From 230ec17d745d99fa37973bda8654031d90e88c02 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Tue, 18 Dec 2012 13:25:47 +0000
Subject: [PATCH 1/1] Use client version when deciding which cipher suites to
 disable.

---
 ssl/t1_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index e0f3425c5a..1d336c2149 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -967,7 +967,7 @@ void ssl_set_client_disabled(SSL *s)
 	c->mask_a = 0;
 	c->mask_k = 0;
 	/* If less than TLS 1.2 don't allow TLS 1.2 only ciphers */
-	if (TLS1_get_version(s) < TLS1_2_VERSION)
+	if (TLS1_get_client_version(s) < TLS1_2_VERSION)
 		c->mask_ssl = SSL_TLSV1_2;
 	else
 		c->mask_ssl = 0;
-- 
2.34.1