diff options
author | Matt Caswell <matt@openssl.org> | 2017-02-20 16:35:03 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-03-02 17:44:15 +0000 |
commit | 0a87d0ac628685a1b420851f1614829a952cda5f (patch) | |
tree | f92b975cf18b963c6d0f978a8aca3c458e6fed7b /ssl/record/ssl3_record.c | |
parent | a4f376af7e98161c7513614cf4a110724a5a65f5 (diff) | |
download | openssl-0a87d0ac628685a1b420851f1614829a952cda5f.zip openssl-0a87d0ac628685a1b420851f1614829a952cda5f.tar.gz openssl-0a87d0ac628685a1b420851f1614829a952cda5f.tar.bz2 |
Parse the early_data extension
We also skip any early_data that subsequently gets sent. Later commits will
process it if we can.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737)
Diffstat (limited to 'ssl/record/ssl3_record.c')
-rw-r--r-- | ssl/record/ssl3_record.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index 3868bb5..4a1c041 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -424,6 +424,17 @@ int ssl3_get_record(SSL *s) * -1: if the padding is invalid */ if (enc_err == 0) { + if (num_recs == 1 && ossl_statem_skip_early_data(s)) { + /* + * We assume this is unreadable early_data - we treat it like an + * empty record + */ + thisrr = &rr[0]; + thisrr->length = 0; + thisrr->read = 1; + RECORD_LAYER_set_numrpipes(&s->rlayer, 1); + return 1; + } al = SSL_AD_DECRYPTION_FAILED; SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); goto f_err; |