From: Matt Caswell <matt@openssl.org>
Date: Wed, 18 Jul 2018 10:16:28 +0000 (+0100)
Subject: Don't skip over early_data if we sent an HRR
X-Git-Tag: OpenSSL_1_1_1-pre9~123
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=1c1e4160e069818a0f9ebf080f57ac5282ae1bff;p=oweals%2Fopenssl.git

Don't skip over early_data if we sent an HRR

It is not valid to send early_data after an HRR has been received.

Fixes #6734

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6737)
---

diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c
index e836769666..cf6472c757 100644
--- a/ssl/statem/statem.c
+++ b/ssl/statem/statem.c
@@ -179,7 +179,9 @@ int ossl_statem_skip_early_data(SSL *s)
     if (s->ext.early_data != SSL_EARLY_DATA_REJECTED)
         return 0;
 
-    if (!s->server || s->statem.hand_state != TLS_ST_EARLY_DATA)
+    if (!s->server
+            || s->statem.hand_state != TLS_ST_EARLY_DATA
+            || s->hello_retry_request == SSL_HRR_COMPLETE)
         return 0;
 
     return 1;