[openssl-commits] [openssl] master update

Matt Caswell matt at openssl.org
Mon Apr 3 18:14:18 UTC 2017


The branch master has been updated
       via  a0cb628b17ecfd6e161870376b925a0045c99d00 (commit)
       via  90049cea2331ffecb744ee23399be242a2866e2e (commit)
       via  bbea9f2c5f6a134505a899383c22098f3406c5f5 (commit)
       via  f8a303fa7d6dbda31dc253f691d0e3224681ec2e (commit)
       via  59cebcf9f6cfd6c9703357c638aabb9c508c84bc (commit)
      from  a8e75d56804540dfc588bad9cf1c412c675cab89 (commit)


- Log -----------------------------------------------------------------
commit a0cb628b17ecfd6e161870376b925a0045c99d00
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Apr 3 14:22:26 2017 +0100

    Tweak a style issue
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/3091)

commit 90049cea2331ffecb744ee23399be242a2866e2e
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Apr 3 14:18:24 2017 +0100

    Add a test for the problem fixed by the previous commit
    
    Make sure the server can write normal data after earlier writing early data.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/3091)

commit bbea9f2c5f6a134505a899383c22098f3406c5f5
Author: Tatsuhiro Tsujikawa <tatsuhiro.t at gmail.com>
Date:   Mon Apr 3 14:17:58 2017 +0100

    Restore s->early_data_state with the original value
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/3091)

commit f8a303fa7d6dbda31dc253f691d0e3224681ec2e
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Mar 30 17:38:15 2017 +0100

    Update early data test for an even later arrival of CF
    
    Commit 9b5c865df introduced a synthetic delay between arrival of EoED and
    CF. We actually want to delay the arrival of CF even further to demonstrate
    that we can write early data even when "in init".
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/3091)

commit 59cebcf9f6cfd6c9703357c638aabb9c508c84bc
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Mar 30 17:35:55 2017 +0100

    Don't handle handshake messages when writing early data on server
    
    If we have received the EoED message but not yet had the CF then we are
    "in init". Despite that we still want to write application data, so suppress
    the "in init" check in ssl3_write_bytes() in that scenario.
    
    Fixes #3041
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/3091)

-----------------------------------------------------------------------

Summary of changes:
 ssl/record/rec_layer_s3.c |  8 +++++++-
 ssl/ssl_lib.c             |  5 +++--
 test/sslapitest.c         | 45 ++++++++++++++++++++++++++++-----------------
 3 files changed, 38 insertions(+), 20 deletions(-)

diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index b51807c..562b9e4 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -367,7 +367,13 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len,
 
     s->rlayer.wnum = 0;
 
-    if (SSL_in_init(s) && !ossl_statem_get_in_handshake(s)) {
+    /*
+     * When writing early data on the server side we could be "in_init" in
+     * between receiving the EoED and the CF - but we don't want to handle those
+     * messages yet.
+     */
+    if (SSL_in_init(s) && !ossl_statem_get_in_handshake(s)
+            && s->early_data_state != SSL_EARLY_DATA_UNAUTH_WRITING) {
         i = s->handshake_func(s);
         if (i < 0)
             return i;
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 61e1a7a..24fc994 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1799,7 +1799,7 @@ int SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *written)
 
 int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written)
 {
-    int ret;
+    int ret, early_data_state;
 
     switch (s->early_data_state) {
     case SSL_EARLY_DATA_NONE:
@@ -1831,10 +1831,11 @@ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written)
 
     case SSL_EARLY_DATA_FINISHED_READING:
     case SSL_EARLY_DATA_READ_RETRY:
+        early_data_state = s->early_data_state;
         /* We are a server writing to an unauthenticated client */
         s->early_data_state = SSL_EARLY_DATA_UNAUTH_WRITING;
         ret = SSL_write_ex(s, buf, num, written);
-        s->early_data_state = SSL_EARLY_DATA_READ_RETRY;
+        s->early_data_state = early_data_state;
         return ret;
 
     default:
diff --git a/test/sslapitest.c b/test/sslapitest.c
index ab1d6ff..ed804c9 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -1544,7 +1544,8 @@ static int test_set_sigalgs(int idx)
 #define MSG3    "This"
 #define MSG4    "is"
 #define MSG5    "a"
-#define MSG6    "test."
+#define MSG6    "test"
+#define MSG7    "message."
 
 /*
  * Helper method to setup objects for early data test. Caller frees objects on
@@ -1721,13 +1722,6 @@ static int test_early_data_read_write(int idx)
         goto end;
     }
 
-    /* Push the ClientFinished and the normal data back into the server rbio */
-    if (!BIO_write_ex(rbio, data + eoedlen, rawread - eoedlen, &rawwritten)
-            || rawwritten != rawread - eoedlen) {
-        printf("Failed to write the ClientFinished and data to server rbio\n");
-        goto end;
-    }
-
     /*
      * Server has not finished init yet, so should still be able to write early
      * data.
@@ -1738,6 +1732,13 @@ static int test_early_data_read_write(int idx)
         goto end;
     }
 
+    /* Push the ClientFinished and the normal data back into the server rbio */
+    if (!BIO_write_ex(rbio, data + eoedlen, rawread - eoedlen, &rawwritten)
+            || rawwritten != rawread - eoedlen) {
+        printf("Failed to write the ClientFinished and data to server rbio\n");
+        goto end;
+    }
+
     /* Server should be able to read normal data */
     if (!SSL_read_ex(serverssl, buf, sizeof(buf), &readbytes)
             || readbytes != strlen(MSG5)) {
@@ -1759,25 +1760,35 @@ static int test_early_data_read_write(int idx)
     }
     ERR_clear_error();
 
+    /* Client should be able to read the data sent by the server */
+    if (!SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes)
+            || readbytes != strlen(MSG6)
+            || memcmp(MSG6, buf, strlen(MSG6))) {
+        printf("Failed reading message 6\n");
+        goto end;
+    }
     /*
      * Make sure we process the NewSessionTicket. This arrives post-handshake.
-     * We attempt a read which we do not expect to return any data.  Doesn't
-     * apply when read_ahead is in use - the ticket will get processed along
-     * with the application data in the second read below.
+     * We attempt a read which we do not expect to return any data.
      */
-    if (idx == 0 && SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes)) {
+    if (SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes)) {
         printf("Unexpected success doing final client read\n");
         goto end;
     }
-    /* Client should be able to read the data sent by the server */
+
+    /* Server should be able to write normal data */
+    if (!SSL_write_ex(serverssl, MSG7, strlen(MSG7), &written)
+            || written != strlen(MSG7)) {
+        printf("Failed writing normal data message 7\n");
+        goto end;
+    }
     if (!SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes)
-            || readbytes != strlen(MSG6)
-            || memcmp(MSG6, buf, strlen(MSG6))) {
-        printf("Failed reading message 6\n");
+            || readbytes != strlen(MSG7)
+            || memcmp(MSG7, buf, strlen(MSG7))) {
+        printf("Failed reading message 7\n");
         goto end;
     }
 
-
     SSL_SESSION_free(sess);
     sess = SSL_get1_session(clientssl);
 


More information about the openssl-commits mailing list