From cbbee3a581d0bbf1b738c0805da55a438c265a20 Mon Sep 17 00:00:00 2001
From: Xin LI <delphij@FreeBSD.org>
Date: Tue, 7 Jan 2014 19:02:08 +0000
Subject: Import vendor fixes:

197e0ea	Fix for TLS record tampering bug.  (CVE-2013-4353).
3462896	For DTLS we might need to retransmit messages from the
	previous session so keep a copy of write context in DTLS
	retransmission buffers instead of replacing it after
	sending CCS.  (CVE-2013-6450).
ca98926 When deciding whether to use TLS 1.2 PRF and record hash
	algorithms use the version number in the corresponding
	SSL_METHOD structure instead of the SSL structure.  The
	SSL structure version is sometimes inaccurate.
	Note: OpenSSL 1.0.2 and later effectively do this already.
	(CVE-2013-6449).
---
 ssl/s3_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'ssl/s3_lib.c')

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index e7c5dcb809f9..3291e3d8e297 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -4274,7 +4274,7 @@ need to go to SSL_ST_ACCEPT.
 long ssl_get_algorithm2(SSL *s)
 	{
 	long alg2 = s->s3->tmp.new_cipher->algorithm2;
-	if (TLS1_get_version(s) >= TLS1_2_VERSION &&
+	if (s->method->version == TLS1_2_VERSION &&
 	    alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
 		return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
 	return alg2;
-- 
cgit v1.2.3