From: Matt Caswell Date: Thu, 30 Nov 2017 14:33:22 +0000 (+0000) Subject: Issue a CCS from the client if we received an HRR X-Git-Tag: OpenSSL_1_1_1-pre1~279 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=318d3c0e62d0de511b8721e087278a6c70db8b92;p=oweals%2Fopenssl.git Issue a CCS from the client if we received an HRR Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/4701) --- diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 6313b31a08..51cdd585d7 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -498,8 +498,16 @@ WRITE_TRAN ossl_statem_client_write_transition(SSL *s) return WRITE_TRAN_FINISHED; case TLS_ST_CR_SRVR_HELLO: - /* We only get here in TLSv1.3 */ - st->hand_state = TLS_ST_CW_CLNT_HELLO; + /* + * We only get here in TLSv1.3. We just received an HRR, so issue a + * CCS unless middlebox compat mode is off, or we already issued one + * because we did early data. + */ + if ((s->options & SSL_OP_ENABLE_MIDDLEBOX_COMPAT) != 0 + && s->early_data_state != SSL_EARLY_DATA_FINISHED_WRITING) + st->hand_state = TLS_ST_CW_CHANGE; + else + st->hand_state = TLS_ST_CW_CLNT_HELLO; return WRITE_TRAN_CONTINUE; case TLS_ST_EARLY_DATA: @@ -546,7 +554,9 @@ WRITE_TRAN ossl_statem_client_write_transition(SSL *s) return WRITE_TRAN_CONTINUE; case TLS_ST_CW_CHANGE: - if (s->early_data_state == SSL_EARLY_DATA_CONNECTING) { + if (s->hello_retry_request == SSL_HRR_PENDING) { + st->hand_state = TLS_ST_CW_CLNT_HELLO; + } else if (s->early_data_state == SSL_EARLY_DATA_CONNECTING) { st->hand_state = TLS_ST_EARLY_DATA; } else { #if defined(OPENSSL_NO_NEXTPROTONEG) @@ -723,7 +733,7 @@ WORK_STATE ossl_statem_client_post_work(SSL *s, WORK_STATE wst) break; case TLS_ST_CW_CHANGE: - if (SSL_IS_TLS13(s)) + if (SSL_IS_TLS13(s) || s->hello_retry_request == SSL_HRR_PENDING) break; if (s->early_data_state == SSL_EARLY_DATA_CONNECTING && s->max_early_data > 0) {