From 10f99d7b774a491242db82287eeb1bfc04c4c419 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Tue, 8 Dec 2009 13:15:12 +0000
Subject: Add support for magic cipher suite value (MCSV). Make secure
 renegotiation work in SSLv3: initial handshake has no extensions but includes
 MCSV, if server indicates RI support then renegotiation handshakes include
 RI.

NB: current MCSV value is bogus for testing only, will be updated when we
have an official value.

Change mismatch alerts to handshake_failure as required by spec.

Also have some debugging fprintfs so we can clearly see what is going on
if OPENSSL_RI_DEBUG is set.
---
 ssl/s3_srvr.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'ssl/s3_srvr.c')

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 77d7d878e3..5c74f1750b 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1015,7 +1015,7 @@ int ssl3_get_client_hello(SSL *s)
 
 #ifndef OPENSSL_NO_TLSEXT
 	/* TLS extensions*/
-	if (s->version > SSL3_VERSION)
+	if (s->version >= SSL3_VERSION)
 		{
 		if (!ssl_parse_clienthello_tlsext(s,&p,d,n, &al))
 			{
-- 
cgit v1.2.3-70-g09d2