mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-30 14:01:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Improve the early data sanity check in SSL_do_handshake()

Browse Source 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737)
This commit is contained in:
Matt Caswell 2017-02-24 17:08:41 +00:00
parent 6437b802f1
commit bc908c679b
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ssl/ssl_lib.c
View File

@ -3232,9 +3232,15 @@ int SSL_do_handshake(SSL *s)
return -1;
}
if (s->early_data_state == SSL_EARLY_DATA_WRITE_RETRY
|| s->early_data_state == SSL_EARLY_DATA_CONNECT_RETRY)
return -1;
if (s->early_data_state != SSL_EARLY_DATA_NONE
&& s->early_data_state != SSL_EARLY_DATA_FINISHED_WRITING
&& s->early_data_state != SSL_EARLY_DATA_FINISHED_READING
&& s->early_data_state != SSL_EARLY_DATA_ACCEPTING
&& s->early_data_state != SSL_EARLY_DATA_CONNECTING) {
SSLerr(SSL_F_SSL_WRITE_INTERNAL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
s->method->ssl_renegotiate_check(s, 0);