From: Matt Caswell <matt@openssl.org>
Date: Tue, 8 May 2018 13:34:27 +0000 (+0100)
Subject: Flush server side unauthenticated writes
X-Git-Tag: OpenSSL_1_1_1-pre7~66
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=5fe371570770e46f2d9e19e8b81c8bc0d47ec0d6;p=oweals%2Fopenssl.git

Flush server side unauthenticated writes

When a server call SSL_write_early_data() to write to an unauthenticated
client the buffering BIO is still in place, so we should ensure we flush
the write.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6198)
---

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 3aefa34ab2..41574c4bf2 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2023,6 +2023,9 @@ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written)
         /* We are a server writing to an unauthenticated client */
         s->early_data_state = SSL_EARLY_DATA_UNAUTH_WRITING;
         ret = SSL_write_ex(s, buf, num, written);
+        /* The buffering BIO is still in place */
+        if (ret)
+            (void)BIO_flush(s->wbio);
         s->early_data_state = early_data_state;
         return ret;