From a84986ae4f27f5335aedd5216ee3f4db06db74d0 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Wed, 3 Feb 2021 11:21:38 +0100 Subject: [PATCH] BUG/MINOR: ssl: do not try to use early data if not configured The CO_FL_EARLY_SSL_HS flag was inconditionally set on the connection, resulting in SSL_read_early_data() always being used first in handshake calculations. While this seems to work well (probably that there are fallback paths inside openssl), it's particularly confusing and makes the debugging quite complicated. It possibly is not optimal by the way. This flag ought to be set only when early_data is configured on the bind line. Apparently there used to be a good reason for doing it this way in 1.8 times, but it really does not make sense anymore. It may be OK to backport this to 2.3 if this helps with troubleshooting, but better not go too far as it's unlikely to fix any real issue while it could introduce some in old versions. --- src/ssl_sock.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/ssl_sock.c b/src/ssl_sock.c index 628a9b054..ccce57874 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -5311,7 +5311,8 @@ static int ssl_sock_init(struct connection *conn, void **xprt_ctx) /* leave init state and start handshake */ conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN; #ifdef SSL_READ_EARLY_DATA_SUCCESS - conn->flags |= CO_FL_EARLY_SSL_HS; + if (bc->ssl_conf.early_data) + conn->flags |= CO_FL_EARLY_SSL_HS; #endif _HA_ATOMIC_ADD(&sslconns, 1);