Skip to content

Commit 0fae0a7

Browse files
dgarskedgarske
authored
Merge pull request #9397 from rizlik/earlydata_want_write_fixes
wolfssl: preserve early-data handling across WANT_WRITE retries
2 parents d885749 + bafb8e5 commit 0fae0a7

5 files changed

Lines changed: 356 additions & 212 deletions

File tree

src/internal.c

Lines changed: 31 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -22316,17 +22316,6 @@ static int DoProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
2231622316
return ssl->error;
2231722317
}
2231822318

22319-
/* If checking alert on error (allowSocketErr == 1) do not try and
22320-
* process alerts for async or ocsp non blocking */
22321-
#if defined(WOLFSSL_CHECK_ALERT_ON_ERR) && \
22322-
(defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP))
22323-
if (allowSocketErr == 1 && \
22324-
(ssl->error == WC_NO_ERR_TRACE(WC_PENDING_E) ||
22325-
ssl->error == WC_NO_ERR_TRACE(OCSP_WANT_READ))) {
22326-
return ssl->error;
22327-
}
22328-
#endif
22329-
2233022319
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_ASYNC_CRYPT)
2233122320
/* process any pending DTLS messages - this flow can happen with async */
2233222321
if (ssl->dtls_rx_msg_list != NULL) {
@@ -42549,6 +42538,37 @@ int wolfSSL_TestAppleNativeCertValidation_AppendCA(WOLFSSL_CTX* ctx,
4254942538

4255042539
#endif /* defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS) */
4255142540

42541+
/* Do not try to process error for async, non blocking io, and app_read */
42542+
void wolfssl_local_MaybeCheckAlertOnErr(WOLFSSL* ssl, int err)
42543+
{
42544+
#if defined(WOLFSSL_CHECK_ALERT_ON_ERR)
42545+
#if defined(WOLFSSL_ASYNC_CRYPT)
42546+
if (err == WC_NO_ERR_TRACE(WC_PENDING_E)) {
42547+
return;
42548+
}
42549+
#endif
42550+
#if defined(WOLFSSL_NONBLOCK_OCSP)
42551+
if (err == WC_NO_ERR_TRACE(OCSP_WANT_READ)) {
42552+
return;
42553+
}
42554+
#endif
42555+
#if defined(WOLFSSL_EARLY_DATA)
42556+
if (err == WC_NO_ERR_TRACE(APP_DATA_READY)) {
42557+
return;
42558+
}
42559+
#endif
42560+
if (err == WC_NO_ERR_TRACE(WANT_WRITE) ||
42561+
err == WC_NO_ERR_TRACE(WANT_READ)) {
42562+
return;
42563+
}
42564+
/* check if an alert was sent */
42565+
ProcessReplyEx(ssl, 1);
42566+
#else
42567+
(void)ssl;
42568+
(void)err;
42569+
#endif /* WOLFSSL_CHECK_ALERT_ON_ERR */
42570+
}
42571+
4255242572
#undef ERROR_OUT
4255342573

4255442574
#endif /* !WOLFCRYPT_ONLY */

src/ssl.c

Lines changed: 14 additions & 43 deletions
Original file line numberDiff line numberDiff line change
@@ -10591,9 +10591,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
1059110591
#endif
1059210592
if (ssl->options.sendVerify) {
1059310593
if ( (ssl->error = SendCertificate(ssl)) != 0) {
10594-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
10595-
ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
10596-
#endif
10594+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1059710595
WOLFSSL_ERROR(ssl->error);
1059810596
return WOLFSSL_FATAL_ERROR;
1059910597
}
@@ -10612,9 +10610,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
1061210610
#endif
1061310611
if (!ssl->options.resuming) {
1061410612
if ( (ssl->error = SendClientKeyExchange(ssl)) != 0) {
10615-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
10616-
ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
10617-
#endif
10613+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1061810614
#ifdef WOLFSSL_EXTRA_ALERTS
1061910615
if (ssl->error == WC_NO_ERR_TRACE(NO_PEER_KEY) ||
1062010616
ssl->error == WC_NO_ERR_TRACE(PSK_KEY_ERROR)) {
@@ -10643,9 +10639,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
1064310639
#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CLIENT_AUTH)
1064410640
if (ssl->options.sendVerify) {
1064510641
if ( (ssl->error = SendCertificateVerify(ssl)) != 0) {
10646-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
10647-
ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
10648-
#endif
10642+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1064910643
WOLFSSL_ERROR(ssl->error);
1065010644
return WOLFSSL_FATAL_ERROR;
1065110645
}
@@ -10658,9 +10652,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
1065810652

1065910653
case FIRST_REPLY_THIRD :
1066010654
if ( (ssl->error = SendChangeCipher(ssl)) != 0) {
10661-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
10662-
ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
10663-
#endif
10655+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1066410656
WOLFSSL_ERROR(ssl->error);
1066510657
return WOLFSSL_FATAL_ERROR;
1066610658
}
@@ -10671,9 +10663,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
1067110663

1067210664
case FIRST_REPLY_FOURTH :
1067310665
if ( (ssl->error = SendFinished(ssl)) != 0) {
10674-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
10675-
ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
10676-
#endif
10666+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1067710667
WOLFSSL_ERROR(ssl->error);
1067810668
return WOLFSSL_FATAL_ERROR;
1067910669
}
@@ -11051,9 +11041,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
1105111041
return WOLFSSL_FATAL_ERROR;
1105211042
}
1105311043
if ( (ssl->error = SendServerHello(ssl)) != 0) {
11054-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
11055-
ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
11056-
#endif
11044+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1105711045
WOLFSSL_ERROR(ssl->error);
1105811046
return WOLFSSL_FATAL_ERROR;
1105911047
}
@@ -11070,9 +11058,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
1107011058
#ifndef NO_CERTS
1107111059
if (!ssl->options.resuming)
1107211060
if ( (ssl->error = SendCertificate(ssl)) != 0) {
11073-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
11074-
ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
11075-
#endif
11061+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1107611062
WOLFSSL_ERROR(ssl->error);
1107711063
return WOLFSSL_FATAL_ERROR;
1107811064
}
@@ -11085,9 +11071,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
1108511071
#ifndef NO_CERTS
1108611072
if (!ssl->options.resuming)
1108711073
if ( (ssl->error = SendCertificateStatus(ssl)) != 0) {
11088-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
11089-
ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
11090-
#endif
11074+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1109111075
WOLFSSL_ERROR(ssl->error);
1109211076
return WOLFSSL_FATAL_ERROR;
1109311077
}
@@ -11104,9 +11088,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
1110411088
#endif
1110511089
if (!ssl->options.resuming)
1110611090
if ( (ssl->error = SendServerKeyExchange(ssl)) != 0) {
11107-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
11108-
ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
11109-
#endif
11091+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1111011092
WOLFSSL_ERROR(ssl->error);
1111111093
return WOLFSSL_FATAL_ERROR;
1111211094
}
@@ -11119,10 +11101,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
1111911101
if (!ssl->options.resuming) {
1112011102
if (ssl->options.verifyPeer) {
1112111103
if ( (ssl->error = SendCertificateRequest(ssl)) != 0) {
11122-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
11123-
/* See if an alert was sent. */
11124-
ProcessReplyEx(ssl, 1);
11125-
#endif
11104+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1112611105
WOLFSSL_ERROR(ssl->error);
1112711106
return WOLFSSL_FATAL_ERROR;
1112811107
}
@@ -11140,9 +11119,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
1114011119
case CERT_REQ_SENT :
1114111120
if (!ssl->options.resuming)
1114211121
if ( (ssl->error = SendServerHelloDone(ssl)) != 0) {
11143-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
11144-
ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
11145-
#endif
11122+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1114611123
WOLFSSL_ERROR(ssl->error);
1114711124
return WOLFSSL_FATAL_ERROR;
1114811125
}
@@ -11181,9 +11158,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
1118111158
#ifdef HAVE_SESSION_TICKET
1118211159
if (ssl->options.createTicket && !ssl->options.noTicketTls12) {
1118311160
if ( (ssl->error = SendTicket(ssl)) != 0) {
11184-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
11185-
ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
11186-
#endif
11161+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1118711162
WOLFSSL_MSG("Thought we need ticket but failed");
1118811163
WOLFSSL_ERROR(ssl->error);
1118911164
return WOLFSSL_FATAL_ERROR;
@@ -11202,9 +11177,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
1120211177
}
1120311178

1120411179
if ( (ssl->error = SendChangeCipher(ssl)) != 0) {
11205-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
11206-
ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
11207-
#endif
11180+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1120811181
WOLFSSL_ERROR(ssl->error);
1120911182
return WOLFSSL_FATAL_ERROR;
1121011183
}
@@ -11214,9 +11187,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
1121411187

1121511188
case CHANGE_CIPHER_SENT :
1121611189
if ( (ssl->error = SendFinished(ssl)) != 0) {
11217-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
11218-
ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
11219-
#endif
11190+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1122011191
WOLFSSL_ERROR(ssl->error);
1122111192
return WOLFSSL_FATAL_ERROR;
1122211193
}

src/tls13.c

Lines changed: 40 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -13396,24 +13396,26 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
1339613396

1339713397
ssl->options.connectState = CLIENT_HELLO_SENT;
1339813398
WOLFSSL_MSG("TLSv13 connect state: CLIENT_HELLO_SENT");
13399+
FALL_THROUGH;
13400+
13401+
case CLIENT_HELLO_SENT:
1339913402
#ifdef WOLFSSL_EARLY_DATA
13400-
if (ssl->earlyData != no_early_data) {
13403+
if (ssl->earlyData != no_early_data &&
13404+
ssl->options.handShakeState != CLIENT_HELLO_COMPLETE) {
1340113405
#if defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT)
13402-
if (!ssl->options.dtls && ssl->options.tls13MiddleBoxCompat) {
13403-
if ((ssl->error = SendChangeCipher(ssl)) != 0) {
13404-
WOLFSSL_ERROR(ssl->error);
13405-
return WOLFSSL_FATAL_ERROR;
13406+
if (!ssl->options.dtls &&
13407+
ssl->options.tls13MiddleBoxCompat) {
13408+
if ((ssl->error = SendChangeCipher(ssl)) != 0) {
13409+
WOLFSSL_ERROR(ssl->error);
13410+
return WOLFSSL_FATAL_ERROR;
13411+
}
13412+
ssl->options.sentChangeCipher = 1;
1340613413
}
13407-
ssl->options.sentChangeCipher = 1;
13408-
}
1340913414
#endif
13410-
ssl->options.handShakeState = CLIENT_HELLO_COMPLETE;
13411-
return WOLFSSL_SUCCESS;
13415+
ssl->options.handShakeState = CLIENT_HELLO_COMPLETE;
13416+
return WOLFSSL_SUCCESS;
1341213417
}
1341313418
#endif
13414-
FALL_THROUGH;
13415-
13416-
case CLIENT_HELLO_SENT:
1341713419
/* Get the response/s from the server. */
1341813420
while (ssl->options.serverState <
1341913421
SERVER_HELLOVERIFYREQUEST_COMPLETE) {
@@ -13546,9 +13548,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
1354613548
if (!ssl->options.resuming && ssl->options.sendVerify) {
1354713549
ssl->error = SendTls13Certificate(ssl);
1354813550
if (ssl->error != 0) {
13549-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
13550-
ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
13551-
#endif
13551+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1355213552
WOLFSSL_ERROR(ssl->error);
1355313553
return WOLFSSL_FATAL_ERROR;
1355413554
}
@@ -13568,9 +13568,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
1356813568
if (!ssl->options.resuming && ssl->options.sendVerify) {
1356913569
ssl->error = SendTls13CertificateVerify(ssl);
1357013570
if (ssl->error != 0) {
13571-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
13572-
ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
13573-
#endif
13571+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1357413572
WOLFSSL_ERROR(ssl->error);
1357513573
return WOLFSSL_FATAL_ERROR;
1357613574
}
@@ -13584,9 +13582,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
1358413582

1358513583
case FIRST_REPLY_FOURTH:
1358613584
if ((ssl->error = SendTls13Finished(ssl)) != 0) {
13587-
#ifdef WOLFSSL_CHECK_ALERT_ON_ERR
13588-
ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
13589-
#endif
13585+
wolfssl_local_MaybeCheckAlertOnErr(ssl, ssl->error);
1359013586
WOLFSSL_ERROR(ssl->error);
1359113587
return WOLFSSL_FATAL_ERROR;
1359213588
}
@@ -14736,15 +14732,16 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
1473614732

1473714733
ssl->options.acceptState = TLS13_ACCEPT_FINISHED_SENT;
1473814734
WOLFSSL_MSG("accept state ACCEPT_FINISHED_SENT");
14735+
FALL_THROUGH;
14736+
14737+
case TLS13_ACCEPT_FINISHED_SENT:
1473914738
#ifdef WOLFSSL_EARLY_DATA
14740-
if (ssl->earlyData != no_early_data) {
14739+
if (ssl->earlyData != no_early_data &&
14740+
ssl->options.handShakeState != SERVER_FINISHED_COMPLETE) {
1474114741
ssl->options.handShakeState = SERVER_FINISHED_COMPLETE;
1474214742
return WOLFSSL_SUCCESS;
1474314743
}
1474414744
#endif
14745-
FALL_THROUGH;
14746-
14747-
case TLS13_ACCEPT_FINISHED_SENT :
1474814745
#ifdef HAVE_SESSION_TICKET
1474914746
#ifdef WOLFSSL_TLS13_TICKET_BEFORE_FINISHED
1475014747
if (!ssl->options.verifyPeer && !ssl->options.noTicketTls13 &&
@@ -15064,7 +15061,10 @@ int wolfSSL_read_early_data(WOLFSSL* ssl, void* data, int sz, int* outSz)
1506415061
return SIDE_ERROR;
1506515062

1506615063
if (ssl->options.handShakeState == NULL_STATE) {
15067-
if (ssl->error != WC_NO_ERR_TRACE(WC_PENDING_E))
15064+
/* the server flight can return WANT_WRITE and we re-enter here after
15065+
* setting ssl->earlyData = process_early_data, set earlyData to
15066+
* expecting_early_data just once */
15067+
if (ssl->earlyData < expecting_early_data)
1506815068
ssl->earlyData = expecting_early_data;
1506915069
/* this used to be: ret = wolfSSL_accept_TLSv13(ssl);
1507015070
* However, wolfSSL_accept_TLSv13() expects a certificate to
@@ -15096,6 +15096,20 @@ int wolfSSL_read_early_data(WOLFSSL* ssl, void* data, int sz, int* outSz)
1509615096
#endif /* WOLFSSL_DTLS13 */
1509715097
}
1509815098
}
15099+
#ifdef WOLFSSL_DTLS13
15100+
else if (ssl->buffers.outputBuffer.length > 0 &&
15101+
ssl->options.dtls && ssl->dtls13SendingAckOrRtx) {
15102+
ret = SendBuffered(ssl);
15103+
if (ret == 0) {
15104+
ssl->dtls13SendingAckOrRtx = 0;
15105+
}
15106+
else {
15107+
ssl->error = ret;
15108+
WOLFSSL_ERROR(ssl->error);
15109+
return WOLFSSL_FATAL_ERROR;
15110+
}
15111+
}
15112+
#endif /* WOLFSSL_DTLS13 */
1509915113
else
1510015114
ret = 0;
1510115115
#else

0 commit comments

Comments
 (0)