+
+static int final_early_data(SSL *s, unsigned int context, int sent)
+{
+ if (!sent)
+ return 1;
+
+ if (!s->server) {
+ if (context == SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS
+ && sent
+ && !s->ext.early_data_ok) {
+ /*
+ * If we get here then the server accepted our early_data but we
+ * later realised that it shouldn't have done (e.g. inconsistent
+ * ALPN)
+ */
+ SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_FINAL_EARLY_DATA,
+ SSL_R_BAD_EARLY_DATA);
+ return 0;
+ }
+
+ return 1;
+ }
+
+ if (s->max_early_data == 0
+ || !s->hit
+ || s->session->ext.tick_identity != 0
+ || s->early_data_state != SSL_EARLY_DATA_ACCEPTING
+ || !s->ext.early_data_ok
+ || s->hello_retry_request != SSL_HRR_NONE) {
+ s->ext.early_data = SSL_EARLY_DATA_REJECTED;
+ } else {
+ s->ext.early_data = SSL_EARLY_DATA_ACCEPTED;
+
+ if (!tls13_change_cipher_state(s,
+ SSL3_CC_EARLY | SSL3_CHANGE_CIPHER_SERVER_READ)) {
+ /* SSLfatal() already called */
+ return 0;
+ }
+ }
+
+ return 1;
+}
+
+static int final_maxfragmentlen(SSL *s, unsigned int context, int sent)
+{
+ /*
+ * Session resumption on server-side with MFL extension active
+ * BUT MFL extension packet was not resent (i.e. sent == 0)
+ */
+ if (s->server && s->hit && USE_MAX_FRAGMENT_LENGTH_EXT(s->session)
+ && !sent ) {
+ SSLfatal(s, SSL_AD_MISSING_EXTENSION, SSL_F_FINAL_MAXFRAGMENTLEN,
+ SSL_R_BAD_EXTENSION);
+ return 0;
+ }
+
+ /* Current SSL buffer is lower than requested MFL */
+ if (s->session && USE_MAX_FRAGMENT_LENGTH_EXT(s->session)
+ && s->max_send_fragment < GET_MAX_FRAGMENT_LENGTH(s->session))
+ /* trigger a larger buffer reallocation */
+ if (!ssl3_setup_buffers(s)) {
+ /* SSLfatal() already called */
+ return 0;
+ }
+
+ return 1;
+}
+
+static int init_post_handshake_auth(SSL *s, unsigned int context)
+{
+ s->post_handshake_auth = SSL_PHA_NONE;
+
+ return 1;
+}