diff options
| author | jsing <> | 2022-07-17 15:51:06 +0000 |
|---|---|---|
| committer | jsing <> | 2022-07-17 15:51:06 +0000 |
| commit | fcc47951fedaa68bf2527bded733b6c4019db61d (patch) | |
| tree | a5b699c41738f14e350eea2c9e22fc52698aafd2 /src/lib | |
| parent | 1724862da277d62e9335ade34ebf5ebcf274666e (diff) | |
| download | openbsd-fcc47951fedaa68bf2527bded733b6c4019db61d.tar.gz openbsd-fcc47951fedaa68bf2527bded733b6c4019db61d.tar.bz2 openbsd-fcc47951fedaa68bf2527bded733b6c4019db61d.zip | |
Disable TLSv1.3 middlebox compatibility mode for QUIC connections.
This is required by RFC 9001.
ok tb@
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libssl/tls13_lib.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c index 8b8ea7f01b..6522c104d6 100644 --- a/src/lib/libssl/tls13_lib.c +++ b/src/lib/libssl/tls13_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_lib.c,v 1.64 2022/07/17 15:49:20 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_lib.c,v 1.65 2022/07/17 15:51:06 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2019 Bob Beck <beck@openbsd.org> | 4 | * Copyright (c) 2019 Bob Beck <beck@openbsd.org> |
| @@ -401,7 +401,8 @@ tls13_ctx_new(int mode, SSL *ssl) | |||
| 401 | ctx->info_cb = tls13_legacy_info_cb; | 401 | ctx->info_cb = tls13_legacy_info_cb; |
| 402 | ctx->ocsp_status_recv_cb = tls13_legacy_ocsp_status_recv_cb; | 402 | ctx->ocsp_status_recv_cb = tls13_legacy_ocsp_status_recv_cb; |
| 403 | 403 | ||
| 404 | ctx->middlebox_compat = 1; | 404 | if (!SSL_is_quic(ssl)) |
| 405 | ctx->middlebox_compat = 1; | ||
| 405 | 406 | ||
| 406 | ssl->internal->tls13 = ctx; | 407 | ssl->internal->tls13 = ctx; |
| 407 | 408 | ||