Address some supported_versions review comments Added some TODOs, refactored a couple of things and added a SSL_IS_TLS13() macro. Reviewed-by: Rich Salz <rsalz@openssl.org>

commit: f2342b7ac3c3fe5914235a692c22db1dae316af4 [log] [tgz]
author: Matt Caswell <matt@openssl.org> Wed Nov 09 14:43:05 2016 +0000
committer: Matt Caswell <matt@openssl.org> Wed Nov 09 16:03:09 2016 +0000
tree: cea143d252bfea08ab911b8cb35c2b630728d585
parent: 60e3b3c5506997084352710cd78c4723642936c4 [diff] [blame]
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index de941b7..e79c37e 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c

@@ -1371,7 +1371,7 @@
         return 0;
     }
 
-    if (!SSL_IS_DTLS(s) && s->version >= TLS1_3_VERSION) {
+    if (SSL_IS_TLS13(s)) {
         int min_version, max_version, reason, currv;
         if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_supported_versions)
                 || !WPACKET_start_sub_packet_u16(pkt)
@@ -1384,6 +1384,11 @@
             SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, reason);
             return 0;
         }
+        /*
+         * TODO(TLS1.3): There is some discussion on the TLS list as to wheter
+         * we should include versions <TLS1.2. For the moment we do. To be
+         * reviewed later.
+         */
         for (currv = max_version; currv >= min_version; currv--) {
             /* TODO(TLS1.3): Remove this first if clause prior to release!! */
             if (currv == TLS1_3_VERSION) {
commit	f2342b7ac3c3fe5914235a692c22db1dae316af4	[log] [tgz]
author	Matt Caswell <matt@openssl.org>	Wed Nov 09 14:43:05 2016 +0000
committer	Matt Caswell <matt@openssl.org>	Wed Nov 09 16:03:09 2016 +0000
tree	cea143d252bfea08ab911b8cb35c2b630728d585
parent	60e3b3c5506997084352710cd78c4723642936c4 [diff] [blame]