Tweak the comment regarding record version check with respect to TLSv1.3
authorMatt Caswell <matt@openssl.org>
Mon, 16 Oct 2017 10:19:03 +0000 (11:19 +0100)
committerMatt Caswell <matt@openssl.org>
Mon, 16 Oct 2017 14:52:19 +0000 (15:52 +0100)
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4527)

ssl/record/ssl3_record.c

index e17b2f0..518e7a8 100644 (file)
@@ -272,9 +272,10 @@ int ssl3_get_record(SSL *s)
                 thisrr->rec_version = version;
 
                 /*
-                 * Lets check version. In TLSv1.3 we ignore this field. For an
-                 * HRR we haven't actually selected TLSv1.3 yet, but we still
-                 * treat it as TLSv1.3, so we must check for that explicitly
+                 * Lets check version. In TLSv1.3 we ignore this field. For the
+                 * ServerHello after an HRR we haven't actually selected TLSv1.3
+                 * yet, but we still treat it as TLSv1.3, so we must check for
+                 * that explicitly
                  */
                 if (!s->first_packet && !SSL_IS_TLS13(s)
                         && !s->hello_retry_request