BUG/MEDIUM: ssl: Don't set the max early data we can receive too early.
When accepting the max early data, don't set it on the SSL_CTX while parsing
the configuration, as at this point global.tune.maxrewrite may still be -1,
either because it was not set, or because it hasn't been set yet. Instead,
set it for each connection, just after we created the new SSL.
Not doing so meant that we could pretend to accept early data bigger than one
of our buffer.
This should be backported to 2.1, 2.0, 1.9 and 1.8.
(cherry picked from commit 545989f37f56b47a52af410e5c41aa0531dd1ef3)
Signed-off-by: Willy Tarreau <w@1wt.eu>
(cherry picked from commit a0a513399a7ed0b6b4a4cca5d5cb2a2b90674d46)
Signed-off-by: Willy Tarreau <w@1wt.eu>
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index ea84ec9..6ae1653 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -4030,10 +4030,8 @@
SSL_CTX_set_select_certificate_cb(ctx, ssl_sock_switchctx_cbk);
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
#elif (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
- if (bind_conf->ssl_conf.early_data) {
+ if (bind_conf->ssl_conf.early_data)
SSL_CTX_set_options(ctx, SSL_OP_NO_ANTI_REPLAY);
- SSL_CTX_set_max_early_data(ctx, global.tune.bufsize - global.tune.maxrewrite);
- }
SSL_CTX_set_client_hello_cb(ctx, ssl_sock_switchctx_cbk, NULL);
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
#else
@@ -5316,6 +5314,10 @@
conn->err_code = CO_ER_SSL_NO_MEM;
goto err;
}
+#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
+ if (__objt_listener(conn->target)->bind_conf->ssl_conf.early_data)
+ SSL_set_max_early_data(ctx->ssl, global.tune.bufsize - global.tune.maxrewrite);
+#endif
ctx->bio = BIO_new(ha_meth);
if (!ctx->bio) {