From 4eaa47375c2b8f164edaae326474b972e0e4e277 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Sat, 25 Jan 2020 15:06:17 +0000
Subject: Revert change to certificate request check from r1.45.

This code was correct, it was the entry in the table that was incorrect.

ok beck@
---
 src/lib/libssl/tls13_handshake.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c
index 7d150930d9..d194688f71 100644
--- a/src/lib/libssl/tls13_handshake.c
+++ b/src/lib/libssl/tls13_handshake.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_handshake.c,v 1.47 2020/01/25 13:21:52 beck Exp $	*/
+/*	$OpenBSD: tls13_handshake.c,v 1.48 2020/01/25 15:06:17 jsing Exp $	*/
 /*
  * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org>
  * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
@@ -413,8 +413,8 @@ tls13_handshake_recv_action(struct tls13_ctx *ctx,
 	 */
 	msg_type = tls13_handshake_msg_type(ctx->hs_msg);
 	if (msg_type != action->handshake_type &&
-	    (msg_type != TLS13_MT_CERTIFICATE_REQUEST ||
-	     action->handshake_type != TLS13_MT_CERTIFICATE))
+	    (msg_type != TLS13_MT_CERTIFICATE ||
+	     action->handshake_type != TLS13_MT_CERTIFICATE_REQUEST))
 		return tls13_send_alert(ctx->rl, SSL_AD_UNEXPECTED_MESSAGE);
 
 	if (!tls13_handshake_msg_content(ctx->hs_msg, &cbs))
-- 
cgit v1.2.3-55-g6feb