From d5ef950f276f9e4913432b3c384f58170d2dca1f Mon Sep 17 00:00:00 2001
From: tb <>
Date: Thu, 25 Jun 2020 07:35:05 +0000
Subject: Switch the order of the two tests in
 tls13_client_hello_required_extensions to match the order they are listed in
 the RFC. No functional change.

---
 src/lib/libssl/tls13_server.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

(limited to 'src')

diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c
index 843b572401..12601fa33d 100644
--- a/src/lib/libssl/tls13_server.c
+++ b/src/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.59 2020/06/24 07:28:38 tb Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.60 2020/06/25 07:35:05 tb Exp $ */
 /*
  * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -107,14 +107,6 @@ tls13_client_hello_required_extensions(struct tls13_ctx *ctx)
 	 * presence or absence of others.
 	 */
 
-	/*
-	 * supported_groups and key_share must either both be present or
-	 * both be absent.
-	 */
-	if (tlsext_extension_seen(ssl, TLSEXT_TYPE_supported_groups) !=
-	    tlsext_extension_seen(ssl, TLSEXT_TYPE_key_share))
-		return 0;
-
 	/*
 	 * If we got no pre_shared_key, then signature_algorithms and
 	 * supported_groups must both be present.
@@ -126,6 +118,14 @@ tls13_client_hello_required_extensions(struct tls13_ctx *ctx)
 			return 0;
 	}
 
+	/*
+	 * supported_groups and key_share must either both be present or
+	 * both be absent.
+	 */
+	if (tlsext_extension_seen(ssl, TLSEXT_TYPE_supported_groups) !=
+	    tlsext_extension_seen(ssl, TLSEXT_TYPE_key_share))
+		return 0;
+
 	/*
 	 * XXX - Require server_name from client? If so, we SHOULD enforce
 	 * this here - RFC 8446, 9.2.
-- 
cgit v1.2.3-55-g6feb