From e827d532c25b674208a351af5d04b7d4513ddaad Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Thu, 4 Apr 2019 16:53:57 +0000
Subject: Implement legacy fallback for the TLS 1.3 client.

If the Server Hello received indicates that the server did not negotiate
TLS 1.3, fallback to the original TLS client implementation.

ok bcook@, tb@
---
 src/lib/libssl/tls13_handshake.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'src/lib/libssl/tls13_handshake.c')

diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c
index a55c20525a..cb39974da5 100644
--- a/src/lib/libssl/tls13_handshake.c
+++ b/src/lib/libssl/tls13_handshake.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_handshake.c,v 1.32 2019/03/17 15:48:02 jsing Exp $	*/
+/*	$OpenBSD: tls13_handshake.c,v 1.33 2019/04/04 16:53:57 jsing Exp $	*/
 /*
  * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org>
  * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
@@ -389,6 +389,9 @@ tls13_handshake_recv_action(struct tls13_ctx *ctx,
 	tls13_handshake_msg_free(ctx->hs_msg);
 	ctx->hs_msg = NULL;
 
+	if (ctx->ssl->method->internal->version < TLS1_3_VERSION)
+		return TLS13_IO_USE_LEGACY;
+
 	return ret;
 }
 
-- 
cgit v1.2.3-55-g6feb