1 files changed, 24 insertions, 1 deletions
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c
index 2fe5428b71..5e2711d4d4 100644
--- a/src/lib/libssl/tls13_server.c
+++ b/src/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.38 2020/05/09 14:02:24 tb Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.39 2020/05/09 16:43:05 tb Exp $ */
 /*
 * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -335,6 +335,20 @@ tls13_server_hello_retry_request_send(struct tls13_ctx *ctx, CBB *cbb)
 }
 int
+tls13_server_hello_retry_request_sent(struct tls13_ctx *ctx)
+{
+        /*
+         * If the client has requested middlebox compatibility mode,
+         * we MUST send a dummy CCS following our first handshake message.
+         * See RFC 8446 Appendix D.4.
+         */
+        if (ctx->hs->legacy_session_id_len > 0)
+                ctx->send_dummy_ccs = 1;
+        return 1;
+}
+int
 tls13_client_hello_retry_recv(struct tls13_ctx *ctx, CBS *cbs)
 {
        SSL *s = ctx->ssl;
@@ -368,6 +382,15 @@ tls13_server_hello_send(struct tls13_ctx *ctx, CBB *cbb)
 int
 tls13_server_hello_sent(struct tls13_ctx *ctx)
 {
+        /*
+         * If the client has requested middlebox compatibility mode,
+         * we MUST send a dummy CCS following our first handshake message.
+         * See RFC 8446 Appendix D.4.
+         */
+        if ((ctx->handshake_stage.hs_type & WITHOUT_HRR) &&
+            ctx->hs->legacy_session_id_len > 0)
+                ctx->send_dummy_ccs = 1;
        return tls13_server_engage_record_protection(ctx);
 }

diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c index 2fe5428b71..5e2711d4d4 100644 --- a/src/lib/libssl/tls13_server.c +++ b/src/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_server.c,v 1.38 2020/05/09 14:02:24 tb Exp $ */	1	/* $OpenBSD: tls13_server.c,v 1.39 2020/05/09 16:43:05 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
4	* Copyright (c) 2020 Bob Beck <beck@openbsd.org>	4	* Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -335,6 +335,20 @@ tls13_server_hello_retry_request_send(struct tls13_ctx ctx, CBB cbb)
335	}	335	}
336		336
337	int	337	int
		338	tls13_server_hello_retry_request_sent(struct tls13_ctx *ctx)
		339	{
		340	/*
		341	* If the client has requested middlebox compatibility mode,
		342	* we MUST send a dummy CCS following our first handshake message.
		343	* See RFC 8446 Appendix D.4.
		344	*/
		345	if (ctx->hs->legacy_session_id_len > 0)
		346	ctx->send_dummy_ccs = 1;
		347
		348	return 1;
		349	}
		350
		351	int
338	tls13_client_hello_retry_recv(struct tls13_ctx ctx, CBS cbs)	352	tls13_client_hello_retry_recv(struct tls13_ctx ctx, CBS cbs)
339	{	353	{
340	SSL *s = ctx->ssl;	354	SSL *s = ctx->ssl;
@@ -368,6 +382,15 @@ tls13_server_hello_send(struct tls13_ctx ctx, CBB cbb)
368	int	382	int
369	tls13_server_hello_sent(struct tls13_ctx *ctx)	383	tls13_server_hello_sent(struct tls13_ctx *ctx)
370	{	384	{
		385	/*
		386	* If the client has requested middlebox compatibility mode,
		387	* we MUST send a dummy CCS following our first handshake message.
		388	* See RFC 8446 Appendix D.4.
		389	*/
		390	if ((ctx->handshake_stage.hs_type & WITHOUT_HRR) &&
		391	ctx->hs->legacy_session_id_len > 0)
		392	ctx->send_dummy_ccs = 1;
		393
371	return tls13_server_engage_record_protection(ctx);	394	return tls13_server_engage_record_protection(ctx);
372	}	395	}
373		396