From 8ef6d5699390cd817ba24c3f8f8a670d68b744af Mon Sep 17 00:00:00 2001
From: beck <>
Date: Sat, 25 Jan 2020 06:37:30 +0000
Subject: Correct backwards test so that we may accept a certificate requst
 from the server.

ok jsing@
---
 src/lib/libssl/tls13_handshake.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c
index 29a22225f7..ed70ec1f4b 100644
--- a/src/lib/libssl/tls13_handshake.c
+++ b/src/lib/libssl/tls13_handshake.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_handshake.c,v 1.44 2020/01/24 08:21:24 jsing Exp $	*/
+/*	$OpenBSD: tls13_handshake.c,v 1.45 2020/01/25 06:37:30 beck Exp $	*/
 /*
  * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org>
  * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
@@ -406,8 +406,8 @@ tls13_handshake_recv_action(struct tls13_ctx *ctx,
 	 */
 	msg_type = tls13_handshake_msg_type(ctx->hs_msg);
 	if (msg_type != action->handshake_type &&
-	    (msg_type != TLS13_MT_CERTIFICATE ||
-	     action->handshake_type != TLS13_MT_CERTIFICATE_REQUEST))
+	    (msg_type != TLS13_MT_CERTIFICATE_REQUEST ||
+	     action->handshake_type != TLS13_MT_CERTIFICATE))
 		return tls13_send_alert(ctx->rl, SSL_AD_UNEXPECTED_MESSAGE);
 
 	if (!tls13_handshake_msg_content(ctx->hs_msg, &cbs))
-- 
cgit v1.2.3-55-g6feb