ssl2_compat = 0;
if (s->tlsext_status_type != -1)
ssl2_compat = 0;
- if (!(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
- ssl2_compat = 0;
-
#ifdef TLSEXT_TYPE_opaque_prf_input
if (s->ctx->tlsext_opaque_prf_input_callback != 0 || s->tlsext_opaque_prf_input != NULL)
ssl2_compat = 0;
#endif
}
else if (p[1] == SSL3_VERSION_MAJOR &&
- (p[2] >= SSL3_VERSION_MINOR && p[2] <= TLS1_1_VERSION_MINOR) &&
+ p[2] <= TLS1_1_VERSION_MINOR &&
((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
(p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2)))
{