Use ClientHello.legacy_version for the RSA pre-master no matter what

[openssl.git] / ssl / ssl_locl.h

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index d269595f6a9e0c011d9f95c6d341bf27f0d9efc0..e909cadf5a79be0e2367be1c4ae3f0ecc6e801a3 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1020,7 +1020,10 @@ struct ssl_st {
     int max_proto_version;
     size_t max_cert_list;
     int first_packet;
-    /* what was passed, used for SSLv3/TLS rollback check */
+    /*
+     * What was passed in ClientHello.legacy_version. Used for RSA pre-master
+     * secret and SSLv3/TLS (<=1.2) rollback check
+     */
     int client_version;
     /*
      * If we're using more than one pipeline how should we divide the data