From 86a477f5ee7371560460d780aa26930ea7f8ef87 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Fri, 18 Feb 2022 17:45:10 +0100
Subject: [PATCH] ssl_client.c: Adapt initial version selection to TLS 1.2 case

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 library/ssl_client.c | 27 +++++++++++++++++++++++----
 library/ssl_misc.h   |  3 +++
 2 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/library/ssl_client.c b/library/ssl_client.c
index 90e9438c7e..8ab53b5e8d 100644
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@@ -218,10 +218,6 @@ static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl,
 
     *out_len = 0;
 
-    /* No validation needed here. It has been done by ssl_conf_check() */
-    ssl->major_ver = ssl->conf->min_major_ver;
-    ssl->minor_ver = ssl->conf->min_minor_ver;
-
     /*
      * Write legacy_version
      *    ProtocolVersion legacy_version = 0x0303;    // TLS v1.2
@@ -359,6 +355,29 @@ static int ssl_prepare_client_hello( mbedtls_ssl_context *ssl )
         return( MBEDTLS_ERR_SSL_NO_RNG );
     }
 
+    /* Bet on the highest configured version if we are not in a TLS 1.2
+     * renegotiation or session resumption.
+     */
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
+        ssl->handshake->min_minor_ver = ssl->minor_ver;
+    else
+#endif
+    {
+        ssl->major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
+
+        if( ssl->handshake->resume )
+        {
+             ssl->minor_ver = ssl->session_negotiate->minor_ver;
+             ssl->handshake->min_minor_ver = ssl->minor_ver;
+        }
+        else
+        {
+             ssl->minor_ver = ssl->conf->max_minor_ver;
+             ssl->handshake->min_minor_ver = ssl->conf->min_minor_ver;
+        }
+    }
+
     if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng,
                                   ssl->handshake->randbytes,
                                   MBEDTLS_CLIENT_HELLO_RANDOM_LEN ) ) != 0 )
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 4731020c2a..f3f5f8df55 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -542,6 +542,9 @@ struct mbedtls_ssl_handshake_params
     uint8_t resume;                     /*!<  session resume indicator*/
     uint8_t cli_exts;                   /*!< client extension presence*/
 
+    /*!< Minimum minor version to be negotiated. */
+    unsigned char min_minor_ver;
+
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
     uint8_t sni_authmode;               /*!< authmode from SNI callback     */
 #endif