Commit bfab12bb authored by Matt Caswell's avatar Matt Caswell
Browse files

Allow a client to send early_data with SNI if the session has no SNI 



We can only send early_data if the SNI is consistent. However it is valid
for the client to set SNI and the server to not use it. This would still be
counted as consistent. OpenSSL client was being overzealous in this check
and disallowing this scenario.

Reviewed-by: default avatarBen Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4738)
parent b510b740

ssl/statem/extensions_clnt.c

+8 −7
Original line number Diff line number Diff line
@@ -736,14 +736,15 @@ EXT_RETURN tls_construct_ctos_early_data(SSL *s, WPACKET *pkt, 
    edsess = s->session->ext.max_early_data != 0 ? s->session : psksess;

    s->max_early_data = edsess->ext.max_early_data;



    if ((s->ext.hostname == NULL && edsess->ext.hostname != NULL)

    if (edsess->ext.hostname != NULL) {

        if (s->ext.hostname == NULL

                || (s->ext.hostname != NULL

                && (edsess->ext.hostname == NULL

                    || strcmp(s->ext.hostname, edsess->ext.hostname) != 0))) {

                    && strcmp(s->ext.hostname, edsess->ext.hostname) != 0)) {

            SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA,

                   SSL_R_INCONSISTENT_EARLY_DATA_SNI);

            return EXT_RETURN_FAIL;

        }

    }



    if ((s->ext.alpn == NULL && edsess->ext.alpn_selected != NULL)) {

        SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA,