From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat, 21 Feb 2015 10:46:13 +0000 (+0100)
Subject: corrected check which prevented client to sent an unacceptable for the version cipher... 
X-Git-Tag: gnutls_3_4_0~289
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2fec78ba96348d960ee13aa33bb4aa376e5f3ed3;p=thirdparty%2Fgnutls.git

corrected check which prevented client to sent an unacceptable for the version ciphersuite
---

diff --git a/lib/algorithms/ciphersuites.c b/lib/algorithms/ciphersuites.c
index 133a28aa2f..ef8fcfaf94 100644
--- a/lib/algorithms/ciphersuites.c
+++ b/lib/algorithms/ciphersuites.c
@@ -1515,17 +1515,18 @@ _gnutls_supported_ciphersuites(gnutls_session_t session,
 				if (ce == NULL)
 					continue;
 
-				if (is_dtls == 0
-				    && !(version->id >= ce->min_version))
-					continue;
-				else if (is_dtls != 0
-					 && !(version->id >=
-					      ce->min_dtls_version))
-
-					if (k + 2 > max_cipher_suite_size)
-						return
-						    gnutls_assert_val
-						    (GNUTLS_E_INTERNAL_ERROR);
+				if (is_dtls) {
+					if (version->id < ce->min_dtls_version)
+						continue;
+				} else {
+					if (version->id < ce->min_version)
+						continue;
+				}
+
+				if (k + 2 > max_cipher_suite_size)
+					return
+					    gnutls_assert_val
+					    (GNUTLS_E_INTERNAL_ERROR);
 
 				memcpy(&cipher_suites[k], ce->id, 2);
 				k += 2;