diff options
| author | Matt Caswell <matt@openssl.org> | 2017-02-27 11:19:57 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2017-03-02 17:44:16 +0000 |
| commit | f7e393be4725c33739d46a58de94a06ebdc6e49d (patch) | |
| tree | add97239b271f4ecc41c7f1c27e63a6470432aaa /ssl/tls13_enc.c | |
| parent | d7f8783ff9e88ad34e010564d721a55a48c6d674 (diff) | |
Various fixes required to allow SSL_write/SSL_read during early data
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737)
Diffstat (limited to 'ssl/tls13_enc.c')
| -rw-r--r-- | ssl/tls13_enc.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index db8de1d1ca..47d23bd365 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -430,15 +430,15 @@ int tls13_change_cipher_state(SSL *s, int which) labellen = sizeof(client_handshake_traffic) - 1; log_label = CLIENT_HANDSHAKE_LABEL; /* - * The hanshake hash used for the server read handshake traffic - * secret is the same as the hash for the server write handshake - * traffic secret. However, if we processed early data then we delay - * changing the server read cipher state until later, and the - * handshake hashes have moved on. Therefore we use the value saved - * earlier when we did the server write change cipher state. + * The hanshake hash used for the server read/client write handshake + * traffic secret is the same as the hash for the server + * write/client read handshake traffic secret. However, if we + * processed early data then we delay changing the server + * read/client write cipher state until later, and the handshake + * hashes have moved on. Therefore we use the value saved earlier + * when we did the server write/client read change cipher state. */ - if (s->server) - hash = s->handshake_traffic_hash; + hash = s->handshake_traffic_hash; } else { insecret = s->master_secret; label = client_application_traffic; @@ -486,7 +486,7 @@ int tls13_change_cipher_state(SSL *s, int which) if (label == server_application_traffic) memcpy(s->server_finished_hash, hashval, hashlen); - if (s->server && label == server_handshake_traffic) + if (label == server_handshake_traffic) memcpy(s->handshake_traffic_hash, hashval, hashlen); if (label == client_application_traffic) { |