Use TLS version supplied by client when fingerprinting Safari.

author Rob Stradling <rob@comodo.com>

Tue, 10 Sep 2013 10:46:42 +0000 (11:46 +0100)

committer Ben Laurie <ben@links.org>

Mon, 16 Sep 2013 13:03:21 +0000 (14:03 +0100)
author Rob Stradling <rob@comodo.com>
Tue, 10 Sep 2013 10:46:42 +0000 (11:46 +0100)
committer Ben Laurie <ben@links.org>
Mon, 16 Sep 2013 13:03:21 +0000 (14:03 +0100)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c

index 1992b918b3b7aca70455ab5e3ee70aaa9c3e6f44..a240587eecbd40ccea5e07f33c2ea14d717f369c 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1819,7 +1819,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, const unsign
                 return;
         data += size;
  
                 return;
         data += size;
  
-       if (TLS1_get_version(s) >= TLS1_2_VERSION)
+       if (TLS1_get_client_version(s) >= TLS1_2_VERSION)
                 {
                 const size_t len1 = sizeof(kSafariExtensionsBlock);
                 const size_t len2 = sizeof(kSafariTLS12ExtensionsBlock);
                 {
                 const size_t len1 = sizeof(kSafariExtensionsBlock);
                 const size_t len2 = sizeof(kSafariTLS12ExtensionsBlock);
author	Rob Stradling <rob@comodo.com>
	Tue, 10 Sep 2013 10:46:42 +0000 (11:46 +0100)
committer	Ben Laurie <ben@links.org>
	Mon, 16 Sep 2013 13:03:21 +0000 (14:03 +0100)