On Wed, Nov 22, 2017 at 05:42:42PM +0100, Olivier Houchard wrote: > Hi, > > We mistakely only try to go back to the SSL handshake when not able to send > early data if we're acting as a client, that is wrong, and leads to an > infinite loop if it happens on the server side. > The attached patch should fix this. >
And a second patch on top of this one. We should not stop trying to read early data until SSL_read_early_data() returns SSL_READ_EARLY_DATA_FINISH. Regards, Olivier
>From 3d4df5b19799c513a74caa744ac3d0df81467608 Mon Sep 17 00:00:00 2001 From: Olivier Houchard <[email protected]> Date: Wed, 22 Nov 2017 19:12:10 +0100 Subject: [PATCH 2/2] MINOR: ssl: Don't disable early data handling if we could not write. If we can't write early data, for some reason, don't give up on reading them, they may still be early data to be read, and if we don't do so, openssl internal states might be inconsistent, and the handshake will fail. --- src/ssl_sock.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/ssl_sock.c b/src/ssl_sock.c index b8793fce6..24bb36877 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -5514,7 +5514,6 @@ static int ssl_sock_from_buf(struct connection *conn, struct buffer *buf, int fl if (try + conn->tmp_early_data > max_early) { try -= (try + conn->tmp_early_data) - max_early; if (try <= 0) { - conn->flags &= ~CO_FL_EARLY_SSL_HS; conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN; break; } -- 2.14.3
