Fix renegotiation check that was added in #24161

Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #22275)
openssl · May 10, 2024 · 19e072e · 19e072e
1 parent 78bbf9a
commit 19e072e
Showing 1 changed file with 8 additions and 9 deletions.
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
@@ -17,16 +17,15 @@ EXT_RETURN tls_construct_ctos_renegotiate(SSL_CONNECTION *s, WPACKET *pkt,
                                           size_t chainidx)
 {
     if (!s->renegotiate) {
-        /* If not renegotiating, send an empty RI extension to indicate support */
-
-#if DTLS_MAX_VERSION_INTERNAL != DTLS1_2_VERSION
-# error Internal DTLS version error
-#endif
+        const int version1_3 = SSL_CONNECTION_IS_DTLS(s) ? DTLS1_3_VERSION
+                                                         : TLS1_3_VERSION;
 
-        if (!SSL_CONNECTION_IS_DTLS(s)
-            && (s->min_proto_version >= TLS1_3_VERSION
-                || (ssl_security(s, SSL_SECOP_VERSION, 0, TLS1_VERSION, NULL)
-                    && s->min_proto_version <= TLS1_VERSION))) {
+        /* If not renegotiating, send an empty RI extension to indicate support */
+        if ((s->min_proto_version != 0
+                && ssl_version_cmp(s, s->min_proto_version, version1_3) >= 0)
+            || (!SSL_CONNECTION_IS_DTLS(s)
+                && ssl_security(s, SSL_SECOP_VERSION, 0, TLS1_VERSION, NULL)
+                && s->min_proto_version <= TLS1_VERSION)) {
             /*
              * For TLS <= 1.0 SCSV is used instead, and for TLS 1.3 this
              * extension isn't used at all.