diff options
author | Matt Caswell <matt@openssl.org> | 2017-11-30 11:28:26 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-12-14 15:06:38 +0000 |
commit | 5cc807da2571c52cc7c1c87197a81963def7ee3a (patch) | |
tree | c1f93c160ba832949cc0732980ade7bf97e7dec7 /ssl/statem/extensions_clnt.c | |
parent | 7b0a3ce0f9f54cf7b527fe57d98748a7aaa571bd (diff) |
Delay flush until after CCS with early_data
Normally we flush immediately after writing the ClientHello. However if
we are going to write a CCS immediately because we've got early_data to
come, then we should move the flush until after the CCS.
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4701)
Diffstat (limited to 'ssl/statem/extensions_clnt.c')
-rw-r--r-- | ssl/statem/extensions_clnt.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index f357396d81..2b3945970f 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -1664,9 +1664,9 @@ int tls_parse_stoc_supported_versions(SSL *s, PACKET *pkt, unsigned int context, * TLSv1.3, therefore we shouldn't be getting an HRR for anything else. */ if (version != TLS1_3_VERSION) { - *al = SSL_AD_PROTOCOL_VERSION; - SSLerr(SSL_F_TLS_PARSE_STOC_SUPPORTED_VERSIONS, - SSL_R_BAD_HRR_VERSION); + SSLfatal(s, SSL_AD_PROTOCOL_VERSION, + SSL_F_TLS_PARSE_STOC_SUPPORTED_VERSIONS, + SSL_R_BAD_HRR_VERSION); return 0; } return 1; |