Make sure info callback knows about all handshake start events

The first session ticket sent by the server is actually tacked onto the end of the first handshake from a state machine perspective. However in reality this is a post-handshake message, and should be preceeded by a handshake start event from an info callback perspective. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5874)
2018-04-04 14:28:23 +01:00 · 2018-04-04 14:28:23 +01:00 · 7f9f5f71e4
commit 7f9f5f71e4
parent c2c1d8a495
1 changed files with 17 additions and 0 deletions
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@ -3716,6 +3716,23 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
    } age_add_u;

    if (SSL_IS_TLS13(s)) {
+        if (s->post_handshake_auth != SSL_PHA_EXT_RECEIVED) {
+            void (*cb) (const SSL *ssl, int type, int val) = NULL;
+
+            /*
+             * This is the first session ticket we've sent. In the state
+             * machine we "cheated" and tacked this onto the end of the first
+             * handshake. From an info callback perspective this should appear
+             * like the start of a new handshake.
+             */
+            if (s->info_callback != NULL)
+                cb = s->info_callback;
+            else if (s->ctx->info_callback != NULL)
+                cb = s->ctx->info_callback;
+            if (cb != NULL)
+                cb(s, SSL_CB_HANDSHAKE_START, 1);
+        }
+
        if (!ssl_generate_session_id(s, s->session)) {
            /* SSLfatal() already called */
            goto err;