From 43433b3852e4f9de68af70e52f59e31a898262d6 Mon Sep 17 00:00:00 2001
From: Rob Stradling <rob@comodo.com>
Date: Tue, 10 Sep 2013 12:43:33 +0100
Subject: Use TLS version supplied by client when fingerprinting Safari.

---
 ssl/t1_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 621b214b7b..98e86bff98 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -401,7 +401,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, const unsign
 		return;
 	data += size;
 
-	if (TLS1_get_version(s) >= TLS1_2_VERSION)
+	if (TLS1_get_client_version(s) >= TLS1_2_VERSION)
 		{
 		const size_t len1 = sizeof(kSafariExtensionsBlock);
 		const size_t len2 = sizeof(kSafariTLS12ExtensionsBlock);
-- 
cgit v1.2.3