From ce40926ffe997532135813e689b0f3f3f62b1f8e Mon Sep 17 00:00:00 2001 From: jsing <> Date: Sat, 25 Jul 2020 17:44:30 +0000 Subject: Handle SSL_MODE_AUTO_RETRY being changed during a TLSv1.3 session. Both Perl's HTTP::Tiny and IO::Socket::SSL know about SSL_MODE_AUTO_RETRY and try to work around the fact that OpenSSL enabled it by default. However, this can lead to the mode being disabled prior to the TLSv1.3 handshake and then enabled after the handshake has completed. In order to handle this correctly we have to check the mode and inform the record layer prior to every read. Issue reported and test case provided by Nathanael Rensen . ok inoguchi@ tb@ --- src/lib/libssl/tls13_legacy.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/lib/libssl/tls13_legacy.c b/src/lib/libssl/tls13_legacy.c index 23f9c5f664..3feb143183 100644 --- a/src/lib/libssl/tls13_legacy.c +++ b/src/lib/libssl/tls13_legacy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_legacy.c,v 1.10 2020/07/14 18:55:59 jsing Exp $ */ +/* $OpenBSD: tls13_legacy.c,v 1.11 2020/07/25 17:44:30 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -208,6 +208,9 @@ tls13_legacy_read_bytes(SSL *ssl, int type, unsigned char *buf, int len, int pee return tls13_legacy_return_code(ssl, TLS13_IO_WANT_POLLIN); } + tls13_record_layer_set_retry_after_phh(ctx->rl, + (ctx->ssl->internal->mode & SSL_MODE_AUTO_RETRY) != 0); + if (type != SSL3_RT_APPLICATION_DATA) { SSLerror(ssl, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return -1; -- cgit v1.2.3-55-g6feb