Fix early data bug with pause between EoED and CF

If the server received EoED then SSL_read_early_data() will return SSL_READ_EARLY_DATA_FINISH. However if the CF has not yet been processed then SSL_is_init_finished() will still return 0. Therefore we should still be able to write early data. Fixes #3041 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3089)
author: Matt Caswell <matt@openssl.org> 2017-03-30 15:24:07 +0100
committer: Matt Caswell <matt@openssl.org> 2017-03-30 15:45:45 +0100
commit: 116d0da5e8bcbb79ac1bdd1ec6bb861d9830e3a5 (patch)
tree: 1401f434d61918449de41ded823d57033ab283df /ssl
parent: 1c7ae3dd9e04d6af40d162f10c607f90da48a6fc (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index f169611c01..a76ee40680 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1829,6 +1829,7 @@ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written)
         s->early_data_state = SSL_EARLY_DATA_WRITE_RETRY;
         return ret;
 
+    case SSL_EARLY_DATA_FINISHED_READING:
     case SSL_EARLY_DATA_READ_RETRY:
         /* We are a server writing to an unauthenticated client */
         s->early_data_state = SSL_EARLY_DATA_UNAUTH_WRITING;
author	Matt Caswell <matt@openssl.org>	2017-03-30 15:24:07 +0100
committer	Matt Caswell <matt@openssl.org>	2017-03-30 15:45:45 +0100
commit	116d0da5e8bcbb79ac1bdd1ec6bb861d9830e3a5 (patch)
tree	1401f434d61918449de41ded823d57033ab283df /ssl
parent	1c7ae3dd9e04d6af40d162f10c607f90da48a6fc (diff)