From 39ef78210c7110600e083e7aec8fe7cda076522b Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Wed, 29 Mar 2017 17:00:55 +0100 Subject: [PATCH] Fix bug with SSL_read_early_data() If read_ahead is set, or SSL_MODE_AUTO_RETRY is used then if SSL_read_early_data() hits an EndOfEarlyData message then it will immediately retry automatically, but this time read normal data instead of early data! Fixes #3041 Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/3077) --- ssl/record/rec_layer_s3.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index e8e9329f6e..b51807c088 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -1496,6 +1496,8 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, */ if ((s->rlayer.handshake_fragment_len >= 4) && !ossl_statem_get_in_handshake(s)) { + int ined = (s->early_data_state == SSL_EARLY_DATA_READING); + /* We found handshake data, so we're going back into init */ ossl_statem_set_in_init(s, 1); @@ -1507,6 +1509,14 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, return -1; } + /* + * If we were actually trying to read early data and we found a + * handshake message, then we don't want to continue to try and read + * the application data any more. It won't be "early" now. + */ + if (ined) + return -1; + if (!(s->mode & SSL_MODE_AUTO_RETRY)) { if (SSL3_BUFFER_get_left(rbuf) == 0) { /* no read-ahead left? */ -- 2.34.1