Commit 0ef28021 authored by Matt Caswell's avatar Matt Caswell
Browse files

Various review fixes for PSK early_data support 



Reviewed-by: default avatarBen Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
parent 57dee9bb

apps/s_client.c

+1 −2
Original line number Diff line number Diff line
@@ -1889,8 +1889,7 @@ int s_client_main(int argc, char **argv) 
            goto end;

        }

        /* By default the SNI should be the same as was set in the session */

        if (!noservername && servername == NULL)

        {

        if (!noservername && servername == NULL) {

            const char *sni = SSL_SESSION_get0_hostname(sess);



            if (sni != NULL) {

doc/man3/SSL_SESSION_get0_hostname.pod

+3 −2
Original line number Diff line number Diff line
@@ -37,8 +37,9 @@ session and its associated length in bytes. The returned value of B<*alpn> is a 
pointer to memory maintained within B<s> and should not be free'd.



SSL_SESSION_set1_alpn_selected() sets the ALPN protocol for this session to the

value in B<*alpn> which should be of length B<len> bytes. A copy of this value

is taken.

value in B<alpn> which should be of length B<len> bytes. A copy of the input

value is made, and the caller retains ownership of the memory pointed to by

B<alpn>.



=head1 SEE ALSO

doc/man3/SSL_read_early_data.pod

+3 −1
Original line number Diff line number Diff line
@@ -63,7 +63,9 @@ will return the maximum number of early data bytes that can be sent. 


The function SSL_SESSION_set_max_early_data() sets the maximum number of early

data bytes that can be sent for a session. This would typically be used when

creating a PSK session file (see L<SSL_CTX_set_psk_use_session_callback(3)>).

creating a PSK session file (see L<SSL_CTX_set_psk_use_session_callback(3)>). If

using a ticket based PSK then this is set automatically to the value provided by

the server.



A client uses the function SSL_write_early_data() to send early data. This

function is similar to the L<SSL_write_ex(3)> function, but with the following

ssl/record/ssl3_record_tls13.c

+6 −2
Original line number Diff line number Diff line
@@ -58,10 +58,14 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending) 


    if (s->early_data_state == SSL_EARLY_DATA_WRITING

            || s->early_data_state == SSL_EARLY_DATA_WRITE_RETRY) {

        if (s->session != NULL && s->session->ext.max_early_data > 0)

        if (s->session != NULL && s->session->ext.max_early_data > 0) {

            alg_enc = s->session->cipher->algorithm_enc;

        else

        } else {

            if (!ossl_assert(s->psksession != NULL

                             && s->psksession->ext.max_early_data > 0))

                return -1;

            alg_enc = s->psksession->cipher->algorithm_enc;

        }

    } else {

        /*

         * To get here we must have selected a ciphersuite - otherwise ctx would

ssl/statem/extensions_clnt.c

+4 −4
Original line number Diff line number Diff line
@@ -1401,10 +1401,10 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x, 
    }

    s->s3->alpn_selected_len = len;



    if (s->session->ext.alpn_selected != NULL

            && (s->session->ext.alpn_selected_len != len

                || memcmp(s->session->ext.alpn_selected, s->s3->alpn_selected,

                          len) != 0)) {

    if (s->session->ext.alpn_selected == NULL

            || s->session->ext.alpn_selected_len != len

            || memcmp(s->session->ext.alpn_selected, s->s3->alpn_selected, len)

               != 0) {

        /* ALPN not consistent with the old session so cannot use early_data */

        s->ext.early_data_ok = 0;

    }