kris/th5
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

crypto/tls: use negotiated version for fallback check

Browse Source 
BoGo: FallbackSCSV-VersionMatch-TLS13
This commit is contained in:
Filippo Valsorda 2017-01-16 12:50:54 +00:00 committed by Peter Wu
parent ed06c77b1d
commit 58aab36b6e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
handshake_server.go
View File

@ -350,7 +350,7 @@ Curves:
for _, id := range hs.clientHello.cipherSuites { for _, id := range hs.clientHello.cipherSuites {
if id == TLS_FALLBACK_SCSV { if id == TLS_FALLBACK_SCSV {
// The client is doing a fallback connection. // The client is doing a fallback connection.
if hs.clientHello.vers < c.config.maxVersion() { if c.vers < c.config.maxVersion() {
c.sendAlert(alertInappropriateFallback) c.sendAlert(alertInappropriateFallback)
return false, errors.New("tls: client using inappropriate protocol fallback") return false, errors.New("tls: client using inappropriate protocol fallback")
} }