From 8c2404edf53b7967b93ce81fe28c4d401a6734b8 Mon Sep 17 00:00:00 2001
From: Marten Seemann <martenseemann@gmail.com>
Date: Thu, 30 Nov 2017 12:59:53 +0700
Subject: [PATCH] send a reserved version number in the SHLO

---
 internal/handshake/crypto_setup_server.go      |  2 +-
 internal/handshake/crypto_setup_server_test.go | 11 ++++++++---
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/internal/handshake/crypto_setup_server.go b/internal/handshake/crypto_setup_server.go
index 50e261831..ddaf75e93 100644
--- a/internal/handshake/crypto_setup_server.go
+++ b/internal/handshake/crypto_setup_server.go
@@ -431,7 +431,7 @@ func (h *cryptoSetupServer) handleCHLO(sni string, data []byte, cryptoData map[T
 	replyMap := h.params.getHelloMap()
 	// add crypto parameters
 	verTag := &bytes.Buffer{}
-	for _, v := range h.supportedVersions {
+	for _, v := range protocol.GetGreasedVersions(h.supportedVersions) {
 		utils.BigEndian.WriteUint32(verTag, uint32(v))
 	}
 	replyMap[TagPUBS] = ephermalKex.PublicKey()
diff --git a/internal/handshake/crypto_setup_server_test.go b/internal/handshake/crypto_setup_server_test.go
index df57b8711..77ec1cef3 100644
--- a/internal/handshake/crypto_setup_server_test.go
+++ b/internal/handshake/crypto_setup_server_test.go
@@ -313,12 +313,17 @@ var _ = Describe("Server Crypto Setup", func() {
 			})
 			Expect(err).ToNot(HaveOccurred())
 			Expect(response).To(HavePrefix("SHLO"))
-			Expect(response).To(ContainSubstring("ephermal pub"))
-			Expect(response).To(ContainSubstring("SNO\x00"))
+			message, err := ParseHandshakeMessage(bytes.NewReader(response))
+			Expect(err).ToNot(HaveOccurred())
+			Expect(message.Data).To(HaveKeyWithValue(TagPUBS, []byte("ephermal pub")))
+			Expect(message.Data).To(HaveKey(TagSNO))
+			Expect(message.Data).To(HaveKey(TagVER))
+			// the supported versions should include one reserved version number
+			Expect(message.Data[TagVER]).To(HaveLen(4*len(supportedVersions) + 4))
 			for _, v := range supportedVersions {
 				b := &bytes.Buffer{}
 				utils.BigEndian.WriteUint32(b, uint32(v))
-				Expect(response).To(ContainSubstring(string(b.Bytes())))
+				Expect(message.Data[TagVER]).To(ContainSubstring(string(b.Bytes())))
 			}
 			Expect(checkedSecure).To(BeTrue())
 			Expect(checkedForwardSecure).To(BeTrue())