Removed setting of client/server versions

aws · Apr 1, 2024 · 1585dbf · 1585dbf
1 parent 87a9a5e
commit 1585dbf
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 15 deletions.
diff --git a/tls/s2n_connection.c b/tls/s2n_connection.c
@@ -998,12 +998,6 @@ int s2n_connection_get_client_protocol_version(struct s2n_connection *conn)
 {
     POSIX_ENSURE_REF(conn);
 
-    /* The client protocol version isn't saved in the serialization process. Therefore
-     * we return an unknown protocol value to avoid misleading the user about the client. */
-    if (conn->deserialized_conn) {
-        return S2N_UNKNOWN_PROTOCOL_VERSION;
-    }
-
     /* For backwards compatibility, the client_protocol_version field isn't updated via the
      * supported versions extension on TLS 1.2 servers. See
      * https://github.com/aws/s2n-tls/issues/4240.
@@ -1030,12 +1024,6 @@ int s2n_connection_get_server_protocol_version(struct s2n_connection *conn)
 {
     POSIX_ENSURE_REF(conn);
 
-    /* The server protocol version isn't saved in the serialization process. Therefore
-     * we return an unknown protocol value to avoid misleading the user about the server. */
-    if (conn->deserialized_conn) {
-        return S2N_UNKNOWN_PROTOCOL_VERSION;
-    }
-
     return conn->server_protocol_version;
 }
 

diff --git a/tls/s2n_connection_serialize.c b/tls/s2n_connection_serialize.c
@@ -257,8 +257,6 @@ int s2n_connection_deserialize(struct s2n_connection *conn, uint8_t *buffer, uin
 
     /* Rehydrate fields now that parsing has completed successfully */
     conn->actual_protocol_version = temp.protocol_version;
-    conn->server_protocol_version = temp.protocol_version;
-    conn->client_protocol_version = temp.protocol_version;
     conn->secure->cipher_suite = temp.cipher_suite;
     POSIX_GUARD_RESULT(s2n_connection_set_max_fragment_length(conn, temp.max_fragment_len));
 

diff --git a/tls/s2n_record_write.c b/tls/s2n_record_write.c
@@ -172,9 +172,15 @@ int s2n_record_write_protocol_version(struct s2n_connection *conn, struct s2n_st
      *
      * If we are requesting early data, we can assume that we aren't talking to
      * a legacy server as a legacy server would not know how to handle early data.
+     * 
+     * Deserialized connections will also have an unknown server protocol
+     * version as this value isn't stored during serialization. However deserialization
+     * occurs post-handshake, at which point the actual protocol version is known
+     * and therefore this check is unnecessary for deserialized connections.
      **/
     if (conn->server_protocol_version == s2n_unknown_protocol_version
-            && conn->early_data_state != S2N_EARLY_DATA_REQUESTED) {
+            && conn->early_data_state != S2N_EARLY_DATA_REQUESTED
+            && !conn->deserialized_conn) {
         record_protocol_version = MIN(record_protocol_version, S2N_TLS10);
     }