Prevent writing when write_shutdown is set.

Ideally we'd put this deep in the record layer, but sending alerts currently awkwardly sets the field early, so we can't quite lock it out this deep down. This is mostly a sanity-check, but a later CL will fix SSL_shutdown's post-handshake message processing, so this will help catch errors there. Change-Id: I78e627c19547dbcdc85fb168795240d692baf031 Reviewed-on: https://boringssl-review.googlesource.com/21884 Commit-Queue: Steven Valdez <svaldez@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Reviewed-by: Steven Valdez <svaldez@google.com>
před 7 roky · e8d0746b88
--- a/ssl/d1_both.cc
+++ b/ssl/d1_both.cc
@@ -780,6 +780,11 @@ packet_full:
 }

 static int send_flight(SSL *ssl) {
  if (ssl->s3->write_shutdown != ssl_shutdown_none) {
    OPENSSL_PUT_ERROR(SSL, SSL_R_PROTOCOL_IS_SHUTDOWN);
    return -1;
  }

  dtls1_update_mtu(ssl);

  int ret = -1;
--- a/ssl/d1_pkt.cc
+++ b/ssl/d1_pkt.cc
@@ -213,6 +213,11 @@ int dtls1_write_app_data(SSL *ssl, bool *out_needs_handshake,
  assert(!SSL_in_init(ssl));
  *out_needs_handshake = false;

  if (ssl->s3->write_shutdown != ssl_shutdown_none) {
    OPENSSL_PUT_ERROR(SSL, SSL_R_PROTOCOL_IS_SHUTDOWN);
    return -1;
  }

  if (len > SSL3_RT_MAX_PLAIN_LENGTH) {
    OPENSSL_PUT_ERROR(SSL, SSL_R_DTLS_MESSAGE_TOO_BIG);
    return -1;
--- a/ssl/s3_both.cc
+++ b/ssl/s3_both.cc
@@ -233,6 +233,11 @@ int ssl3_flush_flight(SSL *ssl) {
    return 1;
  }

  if (ssl->s3->write_shutdown != ssl_shutdown_none) {
    OPENSSL_PUT_ERROR(SSL, SSL_R_PROTOCOL_IS_SHUTDOWN);
    return -1;
  }

  if (ssl->s3->pending_flight->length > 0xffffffff ||
      ssl->s3->pending_flight->length > INT_MAX) {
    OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
--- a/ssl/s3_pkt.cc
+++ b/ssl/s3_pkt.cc
@@ -133,6 +133,11 @@ int ssl3_write_app_data(SSL *ssl, bool *out_needs_handshake, const uint8_t *buf,

  *out_needs_handshake = false;

  if (ssl->s3->write_shutdown != ssl_shutdown_none) {
    OPENSSL_PUT_ERROR(SSL, SSL_R_PROTOCOL_IS_SHUTDOWN);
    return -1;
  }

  unsigned tot, n, nw;

  assert(ssl->s3->wnum <= INT_MAX);
--- a/ssl/tls_record.cc
+++ b/ssl/tls_record.cc
@@ -476,8 +476,8 @@ static bool tls_seal_scatter_suffix_len(const SSL *ssl, size_t *out_suffix_len,
 // |tls_seal_scatter_record| implements TLS 1.0 CBC 1/n-1 record splitting and
 // may write two records concatenated.
 static int tls_seal_scatter_record(SSL *ssl, uint8_t *out_prefix, uint8_t *out,
                            uint8_t *out_suffix, uint8_t type,
                            const uint8_t *in, size_t in_len) {
                                   uint8_t *out_suffix, uint8_t type,
                                   const uint8_t *in, size_t in_len) {
  if (type == SSL3_RT_APPLICATION_DATA && in_len > 1 &&
      ssl_needs_record_splitting(ssl)) {
    assert(ssl->s3->aead_write_ctx->ExplicitNonceLen() == 0);