commit aa695be98300c7dc7a353ed1e83b310e8465db07
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Fri Apr 10 14:12:14 2015 +0200
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Fri Apr 10 14:12:14 2015 +0200
tree e6ecb6ce851eefd487e4e37c1c0f8f1dedc334ce
parent 9b4c5d9f21bbd8040a0df1dae2ec4342cdb1b904

Fix version-major intolerance again

This time doing minimal changes to avoid introducing other issues.

library/ssl_srv.c

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 249b5a1..cd9802a 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -438,15 +438,20 @@
                    buf[1], buf[2] ) );
 
     /*
-     * SSLv3 Client Hello
+     * SSLv3/TLS Client Hello
      *
      * Record layer:
      *     0  .   0   message type
      *     1  .   2   protocol version
      *     3  .   4   message length
      */
+
+    /* According to RFC 5246 Appendix E.1, the version here is typically
+     * "{03,00}, the lowest version number supported by the client, [or] the
+     * value of ClientHello.client_version", so the only meaningful check here
+     * is the major version shouldn't be less than 3 */
     if( buf[0] != SSL_MSG_HANDSHAKE ||
-        buf[1] != SSL_MAJOR_VERSION_3 )
+        buf[1] < SSL_MAJOR_VERSION_3 )
     {
         SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
         return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
@@ -503,7 +508,7 @@
      * Check the handshake type and protocol version
      */
     if( buf[0] != SSL_HS_CLIENT_HELLO ||
-        buf[4] != SSL_MAJOR_VERSION_3 )
+        buf[4] < SSL_MAJOR_VERSION_3 )
     {
         SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
         return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );