From daf57a6e01ebddd26168b4bb8b5379bb45b1f66e Mon Sep 17 00:00:00 2001
From: jsing <jsing@openbsd.org>
Date: Sun, 10 May 2020 14:03:14 +0000
Subject: Correct tlsext_ocsp_resplen check.

This variable is currently overloaded - a value of -1 means that it is
"unset" and any other value is a length.

ok tb@
---
 lib/libssl/tls13_lib.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'lib/libssl/tls13_lib.c')

diff --git a/lib/libssl/tls13_lib.c b/lib/libssl/tls13_lib.c
index 3825707d5c9..ad78d5b597b 100644
--- a/lib/libssl/tls13_lib.c
+++ b/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_lib.c,v 1.38 2020/05/09 15:30:21 jsing Exp $ */
+/*	$OpenBSD: tls13_lib.c,v 1.39 2020/05/10 14:03:14 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -170,7 +170,7 @@ tls13_legacy_ocsp_status_recv_cb(void *arg)
 	int ret;
 
 	if (s->ctx->internal->tlsext_status_cb == NULL ||
-	    s->internal->tlsext_ocsp_resplen == 0)
+	    s->internal->tlsext_ocsp_resplen == -1)
 		return 1;
 
 	ret = s->ctx->internal->tlsext_status_cb(s,
-- 
cgit v1.2.3-59-g8ed1b