diff options
| author | tb <> | 2021-03-27 17:56:28 +0000 | 
|---|---|---|
| committer | tb <> | 2021-03-27 17:56:28 +0000 | 
| commit | 7f9e6c49cc65fa90409325b415edcad4c16e5d39 (patch) | |
| tree | ac68380783b8a8e28d9f271506951e261e2e33a4 /src/lib/libcrypto/ecdsa/ecs_vrf.c | |
| parent | 582990e01f264472c2d000565f7037fb02c8ffcc (diff) | |
| download | openbsd-7f9e6c49cc65fa90409325b415edcad4c16e5d39.tar.gz openbsd-7f9e6c49cc65fa90409325b415edcad4c16e5d39.tar.bz2 openbsd-7f9e6c49cc65fa90409325b415edcad4c16e5d39.zip | |
Garbage collect s->internal->type
This variable is used in the legacy stack to decide whether we are
a server or a client. That's what s->server is for...
The new TLSv1.3 stack failed to set s->internal->type, which resulted
in hilarious mishandling of previous_{client,server}_finished. Indeed,
both client and server would first store the client's verify_data in
previous_server_finished and later overwrite it with the server's
verify_data. Consequently, renegotiation has been completely broken
for more than a year. In fact, server side renegotiation was broken
during the 6.5 release cycle. Clearly, no-one uses this.
This commit fixes client side renegotiation and restores the previous
behavior of SSL_get_client_CA_list(). Server side renegotiation will
be fixed in a later commit.
ok jsing
Diffstat (limited to 'src/lib/libcrypto/ecdsa/ecs_vrf.c')
0 files changed, 0 insertions, 0 deletions
