handoff: set |enable_early_data| as part of handback.
This doesn't change the serialization: it just adds
|enable_early_data| to the list of early data fields that get updated
by SSL_apply_handback().
This is needed because, for example, add_new_session_tickets(), which
runs after handback, performs certain actions iff |enable_early_data|
is set. Plus it just seems cleaner.
Change-Id: Ibcdb745ff9bcbeb2af2475f69f9f798937e7ee63
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/39804
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: Matt Braithwaite <mab@google.com>
diff --git a/ssl/handoff.cc b/ssl/handoff.cc
index e8b2e8a..e011f94 100644
--- a/ssl/handoff.cc
+++ b/ssl/handoff.cc
@@ -349,6 +349,10 @@
if (type == handback_tls13 || type == handback_tls13_early_data) {
early_data_t early_data;
// Check early data invariants.
+ if (ssl->enable_early_data ==
+ (s3->early_data_reason == ssl_early_data_disabled)) {
+ return false;
+ }
if (hs->early_data_offered) {
if (s3->early_data_accepted && !s3->skip_early_data) {
early_data = early_data_accepted;
@@ -512,6 +516,7 @@
s3->early_data_reason =
static_cast<ssl_early_data_reason_t>(early_data_reason);
+ ssl->enable_early_data = s3->early_data_reason != ssl_early_data_disabled;
s3->skip_early_data = false;
s3->early_data_accepted = false;
hs->early_data_offered = false;
