Flush server side unauthenticated writes

When a server call SSL_write_early_data() to write to an unauthenticated client the buffering BIO is still in place, so we should ensure we flush the write. Reviewed-by: N Viktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6198)

Flush server side unauthenticated writes
When a server call SSL_write_early_data() to write to an unauthenticated client the buffering BIO is still in place, so we should ensure we flush the write. Reviewed-by: N Viktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6198)
5fe37157 · Matt Caswell · e8251092 · 5fe37157
隐藏空白更改
内联并排

Showing with 3 addition and 0 deletion

ssl/ssl_lib.c ssl/ssl_lib.c +3 -0

未找到文件。
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2023,6 +2023,9 @@ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written)
        /* We are a server writing to an unauthenticated client */
        s->early_data_state = SSL_EARLY_DATA_UNAUTH_WRITING;
        ret = SSL_write_ex(s, buf, num, written);
+        /* The buffering BIO is still in place */
+        if (ret)
+            (void)BIO_flush(s->wbio);
        s->early_data_state = early_data_state;
        return ret;