From a14934ff2de02c6a12cc34272a26816940e93a60 Mon Sep 17 00:00:00 2001
From: Steven Valdez <svaldez@google.com>
Date: Mon, 29 Feb 2016 10:05:08 -0500
Subject: [PATCH] Handle shutdown during init/handshake earlier

Sending close_notify during init causes some problems for some
applications so we instead revert to the previous behavior returning an
error instead of silently passing.

(Imported from upstream's 64193c8218540499984cd63cda41f3cd491f3f59)

Change-Id: I5efed1ce152197d291e6c7ece6e5dbb8f3ad867d
Reviewed-on: https://boringssl-review.googlesource.com/7232
Reviewed-by: David Benjamin <davidben@google.com>
---
 ssl/ssl_lib.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 3ccfa8e2..20a61efa 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -646,6 +646,12 @@ int SSL_shutdown(SSL *ssl) {
     return -1;
   }
 
+  /* We can't shutdown properly if we are in the middle of a handshake. */
+  if (SSL_in_init(ssl)) {
+    OPENSSL_PUT_ERROR(SSL, SSL_R_SHUTDOWN_WHILE_IN_INIT);
+    return -1;
+  }
+
   /* Do nothing if configured not to send a close_notify. */
   if (ssl->quiet_shutdown) {
     ssl->shutdown = SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN;
@@ -671,11 +677,6 @@ int SSL_shutdown(SSL *ssl) {
       return ret;
     }
   } else if (!(ssl->shutdown & SSL_RECEIVED_SHUTDOWN)) {
-    if (SSL_in_init(ssl)) {
-      /* We can't shutdown properly if we are in the middle of a handshake. */
-      OPENSSL_PUT_ERROR(SSL, SSL_R_SHUTDOWN_WHILE_IN_INIT);
-      return -1;
-    }
     /* If we are waiting for a close from our peer, we are closed */
     ssl->method->ssl_read_close_notify(ssl);
     if (!(ssl->shutdown & SSL_RECEIVED_SHUTDOWN)) {