diff options
author | lloyd <[email protected]> | 2010-03-30 13:48:57 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2010-03-30 13:48:57 +0000 |
commit | 9378baca4d4b2eb1f8d36177ada4dfc4015d46e8 (patch) | |
tree | f73124ff03ecd8da06dc0994fb24e17f10d34554 | |
parent | 0aca16849d1fa72597b1a05c69f858d31c152200 (diff) |
Don't fail simply because the client sent a version code that we don't
know about; just continue and the server will choose either whatever
the client supports, if it knows about it, or else the latest version
it supports. So for instance if a client attempts to negotiate TLS
1.2, we'll not know about that version and return a ServerHello for
1.1 instead.
-rw-r--r-- | src/ssl/hello.cpp | 6 |
1 files changed, 0 insertions, 6 deletions
diff --git a/src/ssl/hello.cpp b/src/ssl/hello.cpp index 28574ad6c..413215eb2 100644 --- a/src/ssl/hello.cpp +++ b/src/ssl/hello.cpp @@ -118,12 +118,6 @@ void Client_Hello::deserialize(const MemoryRegion<byte>& buf) throw Decoding_Error("Client_Hello: Packet corrupted"); c_version = static_cast<Version_Code>(make_u16bit(buf[0], buf[1])); - - if(c_version != SSL_V3 && c_version != TLS_V10 && c_version != TLS_V11) - { - throw TLS_Exception(PROTOCOL_VERSION, "Client_Hello: Bad version code"); - } - c_random.set(buf + 2, 32); u32bit session_id_len = buf[34]; |