From f89c54df88fa62477e4eb5d92a93a2dc346c6c03 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Sun, 11 Sep 2022 14:33:07 +0000
Subject: Only permit CCS messages if requesting middlebox compatibility mode.

Currently the TLSv1.3 client always permits the server to send CCS
messages. Be more strict and only permit this if the client is actually
requesitng middlebox compatibility mode.

ok tb@
---
 src/lib/libssl/tls13_client.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c
index 87759632f9..33ef55d2ec 100644
--- a/src/lib/libssl/tls13_client.c
+++ b/src/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.98 2022/08/17 07:39:19 jsing Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.99 2022/09/11 14:33:07 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -148,12 +148,12 @@ tls13_client_hello_send(struct tls13_ctx *ctx, CBB *cbb)
 int
 tls13_client_hello_sent(struct tls13_ctx *ctx)
 {
-	tls13_record_layer_allow_ccs(ctx->rl, 1);
-
 	tls1_transcript_freeze(ctx->ssl);
 
-	if (ctx->middlebox_compat)
+	if (ctx->middlebox_compat) {
+		tls13_record_layer_allow_ccs(ctx->rl, 1);
 		ctx->send_dummy_ccs = 1;
+	}
 
 	return 1;
 }
-- 
cgit v1.2.3-55-g6feb