return -1;
}
+ if (s->early_data_state == SSL_EARLY_DATA_WRITING
+ && !early_data_count_ok(s, len, 0, NULL))
+ return -1;
+
s->rlayer.wnum = 0;
if (SSL_in_init(s) && !ossl_statem_get_in_handshake(s)) {
uint32_t max_early_data = s->max_early_data;
/*
- * We go with the lowest out of the max early data set in the session
- * and the configured max_early_data.
+ * If we are a client then we always use the max_early_data from the
+ * session. Otherwise we go with the lowest out of the max early data set in
+ * the session and the configured max_early_data.
*/
- if (s->hit && s->session->ext.max_early_data < s->max_early_data)
+ if (!s->server || (s->hit
+ && s->session->ext.max_early_data < s->max_early_data))
max_early_data = s->session->ext.max_early_data;
if (max_early_data == 0) {
- *al = SSL_AD_UNEXPECTED_MESSAGE;
+ if (al != NULL)
+ *al = SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_EARLY_DATA_COUNT_OK, SSL_R_TOO_MUCH_EARLY_DATA);
return 0;
}
/* If we are dealing with ciphertext we need to allow for the overhead */
max_early_data += overhead;
- s->early_data_count += length;
- if (s->early_data_count > max_early_data) {
- *al = SSL_AD_UNEXPECTED_MESSAGE;
+ if (s->early_data_count + length > max_early_data) {
+ if (al != NULL)
+ *al = SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_EARLY_DATA_COUNT_OK, SSL_R_TOO_MUCH_EARLY_DATA);
return 0;
}
+ s->early_data_count += length;
return 1;
}
projects / oweals / openssl.git / commitdiff