Implement client side parsing of the early_data extension
authorMatt Caswell <matt@openssl.org>
Thu, 23 Feb 2017 11:53:12 +0000 (11:53 +0000)
committerMatt Caswell <matt@openssl.org>
Thu, 2 Mar 2017 17:44:15 +0000 (17:44 +0000)
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737)

ssl/statem/extensions.c
ssl/statem/extensions_clnt.c
ssl/statem/statem_locl.h

index f8bd47a..2b13770 100644 (file)
@@ -138,8 +138,8 @@ static const EXTENSION_DEFINITION ext_defs[] = {
     {
         TLSEXT_TYPE_early_data,
         EXT_CLIENT_HELLO | EXT_TLS1_3_ENCRYPTED_EXTENSIONS,
-        NULL, tls_parse_ctos_early_data, NULL, tls_construct_stoc_early_data,
-        tls_construct_ctos_early_data, NULL
+        NULL, tls_parse_ctos_early_data, tls_parse_stoc_early_data,
+        tls_construct_stoc_early_data, tls_construct_ctos_early_data, NULL
     },
 #ifndef OPENSSL_NO_EC
     {
index d800807..1dbc355 100644 (file)
@@ -125,6 +125,12 @@ int tls_construct_ctos_early_data(SSL *s, WPACKET *pkt, unsigned int context,
         return 0;
     }
 
+    /*
+     * We set this to rejected here. Later, if the server acknowledges the
+     * extension, we set it to accepted.
+     */
+    s->ext.early_data = SSL_EARLY_DATA_REJECTED;
+
     return 1;
 }
 
@@ -917,6 +923,28 @@ int tls_parse_stoc_early_data_info(SSL *s, PACKET *pkt, unsigned int context,
     return 1;
 }
 
+int tls_parse_stoc_early_data(SSL *s, PACKET *pkt, unsigned int context,
+                              X509 *x, size_t chainidx, int *al)
+{
+    if (PACKET_remaining(pkt) != 0) {
+        *al = SSL_AD_DECODE_ERROR;
+        return 0;
+    }
+
+    if (s->ext.early_data != SSL_EARLY_DATA_REJECTED) {
+        /*
+         * If we get here then we didn't send early data, so the server should
+         * not be accepting it.
+         */
+        *al = SSL_AD_ILLEGAL_PARAMETER;
+        return 0;
+    }
+
+    s->ext.early_data = SSL_EARLY_DATA_ACCEPTED;
+
+    return 1;
+}
+
 #ifndef OPENSSL_NO_EC
 int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
                                  X509 *x, size_t chainidx, int *al)
index 9dc9b1f..eb80b71 100644 (file)
@@ -339,6 +339,8 @@ int tls_parse_stoc_server_name(SSL *s, PACKET *pkt, unsigned int context,
                                X509 *x, size_t chainidx, int *al);
 int tls_parse_stoc_early_data_info(SSL *s, PACKET *pkt, unsigned int context,
                               X509 *x, size_t chainidx, int *al);
+int tls_parse_stoc_early_data(SSL *s, PACKET *pkt, unsigned int context,
+                              X509 *x, size_t chainidx, int *al);
 #ifndef OPENSSL_NO_EC
 int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
                                  X509 *x, size_t chainidx, int *al);