};
#endif
+/*
+ * ssl_sock_ctx flags
+ */
+#define SSL_SOCK_F_EARLY_ENABLED (1 << 0) /* We did not start the handshake yet so we can send early data */
+
struct ssl_sock_ctx {
struct connection *conn;
SSL *ssl;
unsigned long error_code; /* last error code of the error stack */
struct buffer early_buf; /* buffer to store the early data received */
int sent_early_data; /* Amount of early data we sent so far */
- int can_send_early_data; /* We did not start the handshake yet so we can send early data */
+ int flags; /* Various flags for the ssl_sock_ctx */
#ifdef USE_QUIC
struct quic_conn *qc;
ctx->xprt_st = 0;
ctx->xprt_ctx = NULL;
ctx->error_code = 0;
- ctx->can_send_early_data = 1;
+ ctx->flags = SSL_SOCK_F_EARLY_ENABLED;
next_sslconn = increment_sslconn();
if (!next_sslconn) {
/* read some data: consider handshake completed */
goto reneg_ok;
}
- ctx->can_send_early_data = 0;
+ ctx->flags &=~ SSL_SOCK_F_EARLY_ENABLED;
ret = SSL_do_handshake(ctx->ssl);
check_error:
if (ret != 1) {
#endif
/*
- * We have to check can_send_early_data here, as the handshake flags
+ * We have to check SSL_SOCK_F_EARLY_ENABLED here, as the handshake flags
* may have been removed in case we want to try to send early data.
*/
- if (ctx->can_send_early_data ||
+ if ((ctx->flags & SSL_SOCK_F_EARLY_ENABLED) ||
(conn->flags & (CO_FL_WAIT_XPRT | CO_FL_SSL_WAIT_HS))) {
/* a handshake was requested */
TRACE_LEAVE(SSL_EV_CONN_RECV, conn);
ctx->xprt_st &= ~SSL_SOCK_SEND_MORE;
#ifdef SSL_READ_EARLY_DATA_SUCCESS
- if (ctx->can_send_early_data && conn_is_back(conn)) {
+ if ((ctx->flags & SSL_SOCK_F_EARLY_ENABLED) && conn_is_back(conn)) {
unsigned int max_early;
if (objt_listener(conn->target))
projects / thirdparty / haproxy.git / commitdiff
