Remove redundant logic for DTLS server version selection

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22989)

diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index b0f700dda40f1ad919fd96561758b290538037ba..da77c16e6b288bdf58beb10939a4fe09e22d3206 100644 (file)
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1734,16 +1734,9 @@ static int tls_early_post_process_client_hello(SSL_CONNECTION *s)
         /* SSLv3/TLS */
         s->client_version = clienthello->legacy_version;
     }
-    /*
-     * Do SSL/TLS version negotiation if applicable.
-     */
-    if (SSL_CONNECTION_IS_DTLS(s)
-            && ssl->method->version != DTLS_ANY_VERSION
-            && DTLS_VERSION_LT((int)clienthello->legacy_version, s->version)) {
-        protverr = SSL_R_VERSION_TOO_LOW;
-    } else {
-        protverr = ssl_choose_server_version(s, clienthello, &dgrd);
-    }
+
+    /* Choose the server SSL/TLS/DTLS version. */
+    protverr = ssl_choose_server_version(s, clienthello, &dgrd);
 
     if (protverr) {
         if (SSL_IS_FIRST_HANDSHAKE(s)) {