint16_t *groups;
     size_t numgroups, i, first = 1;
+    int version;
 
     /* s->s3.group_id is non zero if we accepted a key_share */
     if (s->s3.group_id == 0)
@@ -1438,10 +1439,11 @@ EXT_RETURN tls_construct_stoc_supported_groups(SSL *s, WPACKET *pkt,
     }
 
     /* Copy group ID if supported */
+    version = SSL_version(s);
     for (i = 0; i < numgroups; i++) {
         uint16_t group = groups[i];
 
-        if (tls_valid_group(s, group, SSL_version(s))
+        if (tls_valid_group(s, group, version, version)
                 && tls_group_allowed(s, group, SSL_SECOP_CURVE_SUPPORTED)) {
             if (first) {
                 /*