diff options
Diffstat (limited to 'ssl/s23_clnt.c')
| -rw-r--r-- | ssl/s23_clnt.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c index 13412f26aa..76f1057b5b 100644 --- a/ssl/s23_clnt.c +++ b/ssl/s23_clnt.c @@ -523,8 +523,13 @@ static int ssl23_client_hello(SSL *s) d=buf; *(d++) = SSL3_RT_HANDSHAKE; *(d++) = version_major; - *(d++) = version_minor; /* arguably we should send the *lowest* suported version here - * (indicating, e.g., TLS 1.0 in "SSL 3.0 format") */ + /* Some servers hang if we use long client hellos + * and a record number > TLS 1.0. + */ + if (TLS1_get_client_version(s) > TLS1_VERSION) + *(d++) = 1; + else + *(d++) = version_minor; s2n((int)l,d); /* number of bytes to write */ |