From 49f389c17d984e5b248f0a57cbae10dd4198a3bf Mon Sep 17 00:00:00 2001
From: Marten Seemann <martenseemann@gmail.com>
Date: Wed, 25 Oct 2023 12:02:17 +0700
Subject: [PATCH] add missing check for the client's supported TLS versions

---
 handshake_server_tls13.go | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/handshake_server_tls13.go b/handshake_server_tls13.go
index 03bc5eb..4ba906e 100644
--- a/handshake_server_tls13.go
+++ b/handshake_server_tls13.go
@@ -219,8 +219,15 @@ GroupSelection:
 	}
 
 	if c.quic != nil {
+		// RFC 9001 Section 4.2: Clients MUST NOT offer TLS versions older than 1.3.
+		for _, v := range hs.clientHello.supportedVersions {
+			if v < VersionTLS13 {
+				c.sendAlert(alertProtocolVersion)
+				return errors.New("tls: client offered TLS version older than TLS 1.3")
+			}
+		}
+		// RFC 9001 Section 8.2.
 		if hs.clientHello.quicTransportParameters == nil {
-			// RFC 9001 Section 8.2.
 			c.sendAlert(alertMissingExtension)
 			return errors.New("tls: client did not send a quic_transport_parameters extension")
 		}