diff options
author | Matt Caswell <matt@openssl.org> | 2018-09-04 13:36:55 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-09-07 11:15:20 +0100 |
commit | 1bf4cb0fe3b00e1c501a04ace4e3e3145314cb20 (patch) | |
tree | 8b44f632a8520381c4843c7399a46032ebdbbbc2 /ssl/statem/statem_lib.c | |
parent | f922dac87d859cc7419207301533fe89582ac3ea (diff) |
Process KeyUpdate and NewSessionTicket messages after a close_notify
If we've sent a close_notify then we are restricted about what we can do
in response to handshake messages that we receive. However we can sensibly
process NewSessionTicket messages. We can also process a KeyUpdate message
as long as we also ignore any request for us to update our sending keys.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7114)
Diffstat (limited to 'ssl/statem/statem_lib.c')
-rw-r--r-- | ssl/statem/statem_lib.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 3961c14719..adc8b98144 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -638,9 +638,12 @@ MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt) /* * If we get a request for us to update our sending keys too then, we need * to additionally send a KeyUpdate message. However that message should - * not also request an update (otherwise we get into an infinite loop). + * not also request an update (otherwise we get into an infinite loop). We + * ignore a request for us to update our sending keys too if we already + * sent close_notify. */ - if (updatetype == SSL_KEY_UPDATE_REQUESTED) + if (updatetype == SSL_KEY_UPDATE_REQUESTED + && (s->shutdown & SSL_SENT_SHUTDOWN) == 0) s->key_update = SSL_KEY_UPDATE_NOT_REQUESTED; if (!tls13_update_key(s, 0)) { |