ssl, dtls: Disable V2 compatibility clause from ssl_handshake:update_handshake_history

This proably a much bigger problem for DTLS than TLS, but should be
disabled for both unless explicitly configured for TLS.

1 files changed, 4 insertions, 2 deletions

diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index 066ec8af52..66e47cc504 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -803,12 +803,14 @@ handle_common_event(internal, {handshake, {#hello_request{}, _}}, StateName, #st
   when StateName =/= connection ->
     {keep_state_and_data};
 handle_common_event(internal, {handshake, {Handshake, Raw}}, StateName, 
-		    #state{tls_handshake_history = Hs0} = State0, Connection) ->
+		    #state{tls_handshake_history = Hs0,
+			   ssl_options = #ssl_options{v2_hello_compatible = V2HComp}} = State0, 
+		    Connection) ->
     %% This function handles client SNI hello extension when Handshake is
     %% a client_hello, which needs to be determined by the connection callback.
     %% In other cases this is a noop
     State = Connection:handle_sni_extension(Handshake, State0),
-    HsHist = ssl_handshake:update_handshake_history(Hs0, Raw),
+    HsHist = ssl_handshake:update_handshake_history(Hs0, Raw, V2HComp),
     {next_state, StateName, State#state{tls_handshake_history = HsHist}, 
      [{next_event, internal, Handshake}]};
 handle_common_event(internal, {tls_record, TLSRecord}, StateName, State, Connection) ->