Handle shutdown during init/handshake earlier
Sending close_notify during init causes some problems for some applications so we instead revert to the previous behavior returning an error instead of silently passing. (Imported from upstream's 64193c8218540499984cd63cda41f3cd491f3f59) Change-Id: I5efed1ce152197d291e6c7ece6e5dbb8f3ad867d Reviewed-on: https://boringssl-review.googlesource.com/7232 Reviewed-by: David Benjamin <davidben@google.com>
This commit is contained in:
parent
c4eec0c16b
commit
a14934ff2d
@ -646,6 +646,12 @@ int SSL_shutdown(SSL *ssl) {
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* We can't shutdown properly if we are in the middle of a handshake. */
|
||||||
|
if (SSL_in_init(ssl)) {
|
||||||
|
OPENSSL_PUT_ERROR(SSL, SSL_R_SHUTDOWN_WHILE_IN_INIT);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
/* Do nothing if configured not to send a close_notify. */
|
/* Do nothing if configured not to send a close_notify. */
|
||||||
if (ssl->quiet_shutdown) {
|
if (ssl->quiet_shutdown) {
|
||||||
ssl->shutdown = SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN;
|
ssl->shutdown = SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN;
|
||||||
@ -671,11 +677,6 @@ int SSL_shutdown(SSL *ssl) {
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
} else if (!(ssl->shutdown & SSL_RECEIVED_SHUTDOWN)) {
|
} else if (!(ssl->shutdown & SSL_RECEIVED_SHUTDOWN)) {
|
||||||
if (SSL_in_init(ssl)) {
|
|
||||||
/* We can't shutdown properly if we are in the middle of a handshake. */
|
|
||||||
OPENSSL_PUT_ERROR(SSL, SSL_R_SHUTDOWN_WHILE_IN_INIT);
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
/* If we are waiting for a close from our peer, we are closed */
|
/* If we are waiting for a close from our peer, we are closed */
|
||||||
ssl->method->ssl_read_close_notify(ssl);
|
ssl->method->ssl_read_close_notify(ssl);
|
||||||
if (!(ssl->shutdown & SSL_RECEIVED_SHUTDOWN)) {
|
if (!(ssl->shutdown & SSL_RECEIVED_SHUTDOWN)) {
|
||||||
|
Loading…
Reference in New Issue
Block a user