BUG/MEDIUM: 0rtt: Only consider the SSL handshake.

We only add the Early-data header, or get ssl_fc_has_early to return 1, if
we didn't already did the SSL handshake, as otherwise, we know the early
data were fine, and there's no risk of replay attack. But to do so, we
wrongly checked CO_FL_HANDSHAKE, we have to check CO_FL_SSL_WAIT_HS instead,
as we don't care about the status of any other handshake.

This should be backported to 2.1, 2.0, and 1.9.

When deciding if we should add the Early-Data header, or if the sample fetch
should return

diff --git a/src/http_ana.c b/src/http_ana.c
index 2891f056b7469b20e3c7d007dc1d62c01c199fe0..25110f18c443b5b230e5f80dff5f9fba219afba8 100644 (file)
--- a/src/http_ana.c
+++ b/src/http_ana.c
@@ -520,7 +520,7 @@ int http_process_req_common(struct stream *s, struct channel *req, int an_bit, s
        }
 
        if (conn && (conn->flags & CO_FL_EARLY_DATA) &&
-           (conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_HANDSHAKE))) {
+           (conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_SSL_WAIT_HS))) {
                struct http_hdr_ctx ctx;
 
                ctx.blk = NULL;

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index b4e118c2bb7c4745fbf356c9e7bf7b58e3d2e1d5..d61e872004fb19e2d97bd15ccd27a65c07105a33 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -7393,7 +7393,7 @@ smp_fetch_ssl_fc_has_early(const struct arg *args, struct sample *smp, const cha
        }
 #else
        smp->data.u.sint = ((conn->flags & CO_FL_EARLY_DATA)  &&
-           (conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_HANDSHAKE))) ? 1 : 0;
+           (conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_SSL_WAIT_HS))) ? 1 : 0;
 #endif
        return 1;
 }