crypto/tls: use negotiated version for fallback check
BoGo: FallbackSCSV-VersionMatch-TLS13
This commit is contained in:
parent
ed06c77b1d
commit
58aab36b6e
@ -350,7 +350,7 @@ Curves:
|
||||
for _, id := range hs.clientHello.cipherSuites {
|
||||
if id == TLS_FALLBACK_SCSV {
|
||||
// The client is doing a fallback connection.
|
||||
if hs.clientHello.vers < c.config.maxVersion() {
|
||||
if c.vers < c.config.maxVersion() {
|
||||
c.sendAlert(alertInappropriateFallback)
|
||||
return false, errors.New("tls: client using inappropriate protocol fallback")
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user