From: Olivier Houchard <ohouchard@haproxy.com>
Date: Thu, 23 Jan 2020 13:57:36 +0000 (+0100)
Subject: BUG/MEDIUM: 0rtt: Only consider the SSL handshake.
X-Git-Tag: v2.2-dev2~94
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=220a26c31647b8cfd76f3922d08cb2e847e3009e;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: 0rtt: Only consider the SSL handshake.

We only add the Early-data header, or get ssl_fc_has_early to return 1, if
we didn't already did the SSL handshake, as otherwise, we know the early
data were fine, and there's no risk of replay attack. But to do so, we
wrongly checked CO_FL_HANDSHAKE, we have to check CO_FL_SSL_WAIT_HS instead,
as we don't care about the status of any other handshake.

This should be backported to 2.1, 2.0, and 1.9.

When deciding if we should add the Early-Data header, or if the sample fetch
should return
---

diff --git a/src/http_ana.c b/src/http_ana.c
index 2891f056b7..25110f18c4 100644
--- a/src/http_ana.c
+++ b/src/http_ana.c
@@ -520,7 +520,7 @@ int http_process_req_common(struct stream *s, struct channel *req, int an_bit, s
 	}
 
 	if (conn && (conn->flags & CO_FL_EARLY_DATA) &&
-	    (conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_HANDSHAKE))) {
+	    (conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_SSL_WAIT_HS))) {
 		struct http_hdr_ctx ctx;
 
 		ctx.blk = NULL;
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index b4e118c2bb..d61e872004 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -7393,7 +7393,7 @@ smp_fetch_ssl_fc_has_early(const struct arg *args, struct sample *smp, const cha
 	}
 #else
 	smp->data.u.sint = ((conn->flags & CO_FL_EARLY_DATA)  &&
-	    (conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_HANDSHAKE))) ? 1 : 0;
+	    (conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_SSL_WAIT_HS))) ? 1 : 0;
 #endif
 	return 1;
 }