Enable the server to call SSL_write() without stopping the ability to call SSL_read_e...

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737)

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index dabcc4a6a211fa5a0a9960f9b5fb54e052ef973e..38185975bee615686d132c2a3ec53c5702c85b28 100644 (file)
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -900,8 +900,8 @@ typedef enum {
     TLS_ST_CW_KEY_UPDATE,
     TLS_ST_SR_KEY_UPDATE,
     TLS_ST_CR_KEY_UPDATE,
-    TLS_ST_CW_EARLY_DATA,
-    TLS_ST_CW_PENDING_EARLY_DATA_END
+    TLS_ST_EARLY_DATA,
+    TLS_ST_PENDING_EARLY_DATA_END
 } OSSL_HANDSHAKE_STATE;
 
 /*

diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c
index a1807f2a40dce3d489fa316edd789de29324b256..50c43459711d2e0532f42cb55f4d22acd115db38 100644 (file)
--- a/ssl/statem/statem.c
+++ b/ssl/statem/statem.c
@@ -170,9 +170,11 @@ int ossl_statem_skip_early_data(SSL *s)
 
 void ossl_statem_check_finish_init(SSL *s, int send)
 {
-    if ((send && s->statem.hand_state == TLS_ST_CW_PENDING_EARLY_DATA_END)
-            || (!send && s->statem.hand_state == TLS_ST_CW_EARLY_DATA))
-        ossl_statem_set_in_init(s, 1);
+    if (!s->server) {
+        if ((send && s->statem.hand_state == TLS_ST_PENDING_EARLY_DATA_END)
+                || (!send && s->statem.hand_state == TLS_ST_EARLY_DATA))
+            ossl_statem_set_in_init(s, 1);
+    }
 }
 
 void ossl_statem_set_hello_verify_done(SSL *s)

diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 6fdb37ec7a7ced95a8dacc80a7a5c11086f1013c..9a29ab5b8b413b5eb38bef4ba9fd193cf16e2d6e 100644 (file)
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -253,7 +253,7 @@ int ossl_statem_client_read_transition(SSL *s, int mt)
         }
         break;
 
-    case TLS_ST_CW_EARLY_DATA:
+    case TLS_ST_EARLY_DATA:
         /*
          * We've not actually selected TLSv1.3 yet, but we have sent early
          * data. The only thing allowed now is a ServerHello or a
@@ -436,13 +436,13 @@ static WRITE_TRAN ossl_statem_client13_write_transition(SSL *s)
 
     case TLS_ST_CR_FINISHED:
         if (s->early_data_state == SSL_EARLY_DATA_WRITE_RETRY)
-            st->hand_state = TLS_ST_CW_PENDING_EARLY_DATA_END;
+            st->hand_state = TLS_ST_PENDING_EARLY_DATA_END;
         else
             st->hand_state = (s->s3->tmp.cert_req != 0) ? TLS_ST_CW_CERT
                                                         : TLS_ST_CW_FINISHED;
         return WRITE_TRAN_CONTINUE;
 
-    case TLS_ST_CW_PENDING_EARLY_DATA_END:
+    case TLS_ST_PENDING_EARLY_DATA_END:
         st->hand_state = (s->s3->tmp.cert_req != 0) ? TLS_ST_CW_CERT
                                                     : TLS_ST_CW_FINISHED;
         return WRITE_TRAN_CONTINUE;
@@ -521,7 +521,7 @@ WRITE_TRAN ossl_statem_client_write_transition(SSL *s)
              * We are assuming this is a TLSv1.3 connection, although we haven't
              * actually selected a version yet.
              */
-            st->hand_state = TLS_ST_CW_EARLY_DATA;
+            st->hand_state = TLS_ST_EARLY_DATA;
             return WRITE_TRAN_CONTINUE;
         }
         /*
@@ -530,7 +530,7 @@ WRITE_TRAN ossl_statem_client_write_transition(SSL *s)
          */
         return WRITE_TRAN_FINISHED;
 
-    case TLS_ST_CW_EARLY_DATA:
+    case TLS_ST_EARLY_DATA:
         return WRITE_TRAN_FINISHED;
 
     case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
@@ -666,8 +666,8 @@ WORK_STATE ossl_statem_client_pre_work(SSL *s, WORK_STATE wst)
         }
         break;
 
-    case TLS_ST_CW_EARLY_DATA:
-    case TLS_ST_CW_PENDING_EARLY_DATA_END:
+    case TLS_ST_EARLY_DATA:
+    case TLS_ST_PENDING_EARLY_DATA_END:
     case TLS_ST_OK:
         return tls_finish_handshake(s, wst, 1);
     }

diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 2b0ff57bad485f841996de2803b6034656e93517..9d15252a9f9cbfdeae51d777740f2b2b0f945068 100644 (file)
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -93,6 +93,7 @@ static int ossl_statem_server13_read_transition(SSL *s, int mt)
         }
         break;
 
+    case TLS_ST_EARLY_DATA:
     case TLS_ST_SW_FINISHED:
         if (s->s3->tmp.cert_request) {
             if (mt == SSL3_MT_CERTIFICATE) {
@@ -461,11 +462,14 @@ static WRITE_TRAN ossl_statem_server13_write_transition(SSL *s)
 
     case TLS_ST_SW_FINISHED:
         if (s->early_data_state == SSL_EARLY_DATA_ACCEPTING) {
-            st->hand_state = TLS_ST_OK;
+            st->hand_state = TLS_ST_EARLY_DATA;
             return WRITE_TRAN_CONTINUE;
         }
         return WRITE_TRAN_FINISHED;
 
+    case TLS_ST_EARLY_DATA:
+        return WRITE_TRAN_FINISHED;
+
     case TLS_ST_SR_FINISHED:
         /*
          * Technically we have finished the handshake at this point, but we're
@@ -703,6 +707,7 @@ WORK_STATE ossl_statem_server_pre_work(SSL *s, WORK_STATE wst)
         }
         return WORK_FINISHED_CONTINUE;
 
+    case TLS_ST_EARLY_DATA:
     case TLS_ST_OK:
         return tls_finish_handshake(s, wst, 1);
     }