diff options
author | Matt Caswell <matt@openssl.org> | 2017-07-14 14:50:48 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-07-18 16:51:58 +0100 |
commit | d4504fe5792b2dcf8ae6ef35634f1494e72d109b (patch) | |
tree | 7b51694b056efe6d8c86b92b6677b6eecf83372a /ssl/statem/statem_srvr.c | |
parent | 1e3f62a3823f7e3db9d403f724fd9d66f5b04cf8 (diff) | |
download | openssl-d4504fe5792b2dcf8ae6ef35634f1494e72d109b.zip openssl-d4504fe5792b2dcf8ae6ef35634f1494e72d109b.tar.gz openssl-d4504fe5792b2dcf8ae6ef35634f1494e72d109b.tar.bz2 |
Fix early_data with an HRR
early_data is not allowed after an HRR. We failed to handle that
correctly.
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3933)
Diffstat (limited to 'ssl/statem/statem_srvr.c')
-rw-r--r-- | ssl/statem/statem_srvr.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index f3f54d4..9d3c387 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -48,15 +48,14 @@ static int ossl_statem_server13_read_transition(SSL *s, int mt) default: break; - case TLS_ST_SW_HELLO_RETRY_REQUEST: - if (mt == SSL3_MT_CLIENT_HELLO) { - st->hand_state = TLS_ST_SR_CLNT_HELLO; - return 1; - } - break; - case TLS_ST_EARLY_DATA: - if (s->ext.early_data == SSL_EARLY_DATA_ACCEPTED) { + if (s->hello_retry_request) { + if (mt == SSL3_MT_CLIENT_HELLO) { + st->hand_state = TLS_ST_SR_CLNT_HELLO; + return 1; + } + break; + } else if (s->ext.early_data == SSL_EARLY_DATA_ACCEPTED) { if (mt == SSL3_MT_END_OF_EARLY_DATA) { st->hand_state = TLS_ST_SR_END_OF_EARLY_DATA; return 1; @@ -397,7 +396,8 @@ static WRITE_TRAN ossl_statem_server13_write_transition(SSL *s) return WRITE_TRAN_CONTINUE; case TLS_ST_SW_HELLO_RETRY_REQUEST: - return WRITE_TRAN_FINISHED; + st->hand_state = TLS_ST_EARLY_DATA; + return WRITE_TRAN_CONTINUE; case TLS_ST_SW_SRVR_HELLO: st->hand_state = TLS_ST_SW_ENCRYPTED_EXTENSIONS; |