Don't switch s->version on record-layer version mismatch.

At this point, has_version has been set and we may even have a non-null cipher. Trying to assign meaning to the record-layer version number is not worth making s->version's semantics even more complicated. Change-Id: Ia1cf341cf7306eb48d2d11241316dc2116306968 Reviewed-on: https://boringssl-review.googlesource.com/4237 Reviewed-by: Adam Langley <agl@google.com>
9 yıl önce · bc746e3e9c
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -317,10 +317,6 @@ again:

    if (s->s3->have_version && version != s->version) {
      OPENSSL_PUT_ERROR(SSL, ssl3_get_record, SSL_R_WRONG_VERSION_NUMBER);
      if ((s->version & 0xFF00) == (version & 0xFF00)) {
        /* Send back error using their minor version number. */
        s->version = (unsigned short)version;
      }
      al = SSL_AD_PROTOCOL_VERSION;
      goto f_err;
    }