kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
8f73135485
boringssl/ssl
History
David Benjamin 8f73135485 Consolidate SSL_RECEIVED_SHUTDOWN checks. 
SSL_RECEIVED_SHUTDOWN checks in the record layer happen in two different
places. Some operations (but not all) check it, and so does read_bytes. Move it
to get_record.

This check should be at a low-level since it is otherwise duplicated in every
operation. It is also a signal which originates from around the peer's record
layer, so it makes sense to check it near the same code. (This one's in
get_record which is technically lower-level than read_bytes, but we're trying
to get rid of read_bytes. They're very coupled functions.)

Also, if we've seen a fatal alert, replay an error, not an EOF.

Change-Id: Idec35c5068ddabe5b1a9145016d8f945da2421cf
Reviewed-on: https://boringssl-review.googlesource.com/7436
Reviewed-by: David Benjamin <davidben@google.com>
2016-05-17 21:02:19 +00:00
..
pqueue Don't cast |OPENSSL_malloc|/|OPENSSL_realloc| result. 2016-02-11 22:07:56 +00:00
test Client auth is only legal in certificate-based ciphers. 2016-05-13 20:07:16 +00:00
CMakeLists.txt Implement draft-ietf-tls-curve25519-01 in C. 2015-12-22 21:51:30 +00:00
custom_extensions.c
d1_both.c Simplify handshake message size limits. 2016-05-13 20:06:24 +00:00
d1_clnt.c Client auth is only legal in certificate-based ciphers. 2016-05-13 20:07:16 +00:00
d1_lib.c Adding a method to change the initial DTLS retransmission timer value. 2016-05-11 22:36:26 +00:00
d1_meth.c Pull ChangeCipherSpec into the handshake state machine. 2015-12-16 18:36:57 +00:00
d1_pkt.c Consolidate SSL_RECEIVED_SHUTDOWN checks. 2016-05-17 21:02:19 +00:00
d1_srtp.c Make kSRTPProfiles static. 2016-05-13 14:12:22 +00:00
d1_srvr.c Client auth is only legal in certificate-based ciphers. 2016-05-13 20:07:16 +00:00
dtls_record.c Move aead_{read,write}_ctx and next_proto_negotiated into ssl->s3. 2016-01-15 21:40:25 +00:00
internal.h Client auth is only legal in certificate-based ciphers. 2016-05-13 20:07:16 +00:00
s3_both.c Simplify handshake message size limits. 2016-05-13 20:06:24 +00:00
s3_clnt.c Client auth is only legal in certificate-based ciphers. 2016-05-13 20:07:16 +00:00
s3_enc.c Remove some easy obj.h dependencies. 2016-03-31 20:50:33 +00:00
s3_lib.c Remove some easy obj.h dependencies. 2016-03-31 20:50:33 +00:00
s3_meth.c Pull ChangeCipherSpec into the handshake state machine. 2015-12-16 18:36:57 +00:00
s3_pkt.c Consolidate SSL_RECEIVED_SHUTDOWN checks. 2016-05-17 21:02:19 +00:00
s3_srvr.c Client auth is only legal in certificate-based ciphers. 2016-05-13 20:07:16 +00:00
ssl_aead_ctx.c Disable all TLS crypto in fuzzer mode. 2016-03-02 23:39:36 +00:00
ssl_asn1.c Check for overflow when parsing a CBS with d2i_*. 2015-11-16 23:17:42 +00:00
ssl_buffer.c Set rwstate consistently. 2016-04-18 20:30:32 +00:00
ssl_cert.c Ensure we check i2d_X509 return val 2016-04-26 17:12:01 +00:00
ssl_cipher.c Client auth is only legal in certificate-based ciphers. 2016-05-13 20:07:16 +00:00
ssl_ecdh.c Remove some easy obj.h dependencies. 2016-03-31 20:50:33 +00:00
ssl_file.c Banish SSL_add_dir_cert_subjects_to_stack and OPENSSL_DIR_CTX to decrepit. 2016-04-27 18:40:25 +00:00
ssl_lib.c Consolidate SSL_RECEIVED_SHUTDOWN checks. 2016-05-17 21:02:19 +00:00
ssl_rsa.c Add |SSL_CTX_set_private_key_method| to parallel |SSL_set_private_key_method| 2016-03-07 18:16:58 +00:00
ssl_session.c Add SSL_SESSION_get_master_key. 2016-04-21 21:14:36 +00:00
ssl_stat.c
ssl_test.cc BIO_new_mem_buf should take const void * 2016-02-24 19:14:19 +00:00
t1_enc.c Remove some easy obj.h dependencies. 2016-03-31 20:50:33 +00:00
t1_lib.c Simplify server_name extension parsing. 2016-04-18 20:33:35 +00:00
tls_record.c Disable all TLS crypto in fuzzer mode. 2016-03-02 23:39:36 +00:00