From 1d9efb961c55d10f321b2626df4b1ed77d104867 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Mon, 21 Jan 2019 14:19:51 +0000
Subject: Use the actual handshake message type in the certificate request
 handler.

---
 src/lib/libssl/tls13_handshake.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c
index 160202421c..95f30ded7d 100644
--- a/src/lib/libssl/tls13_handshake.c
+++ b/src/lib/libssl/tls13_handshake.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_handshake.c,v 1.18 2019/01/21 13:45:57 jsing Exp $	*/
+/*	$OpenBSD: tls13_handshake.c,v 1.19 2019/01/21 14:19:51 jsing Exp $	*/
 /*
  * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org>
  * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
@@ -509,15 +509,13 @@ tls13_server_certificate_send(struct tls13_ctx *ctx)
 int
 tls13_server_certificate_request_recv(struct tls13_ctx *ctx)
 {
-	uint8_t msg_type = 0; /* XXX */
-
 	/*
 	 * Thanks to poor state design in the RFC, this function can be called
 	 * when we actually have a certificate message instead of a certificate
 	 * request... in that case we call the certificate handler after
 	 * switching state, to avoid advancing state.
 	 */
-	if (msg_type == TLS13_MT_CERTIFICATE) {
+	if (tls13_handshake_msg_type(ctx->hs_msg) == TLS13_MT_CERTIFICATE) {
 		ctx->handshake_stage.hs_type |= WITHOUT_CR;
 		return tls13_server_certificate_recv(ctx);
 	}
-- 
cgit v1.2.3-55-g6feb