diff options
author | Matt Caswell <matt@openssl.org> | 2015-12-07 16:50:38 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-01-20 13:58:12 +0000 |
commit | 7bb196a71adef8440b6152b6174651a9c25588f1 (patch) | |
tree | 01e909a54f822db8de9e26c768441aa33ee763ef /ssl | |
parent | 3aeb93486588e7dd01379c50b8fd496d55cf8858 (diff) |
Handle SSL_shutdown while in init more appropriately
Calling SSL_shutdown while in init previously gave a "1" response, meaning
everything was successfully closed down (even though it wasn't). Better is
to send our close_notify, but fail when trying to receive one.
The problem with doing a shutdown while in the middle of a handshake is
that once our close_notify is sent we shouldn't really do anything else
(including process handshake/CCS messages) until we've received a
close_notify back from the peer. However the peer might send a CCS before
acting on our close_notify - so we won't be able to read it because we're
not acting on CCS messages!
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s3_lib.c | 15 | ||||
-rw-r--r-- | ssl/ssl_err.c | 2 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 5 |
3 files changed, 18 insertions, 4 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 4b2f196782..28204bc7b1 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -4328,6 +4328,21 @@ int ssl3_shutdown(SSL *s) return (ret); } } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { + if (SSL_in_init(s)) { + /* + * We can't shutdown properly if we are in the middle of a + * handshake. Doing so is problematic because the peer may send a + * CCS before it acts on our close_notify. However we should not + * continue to process received handshake messages or CCS once our + * close_notify has been sent. Therefore any close_notify from + * the peer will be unreadable because we have not moved to the next + * cipher state. Its best just to avoid this can-of-worms. Return + * an error if we are wanting to wait for a close_notify from the + * peer and we are in init. + */ + SSLerr(SSL_F_SSL3_SHUTDOWN, SSL_R_SHUTDOWN_WHILE_IN_INIT); + return -1; + } /* * If we are waiting for a close from our peer, we are closed */ diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 2abd0155e6..a112ad41e8 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -128,6 +128,7 @@ static ERR_STRING_DATA SSL_str_functs[] = { {ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK), "ssl3_setup_key_block"}, {ERR_FUNC(SSL_F_SSL3_SETUP_READ_BUFFER), "ssl3_setup_read_buffer"}, {ERR_FUNC(SSL_F_SSL3_SETUP_WRITE_BUFFER), "ssl3_setup_write_buffer"}, + {ERR_FUNC(SSL_F_SSL3_SHUTDOWN), "ssl3_shutdown"}, {ERR_FUNC(SSL_F_SSL3_WRITE_BYTES), "ssl3_write_bytes"}, {ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "ssl3_write_pending"}, {ERR_FUNC(SSL_F_SSL_ACCEPT), "SSL_accept"}, @@ -577,6 +578,7 @@ static ERR_STRING_DATA SSL_str_reasons[] = { {ERR_REASON(SSL_R_SERVERHELLO_TLSEXT), "serverhello tlsext"}, {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED), "session id context uninitialized"}, + {ERR_REASON(SSL_R_SHUTDOWN_WHILE_IN_INIT), "shutdown while in init"}, {ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR), "signature algorithms error"}, {ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE), diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index e922e3f07c..fe9749ec83 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1564,10 +1564,7 @@ int SSL_shutdown(SSL *s) return -1; } - if (!SSL_in_init(s)) - return (s->method->ssl_shutdown(s)); - else - return (1); + return s->method->ssl_shutdown(s); } int SSL_renegotiate(SSL *s) |