Add extra validation parsing the server-to-client early_data extension

[openssl.git] / ssl / ssl_lib.c

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index a774452a6112dac35d3729043504e41910b52719..1267844b04b7696154cbabefb3dfa76cb1f935e0 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1603,11 +1603,6 @@ int SSL_read_early(SSL *s, void *buf, size_t num, size_t *readbytes)
         return SSL_READ_EARLY_ERROR;
     }
 
-    /*
-     * TODO(TLS1.3): Somehow we need to check that we're not receiving too much
-     * data
-     */
-
     switch (s->early_data_state) {
     case SSL_EARLY_DATA_NONE:
         if (!SSL_in_before(s)) {
@@ -1657,6 +1652,7 @@ int ssl_end_of_early_data_seen(SSL *s)
 {
     if (s->early_data_state == SSL_EARLY_DATA_READING) {
         s->early_data_state = SSL_EARLY_DATA_FINISHED_READING;
+        ossl_statem_finish_early_data(s);
         return 1;
     }
 
@@ -1803,11 +1799,6 @@ int SSL_write_early(SSL *s, const void *buf, size_t num, size_t *written)
         return 0;
     }
 
-    /*
-     * TODO(TLS1.3): Somehow we need to check that we're not sending too much
-     * data
-     */
-
     switch (s->early_data_state) {
     case SSL_EARLY_DATA_NONE:
         if (!SSL_in_before(s)) {
@@ -2771,6 +2762,12 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
 
     ret->ext.status_type = TLSEXT_STATUSTYPE_nothing;
 
+    /*
+     * Default max early data is a fully loaded single record. Could be split
+     * across multiple records in practice
+     */
+    ret->max_early_data = SSL3_RT_MAX_PLAIN_LENGTH;
+
     return ret;
  err:
     SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);