ssl, dtls: Disable V2 compatibility clause from ssl_handshake:update_handshake_history

This proably a much bigger problem for DTLS than TLS, but should be
disabled for both unless explicitly configured for TLS.

1 files changed, 3 insertions, 1 deletions

diff --git a/lib/ssl/src/dtls_connection.erl b/lib/ssl/src/dtls_connection.erl
index 559eafbfec..5ff3b8b86b 100644
--- a/lib/ssl/src/dtls_connection.erl
+++ b/lib/ssl/src/dtls_connection.erl
@@ -397,7 +397,9 @@ format_status(Type, Data) ->
 encode_handshake(Handshake, Version, ConnectionStates0, Hist0) ->
     {Seq, ConnectionStates} = sequence(ConnectionStates0),
     {EncHandshake, Frag} = dtls_handshake:encode_handshake(Handshake, Version, Seq),
-    Hist = ssl_handshake:update_handshake_history(Hist0, EncHandshake),
+    %% DTLS does not have an equivalent version to SSLv2. So v2 hello compatibility
+    %% will always be false
+    Hist = ssl_handshake:update_handshake_history(Hist0, EncHandshake, false),
     {Frag, ConnectionStates, Hist}.
 
 encode_change_cipher(#change_cipher_spec{}, Version, ConnectionStates) ->