Allow different protocol version when trying to reuse a session

We now send the highest supported version by the client, even if the session uses an older version. This fixes 2 problems: - When you try to reuse a session but the other side doesn't reuse it and uses a different protocol version the connection will fail. - When you're trying to reuse a session with an old version you might be stuck trying to reuse the old version while both sides support a newer version Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> GH: #852, MR: #2452
author: Fedor Indutny <fedor@indutny.com> 2016-03-11 17:44:01 +0300
committer: Kurt Roeckx <kurt@roeckx.be> 2016-03-27 23:58:50 +0200
commit: ccae4a1582efcad311d095a8e6832b2b67d5ed05 (patch)
tree: a07c60e09166c40dcd6142f4c37888cb570f6ef1 /ssl/ssl_err.c
parent: ce84456ddf4e57c18a84858755b8b90c183a270e (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 88f6c73cfe..d0cadc60f0 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -634,6 +634,8 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
      "ssl session id context too long"},
     {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH),
      "ssl session id has bad length"},
+    {ERR_REASON(SSL_R_SSL_SESSION_VERSION_MISMATCH),
+     "ssl session version mismatch"},
     {ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER),
      "tls client cert req with anon cipher"},
     {ERR_REASON(SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT),
author	Fedor Indutny <fedor@indutny.com>	2016-03-11 17:44:01 +0300
committer	Kurt Roeckx <kurt@roeckx.be>	2016-03-27 23:58:50 +0200
commit	ccae4a1582efcad311d095a8e6832b2b67d5ed05 (patch)
tree	a07c60e09166c40dcd6142f4c37888cb570f6ef1 /ssl/ssl_err.c
parent	ce84456ddf4e57c18a84858755b8b90c183a270e (diff)