server must NOT send version prior to TLS1.3 in supported_versions (#119)

As per 4.2.1, client must abort with illegal_parameter in case it gets version 0x0303 or older in supported_versions extensions
6 anni fa · e77e39e7aa
--- a/handshake_messages.go
+++ b/handshake_messages.go
@@ -1098,7 +1098,11 @@ func (m *serverHelloMsg) unmarshal(data []byte) alert {
 		if m.vers != VersionTLS12 {
 			return alertDecodeError
 		}
 		m.vers = uint16(svData[0])<<8 | uint16(svData[1])
 		rcvVer := binary.BigEndian.Uint16(svData[0:])
 		if rcvVer < VersionTLS13 {
 			return alertIllegalParameter
 		}
 		m.vers = rcvVer
 	}

 	for len(data) != 0 {