commit bbfe603519bc54fbc4c8dd87efe1ed385df550b4
author David Benjamin <davidben@google.com> Sun Mar 26 14:55:42 2017 -0500
committer David Benjamin <davidben@google.com> Sun Mar 26 20:39:44 2017 +0000
tree c8e40ddcff6aa7809b05d8963306bc37ddad3720
parent fc2d78dd1e900e43be1812de1b1e1d4083267a54

Clean up end_of_early_data processing.

Remove another remnant of the SSL3_PROTOCOL_METHOD hook.

Change-Id: If6bf055e2ee318420e4c5c40b8eb5356eadda68c
Reviewed-on: https://boringssl-review.googlesource.com/14381
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Steven Valdez <svaldez@chromium.org>
Reviewed-by: Steven Valdez <svaldez@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>

ssl/internal.h

diff --git a/ssl/internal.h b/ssl/internal.h
index b405fb6..ded5ba8 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -2078,7 +2078,6 @@
 int ssl3_read_app_data(SSL *ssl, int *out_got_handshake, uint8_t *buf, int len,
                        int peek);
 int ssl3_read_change_cipher_spec(SSL *ssl);
-int ssl3_read_end_of_early_data(SSL *ssl);
 void ssl3_read_close_notify(SSL *ssl);
 int ssl3_read_handshake_bytes(SSL *ssl, uint8_t *buf, int len);
 int ssl3_write_app_data(SSL *ssl, const uint8_t *buf, int len);

ssl/s3_pkt.c

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 42fffb1..c2d30ca 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -372,15 +372,19 @@
       return -1;
     }
 
+    /* Handle the end_of_early_data alert. */
     if (rr->type == SSL3_RT_ALERT &&
+        rr->length == 2 &&
+        rr->data[0] == SSL3_AL_WARNING &&
+        rr->data[1] == TLS1_AD_END_OF_EARLY_DATA &&
         ssl->server &&
         ssl->s3->hs != NULL &&
         ssl->s3->hs->can_early_read &&
         ssl3_protocol_version(ssl) >= TLS1_3_VERSION) {
-      int ret = ssl3_read_end_of_early_data(ssl);
-      if (ret <= 0) {
-        return ret;
-      }
+      /* Consume the record. */
+      rr->length = 0;
+      ssl_read_buffer_discard(ssl);
+      /* Stop accepting early data. */
       ssl->s3->hs->can_early_read = 0;
       *out_got_handshake = 1;
       return -1;
@@ -430,30 +434,6 @@
   return 1;
 }
 
-int ssl3_read_end_of_early_data(SSL *ssl) {
-  SSL3_RECORD *rr = &ssl->s3->rrec;
-
-  if (rr->length == 0) {
-    int ret = ssl3_get_record(ssl);
-    if (ret <= 0) {
-      return ret;
-    }
-  }
-
-  if (rr->type != SSL3_RT_ALERT ||
-      rr->length != 2 ||
-      rr->data[0] != SSL3_AL_WARNING ||
-      rr->data[1] != TLS1_AD_END_OF_EARLY_DATA) {
-    ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
-    OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_RECORD);
-    return -1;
-  }
-
-  rr->length = 0;
-  ssl_read_buffer_discard(ssl);
-  return 1;
-}
-
 void ssl3_read_close_notify(SSL *ssl) {
   /* Read records until an error or close_notify. */
   while (ssl3_get_record(ssl) > 0) {