Don't handle handshake messages when writing early data on server

If we have received the EoED message but not yet had the CF then we are "in init". Despite that we still want to write application data, so suppress the "in init" check in ssl3_write_bytes() in that scenario. Fixes #3041 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3091)
author: Matt Caswell <matt@openssl.org> 2017-03-30 17:35:55 +0100
committer: Matt Caswell <matt@openssl.org> 2017-04-03 19:07:29 +0100
commit: 59cebcf9f6cfd6c9703357c638aabb9c508c84bc (patch)
tree: 19197949fc954b01e73ecd99ae084b42331385cb /ssl
parent: a8e75d56804540dfc588bad9cf1c412c675cab89 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index b51807c088..562b9e454b 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -367,7 +367,13 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len,
 
     s->rlayer.wnum = 0;
 
-    if (SSL_in_init(s) && !ossl_statem_get_in_handshake(s)) {
+    /*
+     * When writing early data on the server side we could be "in_init" in
+     * between receiving the EoED and the CF - but we don't want to handle those
+     * messages yet.
+     */
+    if (SSL_in_init(s) && !ossl_statem_get_in_handshake(s)
+            && s->early_data_state != SSL_EARLY_DATA_UNAUTH_WRITING) {
         i = s->handshake_func(s);
         if (i < 0)
             return i;
author	Matt Caswell <matt@openssl.org>	2017-03-30 17:35:55 +0100
committer	Matt Caswell <matt@openssl.org>	2017-04-03 19:07:29 +0100
commit	59cebcf9f6cfd6c9703357c638aabb9c508c84bc (patch)
tree	19197949fc954b01e73ecd99ae084b42331385cb /ssl
parent	a8e75d56804540dfc588bad9cf1c412c675cab89 (diff)