Commit 116d0da5 authored Mar 30, 2017 by Matt Caswell

Fix early data bug with pause between EoED and CF



If the server received EoED then SSL_read_early_data() will return
SSL_READ_EARLY_DATA_FINISH. However if the CF has not yet been processed
then SSL_is_init_finished() will still return 0. Therefore we should still
be able to write early data.

Fixes #3041

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3089)

parent 1c7ae3dd

ssl/ssl_lib.c

+1 −0

Original line number	Diff line number	Diff line
		@@ -1829,6 +1829,7 @@ int SSL_write_early_data(SSL s, const void buf, size_t num, size_t *written)
		s->early_data_state = SSL_EARLY_DATA_WRITE_RETRY;
		return ret;

		case SSL_EARLY_DATA_FINISHED_READING:
		case SSL_EARLY_DATA_READ_RETRY:
		/* We are a server writing to an unauthenticated client */
		s->early_data_state = SSL_EARLY_DATA_UNAUTH_WRITING;