Various review fixes for PSK early_data support

Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3926)
author: Matt Caswell <matt@openssl.org> 2017-08-31 14:32:51 +0100
committer: Matt Caswell <matt@openssl.org> 2017-08-31 15:03:35 +0100
commit: 0ef2802165706016698d6984dfcb2980881f18e5 (patch)
tree: e8e2a68cbe3484327102bc551cd17728ff36dfb0 /ssl/record
parent: 57dee9bb684268aa434a2bfe7ff4743a14a62ff0 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/ssl/record/ssl3_record_tls13.c b/ssl/record/ssl3_record_tls13.c
index 0c3fc6bf16..696cc37fd3 100644
--- a/ssl/record/ssl3_record_tls13.c
+++ b/ssl/record/ssl3_record_tls13.c
@@ -58,10 +58,14 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending)
 
     if (s->early_data_state == SSL_EARLY_DATA_WRITING
             || s->early_data_state == SSL_EARLY_DATA_WRITE_RETRY) {
-        if (s->session != NULL && s->session->ext.max_early_data > 0)
+        if (s->session != NULL && s->session->ext.max_early_data > 0) {
             alg_enc = s->session->cipher->algorithm_enc;
-        else
+        } else {
+            if (!ossl_assert(s->psksession != NULL
+                             && s->psksession->ext.max_early_data > 0))
+                return -1;
             alg_enc = s->psksession->cipher->algorithm_enc;
+        }
     } else {
         /*
          * To get here we must have selected a ciphersuite - otherwise ctx would
author	Matt Caswell <matt@openssl.org>	2017-08-31 14:32:51 +0100
committer	Matt Caswell <matt@openssl.org>	2017-08-31 15:03:35 +0100
commit	0ef2802165706016698d6984dfcb2980881f18e5 (patch)
tree	e8e2a68cbe3484327102bc551cd17728ff36dfb0 /ssl/record
parent	57dee9bb684268aa434a2bfe7ff4743a14a62ff0 (diff)