From 8e1c51378e9949ae5f87a0cd107d9f388b0ba5c0 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Mon, 15 Jun 2026 20:29:23 +0200 Subject: [PATCH] BUG/MEDIUM: ssl: Don't free the early data buffer too early When 0RTT is enabled, a temporary buffer for early data is used. We read from it first when the mux asks for data, and then we free it when it is empty, but that is not right, because maybe we have more early data to receive, and then we no longer have any buffer to store them, and that will eventually end up with the connection closed in error. To fix that, as long as we haven't received all the early data yet, just reset the buffer, instead of freeing it. This should fix github issue #3416 This should be backported up to 2.8. --- src/ssl_sock.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/ssl_sock.c b/src/ssl_sock.c index 348973153..5e5329a22 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -7092,8 +7092,12 @@ static size_t ssl_sock_to_buf(struct connection *conn, void *xprt_ctx, struct bu memcpy(b_tail(buf), b_head(&ctx->early_buf), try); b_add(buf, try); b_del(&ctx->early_buf, try); - if (b_data(&ctx->early_buf) == 0) - b_free(&ctx->early_buf); + if (b_data(&ctx->early_buf) == 0) { + if (!(ctx->conn->flags & CO_FL_EARLY_SSL_HS)) + b_free(&ctx->early_buf); + else + b_reset(&ctx->early_buf); + } TRACE_STATE("read early data", SSL_EV_CONN_RECV|SSL_EV_CONN_RECV_EARLY, conn, &try); return try; } -- 2.47.3