ssl_tls.c: Fix ciphersuite selection regarding protocol version Use the actual minimum and maximum of the minor version to be negotiated to filter ciphersuites to propose rather than the ones from the configuration. Signed-off-by: Ronald Cron <ronald.cron@arm.com>

commit: f735cf1f0fc3df98957b52cbd9ef6d512b6f34eb [log] [tgz]
author: Ronald Cron <ronald.cron@arm.com> Wed Mar 30 19:51:43 2022 +0200
committer: Ronald Cron <ronald.cron@arm.com> Thu Mar 31 09:35:33 2022 +0200
tree: 47220784bcb01afcca5491ac23419a3c27210c5d
parent: 9847338429cac3aba17d919bbd53d8d0d2c21fae [diff] [blame]
diff --git a/library/ssl_client.c b/library/ssl_client.c
index d9fd375..610e6a4 100644
--- a/library/ssl_client.c
+++ b/library/ssl_client.c

@@ -431,9 +431,11 @@
     if( suite_info == NULL )
         return( 1 );
 
-    if( ( suite_info->min_minor_ver > ssl->conf->max_minor_ver ) ||
-        ( suite_info->max_minor_ver < ssl->conf->min_minor_ver ) )
+    if( ( suite_info->min_minor_ver > ssl->minor_ver ) ||
+        ( suite_info->max_minor_ver < ssl->handshake->min_minor_ver ) )
+    {
         return( 1 );
+    }
 
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
commit	f735cf1f0fc3df98957b52cbd9ef6d512b6f34eb	[log] [tgz]
author	Ronald Cron <ronald.cron@arm.com>	Wed Mar 30 19:51:43 2022 +0200
committer	Ronald Cron <ronald.cron@arm.com>	Thu Mar 31 09:35:33 2022 +0200
tree	47220784bcb01afcca5491ac23419a3c27210c5d
parent	9847338429cac3aba17d919bbd53d8d0d2c21fae [diff] [blame]