From 1a19505e760462a3923418fad3d6612a6f52fe7c Mon Sep 17 00:00:00 2001
From: cameronrich <cameronrich@9a5d90b5-6617-0410-8a86-bb477d3ed2e3>
Date: Thu, 28 Apr 2011 23:49:17 +0000
Subject: [PATCH] Fix for version (take 2)

git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@206 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
---
 ssl/tls1_svr.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/ssl/tls1_svr.c b/ssl/tls1_svr.c
index de6f4898a..13305332c 100644
--- a/ssl/tls1_svr.c
+++ b/ssl/tls1_svr.c
@@ -122,19 +122,18 @@ static int process_client_hello(SSL *ssl)
     int i, j, cs_len, id_len, offset = 6 + SSL_RANDOM_SIZE;
     int ret = SSL_OK;
     
-    /* should be v3.1 (TLSv1) or better - we'll send in v3.1 mode anyway */
     uint8_t version = (record_buf[1] << 4) + record_buf[2];
+    ssl->version = ssl->client_version = version;
 
     if (version > SSL_PROTOCOL_VERSION)
-        version = SSL_PROTOCOL_VERSION;
-    else if (version < SSL_PROTOCOL_MIN_VERSION) 
+        ssl->version = SSL_PROTOCOL_VERSION; /* use client's version */
+    else if (version < SSL_PROTOCOL_MIN_VERSION)  /* old version supported? */
     {
         ret = SSL_ERROR_INVALID_VERSION;
         ssl_display_error(ret);
         goto error;
     }
 
-    ssl->version = ssl->client_version = version;
     memcpy(ssl->dc->client_random, &buf[6], SSL_RANDOM_SIZE);
 
     /* process the session id */