kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
c7eae5a326
boringssl/ssl
History
David Benjamin c7eae5a326 Forbid calling SSL_read, SSL_peek, and SSL_do_handshake post-shutdown. 
This explicitly forbids an API pattern which formerly kind of worked, but was
extremely buggy (see preceding commits). Depending on how one interprets
close_notify and our API, one might wish to call SSL_shutdown only once
(morally shutdown(SHUT_WR)) and then SSL_read until EOF.

However, this exposes additional confusing states where we might try to send an
alert post-SHUT_WR, etc. Early commits made us more robust here (whether one is
allowed to touch the SSL* after an operattion failed because it read an alert
is... unclear), so we could support it if we wanted to, but this doesn't seem
worth the additional statespace. See if we can get away with not allowing it.

Change-Id: Ie7a7e5520b464360b1e6316c34ec9854b571782f
Reviewed-on: https://boringssl-review.googlesource.com/7433
Reviewed-by: David Benjamin <davidben@google.com>
2016-05-17 21:28:40 +00:00
..
pqueue Don't cast |OPENSSL_malloc|/|OPENSSL_realloc| result. 2016-02-11 22:07:56 +00:00
test Tidy up shutdown state. 2016-05-17 21:27:12 +00:00
CMakeLists.txt Implement draft-ietf-tls-curve25519-01 in C. 2015-12-22 21:51:30 +00:00
custom_extensions.c Align the SSL stack on #include style. 2015-09-15 23:32:07 +00:00
d1_both.c Simplify handshake message size limits. 2016-05-13 20:06:24 +00:00
d1_clnt.c Client auth is only legal in certificate-based ciphers. 2016-05-13 20:07:16 +00:00
d1_lib.c Adding a method to change the initial DTLS retransmission timer value. 2016-05-11 22:36:26 +00:00
d1_meth.c Pull ChangeCipherSpec into the handshake state machine. 2015-12-16 18:36:57 +00:00
d1_pkt.c Tidy up shutdown state. 2016-05-17 21:27:12 +00:00
d1_srtp.c Make kSRTPProfiles static. 2016-05-13 14:12:22 +00:00
d1_srvr.c Client auth is only legal in certificate-based ciphers. 2016-05-13 20:07:16 +00:00
dtls_record.c Move aead_{read,write}_ctx and next_proto_negotiated into ssl->s3. 2016-01-15 21:40:25 +00:00
internal.h Client auth is only legal in certificate-based ciphers. 2016-05-13 20:07:16 +00:00
s3_both.c Simplify handshake message size limits. 2016-05-13 20:06:24 +00:00
s3_clnt.c Client auth is only legal in certificate-based ciphers. 2016-05-13 20:07:16 +00:00
s3_enc.c Remove some easy obj.h dependencies. 2016-03-31 20:50:33 +00:00
s3_lib.c Remove some easy obj.h dependencies. 2016-03-31 20:50:33 +00:00
s3_meth.c Pull ChangeCipherSpec into the handshake state machine. 2015-12-16 18:36:57 +00:00
s3_pkt.c Forbid calling SSL_read, SSL_peek, and SSL_do_handshake post-shutdown. 2016-05-17 21:28:40 +00:00
s3_srvr.c Client auth is only legal in certificate-based ciphers. 2016-05-13 20:07:16 +00:00
ssl_aead_ctx.c Disable all TLS crypto in fuzzer mode. 2016-03-02 23:39:36 +00:00
ssl_asn1.c Check for overflow when parsing a CBS with d2i_*. 2015-11-16 23:17:42 +00:00
ssl_buffer.c Set rwstate consistently. 2016-04-18 20:30:32 +00:00
ssl_cert.c Ensure we check i2d_X509 return val 2016-04-26 17:12:01 +00:00
ssl_cipher.c Client auth is only legal in certificate-based ciphers. 2016-05-13 20:07:16 +00:00
ssl_ecdh.c Remove some easy obj.h dependencies. 2016-03-31 20:50:33 +00:00
ssl_file.c Banish SSL_add_dir_cert_subjects_to_stack and OPENSSL_DIR_CTX to decrepit. 2016-04-27 18:40:25 +00:00
ssl_lib.c Forbid calling SSL_read, SSL_peek, and SSL_do_handshake post-shutdown. 2016-05-17 21:28:40 +00:00
ssl_rsa.c Add |SSL_CTX_set_private_key_method| to parallel |SSL_set_private_key_method| 2016-03-07 18:16:58 +00:00
ssl_session.c Tidy up shutdown state. 2016-05-17 21:27:12 +00:00
ssl_stat.c Document alert handling. 2015-10-20 19:03:24 +00:00
ssl_test.cc BIO_new_mem_buf should take const void * 2016-02-24 19:14:19 +00:00
t1_enc.c Remove some easy obj.h dependencies. 2016-03-31 20:50:33 +00:00
t1_lib.c Simplify server_name extension parsing. 2016-04-18 20:33:35 +00:00
tls_record.c Disable all TLS crypto in fuzzer mode. 2016-03-02 23:39:36 +00:00