From df2886ed07a1e1c3836a230119c67d5fc0aec798 Mon Sep 17 00:00:00 2001
From: cameronrich <cameronrich@9a5d90b5-6617-0410-8a86-bb477d3ed2e3>
Date: Thu, 30 Nov 2006 05:56:15 +0000
Subject: [PATCH] fixed possible future version bug

git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@45 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
---
 ssl/tls1.c | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

diff --git a/ssl/tls1.c b/ssl/tls1.c
index 7e76e5a75..219423518 100644
--- a/ssl/tls1.c
+++ b/ssl/tls1.c
@@ -1168,17 +1168,12 @@ int basic_read(SSL *ssl, uint8_t **in_data)
         version = (buf[1] << 4) + buf[2];
         ssl->need_bytes = (buf[3] << 8) + buf[4];
 
-        /* should be 3.1 (TLSv1) */
-        if (version != 0x31) 
+        /* should be v3.1 (TLSv1) or better - we'll send in v3.1 mode anyway */
+        if (version < 0x31) 
         {
-            /* if we are talking to a client that talks v3.2, then we'll wear
-             * it - we'll respond in v3.1 mode anyway. */
-            if (version < 0x31 || !IS_SET_SSL_FLAG(SSL_IS_CLIENT))
-            {
-                ret = SSL_ERROR_INVALID_VERSION;
-                ssl_display_error(ret);
-                goto error;
-            }
+            ret = SSL_ERROR_INVALID_VERSION;
+            ssl_display_error(ret);
+            goto error;
         }
 
         CLR_SSL_FLAG(SSL_NEED_RECORD);