Report TLS 1.0 as backwards-compatible TLSv1

The TLSv1.0 form is retained for reporting the first protocol version that supports a given cupher. Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Viktor Dukhovni <openssl-users@dukhovni.org> 2016-03-16 20:47:52 -0400
committer: Viktor Dukhovni <openssl-users@dukhovni.org> 2016-03-17 15:38:48 -0400
commit: ee3a6c646ff8ea6b9ada5a58f4a0e7c9b7be944b (patch)
tree: 1b1f946f3d4b65f4c0bf41479f7cbfa7b82b7a40 /ssl
parent: 23d38992fca13773291ca647220707bfb0636361 (diff)
2 files changed, 8 insertions, 1 deletions
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index aaeeb8da27..c62b1935b6 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1822,6 +1822,13 @@ const char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
 {
     if (c == NULL)
         return "(NONE)";
+
+    /*
+     * Backwards-compatibility crutch.  In almost all contexts we report TLS
+     * 1.0 as "TLSv1", but for ciphers we report "TLSv1.0".
+     */
+    if (c->min_tls == TLS1_VERSION)
+        return "TLSv1.0";
     return ssl_protocol_to_string(c->min_tls);
 }
 
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index cec3fc27f2..87e3dfad67 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3067,7 +3067,7 @@ const char *ssl_protocol_to_string(int version)
     else if (version == TLS1_1_VERSION)
         return "TLSv1.1";
     else if (version == TLS1_VERSION)
-        return "TLSv1.0";
+        return "TLSv1";
     else if (version == SSL3_VERSION)
         return "SSLv3";
     else if (version == DTLS1_BAD_VER)
author	Viktor Dukhovni <openssl-users@dukhovni.org>	2016-03-16 20:47:52 -0400
committer	Viktor Dukhovni <openssl-users@dukhovni.org>	2016-03-17 15:38:48 -0400
commit	ee3a6c646ff8ea6b9ada5a58f4a0e7c9b7be944b (patch)
tree	1b1f946f3d4b65f4c0bf41479f7cbfa7b82b7a40 /ssl
parent	23d38992fca13773291ca647220707bfb0636361 (diff)