From: Mats Klepsland <mats.klepsland@gmail.com>
Date: Mon, 29 Oct 2018 19:30:41 +0000 (+0100)
Subject: app-layer-ssl: handle all versions above TLSv1.2 as TLSv1.3
X-Git-Tag: suricata-4.1.0~49
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ee1de4c812e580993347d2a976a68e4a2e8bdda5;p=thirdparty%2Fsuricata.git

app-layer-ssl: handle all versions above TLSv1.2 as TLSv1.3

This makes it more likely to log custom versions of TLSv1.3 that
doesn't comply with the draft version numbering.
---

diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c
index a3f3c5061f..f46873bcb2 100644
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -946,7 +946,7 @@ static inline int TLSDecodeHSHelloExtensionSupportedVersions(SSLState *ssl_state
         uint16_t ver = *input << 8 | *(input + 1);
 
         if ((ssl_state->flags & SSL_AL_FLAG_CH_VERSION_EXTENSION) &&
-            ((ver == TLS_VERSION_13) || (((ver >> 8) & 0xff) == 0x7f))) {
+                (ver > TLS_VERSION_12)) {
             ssl_state->flags |= SSL_AL_FLAG_LOG_WITHOUT_CERT;
         }