Enable the ability to use an external PSK for sending early_data

Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3926)
author: Matt Caswell <matt@openssl.org> 2017-07-05 20:53:03 +0100
committer: Matt Caswell <matt@openssl.org> 2017-08-31 15:02:22 +0100
commit: add8d0e9e0bb80728f4b89d15573bf2e70596ceb (patch)
tree: 6cae02f58f6a3996a1288bedf14183d6a408dec8 /ssl/ssl_lib.c
parent: 177503752b24299cc97ccf07062a3b79c4f28899 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index cac8820013..70f4acf027 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -534,6 +534,9 @@ int SSL_clear(SSL *s)
     }
     SSL_SESSION_free(s->psksession);
     s->psksession = NULL;
+    OPENSSL_free(s->psksession_id);
+    s->psksession_id = NULL;
+    s->psksession_id_len = 0;
 
     s->error = 0;
     s->hit = 0;
@@ -1097,6 +1100,7 @@ void SSL_free(SSL *s)
         SSL_SESSION_free(s->session);
     }
     SSL_SESSION_free(s->psksession);
+    OPENSSL_free(s->psksession_id);
 
     clear_ciphers(s);
 
@@ -1910,8 +1914,8 @@ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written)
     case SSL_EARLY_DATA_NONE:
         if (s->server
                 || !SSL_in_before(s)
-                || s->session == NULL
-                || s->session->ext.max_early_data == 0) {
+                || ((s->session == NULL || s->session->ext.max_early_data == 0)
+                     && (s->psk_use_session_cb == NULL))) {
             SSLerr(SSL_F_SSL_WRITE_EARLY_DATA,
                    ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
             return 0;
author	Matt Caswell <matt@openssl.org>	2017-07-05 20:53:03 +0100
committer	Matt Caswell <matt@openssl.org>	2017-08-31 15:02:22 +0100
commit	add8d0e9e0bb80728f4b89d15573bf2e70596ceb (patch)
tree	6cae02f58f6a3996a1288bedf14183d6a408dec8 /ssl/ssl_lib.c
parent	177503752b24299cc97ccf07062a3b79c4f28899 (diff)