If a server is not acknowledging SNI then don't reject early_data

SNI needs to be consistent before we accept early_data. However a server may choose to not acknowledge SNI. In that case we have to expect that a client may send it anyway. We change the consistency checks so that not acknowledging is treated more a like a "wild card", accepting any SNI as being consistent. Reviewed-by: N Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4738)

If a server is not acknowledging SNI then don't reject early_data
SNI needs to be consistent before we accept early_data. However a server may choose to not acknowledge SNI. In that case we have to expect that a client may send it anyway. We change the consistency checks so that not acknowledging is treated more a like a "wild card", accepting any SNI as being consistent. Reviewed-by: N Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4738)
281bf233 · Matt Caswell · 3b587356 · 281bf233 · 281bf233
隐藏空白更改
内联并排

Showing with 6 addition and 7 deletion

ssl/statem/extensions.c ssl/statem/extensions.c +0 -2

test/sslapitest.c test/sslapitest.c +6 -5

未找到文件。
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -911,8 +911,6 @@ static int final_server_name(SSL *s, unsigned int context, int sent,

    case SSL_TLSEXT_ERR_NOACK:
        s->servername_done = 0;
-        if (s->server && s->session->ext.hostname != NULL)
-            s->ext.early_data_ok = 0;
        return 1;

    default:

--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -1961,13 +1961,11 @@ static int test_early_data_not_sent(int idx)
    return testresult;
 }

-static const char *servhostname;
-
 static int hostname_cb(SSL *s, int *al, void *arg)
 {
    const char *hostname = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);

-    if (hostname != NULL && strcmp(hostname, servhostname) == 0)
+    if (hostname != NULL && strcmp(hostname, "goodhost") == 0)
        return  SSL_TLSEXT_ERR_OK;

    return SSL_TLSEXT_ERR_NOACK;
@@ -2024,7 +2022,6 @@ static int test_early_data_psk(int idx)
                                        &serverssl, &sess, 2)))
        goto end;

-    servhostname = "goodhost";
    servalpn = "goodalpn";

    /*
@@ -2069,7 +2066,11 @@ static int test_early_data_psk(int idx)
         * Set inconsistent SNI (server detected). In this case the connection
         * will succeed but reject early_data.
         */
-        servhostname = "badhost";
+        SSL_SESSION_free(serverpsk);
+        serverpsk = SSL_SESSION_dup(clientpsk);
+        if (!TEST_ptr(serverpsk)
+                || !TEST_true(SSL_SESSION_set1_hostname(serverpsk, "badhost")))
+            goto end;
        edstatus = SSL_EARLY_DATA_REJECTED;
        readearlyres = SSL_READ_EARLY_DATA_FINISH;
        /* Fall through */