On Thu, Nov 05, 2015 at 01:59:30PM +0100, Lukas Tribus wrote:
> The initial record layer version in a SSL handshake may be set to TLSv1.0
> or similar for compatibility reasons, this is allowed as per RFC5246
> Appendix E.1 [1]. Some implementations are Openssl [2] and NSS [3].
>
> A related issue has been fixed some time ago in commit 57d229747
> ("BUG/MINOR: acl: req_ssl_sni fails with SSLv3 record version").
>
> Fix this by using the real client hello version instead of the record
> layer version.
>
> This was reported by Julien Vehent and analyzed by Cyril Bonté.
> The initial patch is from Julien Vehent as well.
>
> This should be backported to stable series, the req_ssl_ver keyword was
> first introduced in 1.3.16.
Thanks Lukas, applied to 1.7, 1.6, 1.5 and 1.4. For 1.3 there might be
other patches pending so this one will get there at the same time.
(...)
> Regarding the code comments, I think you mixed the 2 versions up:
> record layer version number (TLSPlaintext.version) is the 'envelope's
> version' (we are currently returning this version in req_ssl_ver)
Oh yes, I wrote without knowing the names, so that you got the idea.
> client hello client version (ClientHello.client_version - this
> path makes sure we return this version in req_ssl_ver)
Thanks for clarifying and correcting me :-)
Willy
