When switching back to a legacy client or server, ensure we reset the

handshake function pointer.

Fixes an isssue found by jca@ with OpenVPN.

ok beck@ tb@

2 files changed, 4 insertions, 2 deletions

diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c
index 74a4a4db69..f75f605ace 100644
--- a/src/lib/libssl/tls13_client.c
+++ b/src/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.36 2020/01/26 03:38:24 beck Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.37 2020/01/26 06:55:17 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -105,6 +105,7 @@ tls13_use_legacy_client(struct tls13_ctx *ctx)
         CBS cbs;
 
         s->method = tls_legacy_client_method();
+        s->internal->handshake_func = s->method->internal->ssl_connect;
         s->client_version = s->version = s->method->internal->max_version;
 
         if (!ssl3_setup_init_buffer(s))
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c
index e5e029c998..41b4d2b24e 100644
--- a/src/lib/libssl/tls13_server.c
+++ b/src/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.19 2020/01/26 03:55:22 beck Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.20 2020/01/26 06:55:17 jsing Exp $ */
 /*
  * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -96,6 +96,7 @@ tls13_use_legacy_server(struct tls13_ctx *ctx)
         CBS cbs;
 
         s->method = tls_legacy_server_method();
+        s->internal->handshake_func = s->method->internal->ssl_accept;
         s->client_version = s->version = s->method->internal->max_version;
         s->server = 1;