From 2d8800e2278bcf7a39a14a88bc7a36724ad26f79 Mon Sep 17 00:00:00 2001
From: TRodziewicz <tomasz.rodziewicz@mobica.com>
Date: Thu, 13 May 2021 19:14:19 +0200
Subject: [PATCH] Small corrections in the comments

Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
---
 library/ssl_cli.c | 4 ++++
 library/ssl_msg.c | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index b0285d7ab..81c0d6b08 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -1951,6 +1951,10 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl )
     mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, p );
     p += 2;
 
+    /*
+     * Since the RFC is not clear on this point, accept DTLS 1.0 (TLS 1.1)
+     * even is lower than our min version.
+     */
     if( major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 ||
         minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ||
         major_ver > ssl->conf->max_major_ver  ||
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 8c9caa9ef..9896ad014 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -836,7 +836,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
 
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
         /*
-         * Prepend per-record IV for block cipher in TLS v1.2
+         * Prepend per-record IV for block cipher in TLS v1.2 as per
          * Method 1 (6.2.3.2. in RFC4346 and RFC5246)
          */
         if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 )