Add extra validation parsing the server-to-client early_data extension

author Matt Caswell <matt@openssl.org>

Fri, 24 Feb 2017 10:29:20 +0000 (10:29 +0000)

committer Matt Caswell <matt@openssl.org>

Thu, 2 Mar 2017 17:44:15 +0000 (17:44 +0000)
author Matt Caswell <matt@openssl.org>
Fri, 24 Feb 2017 10:29:20 +0000 (10:29 +0000)
committer Matt Caswell <matt@openssl.org>
Thu, 2 Mar 2017 17:44:15 +0000 (17:44 +0000)
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c

index 1dbc355e2b9f615db4af64c8093426157d087196..778d2c87e316cdc5741e60e657538ac06eabeda1 100644 (file)
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -931,10 +931,12 @@ int tls_parse_stoc_early_data(SSL *s, PACKET *pkt, unsigned int context,
          return 0;
      }
  
-    if (s->ext.early_data != SSL_EARLY_DATA_REJECTED) {
+    if (s->ext.early_data != SSL_EARLY_DATA_REJECTED
+            || !s->hit
+            || s->session->ext.tick_identity != 0) {
          /*
-         * If we get here then we didn't send early data, so the server should
-         * not be accepting it.
+         * If we get here then we didn't send early data, or we didn't resume
+         * using the first identity so the server should not be accepting it.
           */
          *al = SSL_AD_ILLEGAL_PARAMETER;
          return 0;
author	Matt Caswell <matt@openssl.org>
	Fri, 24 Feb 2017 10:29:20 +0000 (10:29 +0000)
committer	Matt Caswell <matt@openssl.org>
	Thu, 2 Mar 2017 17:44:15 +0000 (17:44 +0000)