commit f4ecc84644789f6533c042dd6596b289d1371f02
author Steven Valdez <svaldez@google.com> Thu Aug 10 14:02:56 2017 -0400
committer Steven Valdez <svaldez@google.com> Mon Aug 14 20:15:54 2017 +0000
tree 972586280b4f94aa8e24a2e0cf3ab53edd97fef0
parent 78f5e7573902345a9354385739cb3776ab29ae7d

Prevent both early data and custom extensions from being accepted.

This loosens the earlier restriction to match Channel ID. Both may be
configured and offered, but the server is obligated to select only one
of them. This aligns with the current tokbind + 0-RTT draft where the
combination is signaled by a separate extension.

Bug: 183
Change-Id: I786102a679999705d399f0091f76da236be091c2
Reviewed-on: https://boringssl-review.googlesource.com/19124
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>

include/openssl/ssl.h

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 63651b5..9a414ca 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -4878,7 +4878,7 @@
 #define SSL_R_TICKET_ENCRYPTION_FAILED 276
 #define SSL_R_ALPN_MISMATCH_ON_EARLY_DATA 277
 #define SSL_R_WRONG_VERSION_ON_EARLY_DATA 278
-#define SSL_R_CHANNEL_ID_ON_EARLY_DATA 279
+#define SSL_R_UNEXPECTED_EXTENSION_ON_EARLY_DATA 279
 #define SSL_R_NO_SUPPORTED_VERSIONS_ENABLED 280
 #define SSL_R_APPLICATION_DATA_INSTEAD_OF_HANDSHAKE 281
 #define SSL_R_SSLV3_ALERT_CLOSE_NOTIFY 1000