diff options
-rw-r--r-- | ssl/record/rec_layer_s3.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index e8e9329f6e..b51807c088 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -1496,6 +1496,8 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, */ if ((s->rlayer.handshake_fragment_len >= 4) && !ossl_statem_get_in_handshake(s)) { + int ined = (s->early_data_state == SSL_EARLY_DATA_READING); + /* We found handshake data, so we're going back into init */ ossl_statem_set_in_init(s, 1); @@ -1507,6 +1509,14 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, return -1; } + /* + * If we were actually trying to read early data and we found a + * handshake message, then we don't want to continue to try and read + * the application data any more. It won't be "early" now. + */ + if (ined) + return -1; + if (!(s->mode & SSL_MODE_AUTO_RETRY)) { if (SSL3_BUFFER_get_left(rbuf) == 0) { /* no read-ahead left? */ |