Commit 39ef7821 authored by Matt Caswell's avatar Matt Caswell
Browse files

Fix bug with SSL_read_early_data() 



If read_ahead is set, or SSL_MODE_AUTO_RETRY is used then if
SSL_read_early_data() hits an EndOfEarlyData message then it will
immediately retry automatically, but this time read normal data instead
of early data!

Fixes #3041

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3077)
parent 3fd5ece3

ssl/record/rec_layer_s3.c

+10 −0
Original line number Diff line number Diff line
@@ -1496,6 +1496,8 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, 
     */

    if ((s->rlayer.handshake_fragment_len >= 4)

            && !ossl_statem_get_in_handshake(s)) {

        int ined = (s->early_data_state == SSL_EARLY_DATA_READING);



        /* We found handshake data, so we're going back into init */

        ossl_statem_set_in_init(s, 1);
@@ -1507,6 +1509,14 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, 
            return -1;

        }



        /*

         * If we were actually trying to read early data and we found a

         * handshake message, then we don't want to continue to try and read

         * the application data any more. It won't be "early" now.

         */

        if (ined)

            return -1;



        if (!(s->mode & SSL_MODE_AUTO_RETRY)) {

            if (SSL3_BUFFER_get_left(rbuf) == 0) {

                /* no read-ahead left? */