From: Matt Caswell <matt@openssl.org>
Date: Thu, 30 Nov 2017 14:29:28 +0000 (+0000)
Subject: Fix server side HRR flushing
X-Git-Tag: OpenSSL_1_1_1-pre1~280
X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=75259b4346a1a786b4a23987123b18b674327b8d

Fix server side HRR flushing

Flush following the CCS after an HRR. Only flush the HRR if middlebox
compat is turned off.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4701)
---

diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 4f0487cc0f..249ee403fe 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -740,7 +740,8 @@ WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE wst)
 
     case TLS_ST_SW_SRVR_HELLO:
         if (SSL_IS_TLS13(s) && s->hello_retry_request == SSL_HRR_PENDING) {
-            if (statem_flush(s) != 1)
+            if ((s->options & SSL_OP_ENABLE_MIDDLEBOX_COMPAT) == 0
+                    && statem_flush(s) != 1)
                 return WORK_MORE_A;
             break;
         }
@@ -777,8 +778,11 @@ WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE wst)
         /* Fall through */
 
     case TLS_ST_SW_CHANGE:
-        if (s->hello_retry_request == SSL_HRR_PENDING)
+        if (s->hello_retry_request == SSL_HRR_PENDING) {
+            if (!statem_flush(s))
+                return WORK_MORE_A;
             break;
+        }
         /*
          * TODO(TLS1.3): This actually causes a problem. We don't yet know
          * whether the next record we are going to receive is an unencrypted