From c181c81fb01592ad1d49ebf7afa9676c41a32aaf Mon Sep 17 00:00:00 2001
From: tb <>
Date: Sat, 27 Mar 2021 17:56:28 +0000
Subject: Garbage collect s->internal->type

This variable is used in the legacy stack to decide whether we are
a server or a client. That's what s->server is for...

The new TLSv1.3 stack failed to set s->internal->type, which resulted
in hilarious mishandling of previous_{client,server}_finished. Indeed,
both client and server would first store the client's verify_data in
previous_server_finished and later overwrite it with the server's
verify_data. Consequently, renegotiation has been completely broken
for more than a year. In fact, server side renegotiation was broken
during the 6.5 release cycle. Clearly, no-one uses this.

This commit fixes client side renegotiation and restores the previous
behavior of SSL_get_client_CA_list(). Server side renegotiation will
be fixed in a later commit.

ok jsing
---
 src/lib/libssl/ssl_srvr.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

(limited to 'src/lib/libssl/ssl_srvr.c')

diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index 047087c1c9..aea8d67260 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.99 2021/03/24 18:44:00 jsing Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.100 2021/03/27 17:56:28 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -227,8 +227,6 @@ ssl3_accept(SSL *s)
 				goto end;
 			}
 
-			s->internal->type = SSL_ST_ACCEPT;
-
 			if (!ssl3_setup_init_buffer(s)) {
 				ret = -1;
 				goto end;
-- 
cgit v1.2.3-55-g6feb