use TLS1_get_version macro to check version so TLS v1.2 changes don't interfere with...

[openssl.git] / ssl / s3_lib.c

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index b147935dc980c0caf505174fbccc7fd26af9fc1c..028e996f5aa4c431d2fe396518ad8f8dd48273a2 100644 (file)
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3780,7 +3780,7 @@ need to go to SSL_ST_ACCEPT.
 long ssl_get_algorithm2(SSL *s)
        {
        long alg2 = s->s3->tmp.new_cipher->algorithm2;
-       if (s->version >= TLS1_2_VERSION &&
+       if (TLS1_get_version(s) >= TLS1_2_VERSION &&
            alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
                return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
        return alg2;