Various review fixes for PSK early_data support

author Matt Caswell <matt@openssl.org>

Thu, 31 Aug 2017 13:32:51 +0000 (14:32 +0100)

committer Matt Caswell <matt@openssl.org>

Thu, 31 Aug 2017 14:03:35 +0000 (15:03 +0100)
author Matt Caswell <matt@openssl.org>
Thu, 31 Aug 2017 13:32:51 +0000 (14:32 +0100)
committer Matt Caswell <matt@openssl.org>
Thu, 31 Aug 2017 14:03:35 +0000 (15:03 +0100)
diff --git a/apps/s_client.c b/apps/s_client.c

index 975aa2fb447353a08250b37d9f016ed7d08a691c..4d2fa861a58c5d252bd84e24e5b44762920bb77d 100644 (file)
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1889,8 +1889,7 @@ int s_client_main(int argc, char **argv)
              goto end;
          }
          /* By default the SNI should be the same as was set in the session */
-        if (!noservername && servername == NULL)
-        {
+        if (!noservername && servername == NULL) {
              const char *sni = SSL_SESSION_get0_hostname(sess);
  
              if (sni != NULL) {
diff --git a/doc/man3/SSL_SESSION_get0_hostname.pod b/doc/man3/SSL_SESSION_get0_hostname.pod

index 642daaa531e2a297dc90e2e7ae15ff500d7f56c2..f0f02d32a2d5b67809ff9059c75f84dbd53c1897 100644 (file)
--- a/doc/man3/SSL_SESSION_get0_hostname.pod
+++ b/doc/man3/SSL_SESSION_get0_hostname.pod
@@ -37,8 +37,9 @@ session and its associated length in bytes. The returned value of B<*alpn> is a
  pointer to memory maintained within B<s> and should not be free'd.
  
  SSL_SESSION_set1_alpn_selected() sets the ALPN protocol for this session to the
-value in B<*alpn> which should be of length B<len> bytes. A copy of this value
-is taken.
+value in B<alpn> which should be of length B<len> bytes. A copy of the input
+value is made, and the caller retains ownership of the memory pointed to by
+B<alpn>.
  
  =head1 SEE ALSO
  
diff --git a/doc/man3/SSL_read_early_data.pod b/doc/man3/SSL_read_early_data.pod

index a593b147b87f0dd33d46e9ec9eb053f601cd64c9..10736841a12940dc37cc4083209e515f3d6406f7 100644 (file)
--- a/doc/man3/SSL_read_early_data.pod
+++ b/doc/man3/SSL_read_early_data.pod
@@ -63,7 +63,9 @@ will return the maximum number of early data bytes that can be sent.
  
  The function SSL_SESSION_set_max_early_data() sets the maximum number of early
  data bytes that can be sent for a session. This would typically be used when
-creating a PSK session file (see L<SSL_CTX_set_psk_use_session_callback(3)>).
+creating a PSK session file (see L<SSL_CTX_set_psk_use_session_callback(3)>). If
+using a ticket based PSK then this is set automatically to the value provided by
+the server.
  
  A client uses the function SSL_write_early_data() to send early data. This
  function is similar to the L<SSL_write_ex(3)> function, but with the following
diff --git a/ssl/record/ssl3_record_tls13.c b/ssl/record/ssl3_record_tls13.c

index 0c3fc6bf16073f5fbec9f27275d026522cf9901f..696cc37fd3d22b20a7cbba3973785e402c39fc01 100644 (file)
--- a/ssl/record/ssl3_record_tls13.c
+++ b/ssl/record/ssl3_record_tls13.c
@@ -58,10 +58,14 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending)
  
      if (s->early_data_state == SSL_EARLY_DATA_WRITING
              || s->early_data_state == SSL_EARLY_DATA_WRITE_RETRY) {
-        if (s->session != NULL && s->session->ext.max_early_data > 0)
+        if (s->session != NULL && s->session->ext.max_early_data > 0) {
              alg_enc = s->session->cipher->algorithm_enc;
-        else
+        } else {
+            if (!ossl_assert(s->psksession != NULL
+                             && s->psksession->ext.max_early_data > 0))
+                return -1;
              alg_enc = s->psksession->cipher->algorithm_enc;
+        }
      } else {
          /*
           * To get here we must have selected a ciphersuite - otherwise ctx would
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c

index bcbcbac87325b476b49a34ce399b1b31c1d5a37f..8db895b0fe71a1fa31f40af6a9803407c3792269 100644 (file)
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -1401,10 +1401,10 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
      }
      s->s3->alpn_selected_len = len;
  
-    if (s->session->ext.alpn_selected != NULL
-            && (s->session->ext.alpn_selected_len != len
-                || memcmp(s->session->ext.alpn_selected, s->s3->alpn_selected,
-                          len) != 0)) {
+    if (s->session->ext.alpn_selected == NULL
+            || s->session->ext.alpn_selected_len != len
+            || memcmp(s->session->ext.alpn_selected, s->s3->alpn_selected, len)
+               != 0) {
          /* ALPN not consistent with the old session so cannot use early_data */
          s->ext.early_data_ok = 0;
      }
author	Matt Caswell <matt@openssl.org>
	Thu, 31 Aug 2017 13:32:51 +0000 (14:32 +0100)
committer	Matt Caswell <matt@openssl.org>
	Thu, 31 Aug 2017 14:03:35 +0000 (15:03 +0100)
apps/s_client.c		patch \| blob \| history
doc/man3/SSL_SESSION_get0_hostname.pod		patch \| blob \| history
doc/man3/SSL_read_early_data.pod		patch \| blob \| history
ssl/record/ssl3_record_tls13.c		patch \| blob \| history
ssl/statem/extensions_clnt.c		patch \| blob \| history