Provide an alert sent record layer callback.

Use this to push an error on to the SSL error stack so that we report the
details of the alert that we sent, rather than failing with an unknown
error.

ok tb@

4 files changed, 29 insertions, 8 deletions

diff --git a/lib/libssl/tls13_internal.h b/lib/libssl/tls13_internal.h
index 764b58b00b6..d597ef5a960 100644
--- a/lib/libssl/tls13_internal.h
+++ b/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.76 2020/05/11 17:28:33 jsing Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.77 2020/05/11 17:46:46 jsing Exp $ */
 /*
  * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
  * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -178,6 +178,7 @@ struct tls13_record_layer_callbacks {
 	tls13_read_cb wire_read;
 	tls13_write_cb wire_write;
 	tls13_alert_cb alert_recv;
+	tls13_alert_cb alert_sent;
 	tls13_phh_recv_cb phh_recv;
 	tls13_phh_sent_cb phh_sent;
 };
diff --git a/lib/libssl/tls13_legacy.c b/lib/libssl/tls13_legacy.c
index 8f8259344f4..af1ad2169df 100644
--- a/lib/libssl/tls13_legacy.c
+++ b/lib/libssl/tls13_legacy.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_legacy.c,v 1.5 2020/05/10 16:59:51 jsing Exp $ */
+/*	$OpenBSD: tls13_legacy.c,v 1.6 2020/05/11 17:46:46 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -487,8 +487,8 @@ tls13_legacy_shutdown(SSL *ssl)
 	}
 
 	/* Send close notify. */
-	if (!ctx->close_notify_sent) {
-		ctx->close_notify_sent = 1;
+	if (!(ssl->internal->shutdown & SSL_SENT_SHUTDOWN)) {
+		ssl->internal->shutdown |= SSL_SENT_SHUTDOWN;
 		if ((ret = tls13_send_alert(ctx->rl, TLS13_ALERT_CLOSE_NOTIFY)) < 0)
 			return tls13_legacy_return_code(ssl, ret);
 	}
diff --git a/lib/libssl/tls13_lib.c b/lib/libssl/tls13_lib.c
index f096fe633ec..e86c4fd07f6 100644
--- a/lib/libssl/tls13_lib.c
+++ b/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_lib.c,v 1.42 2020/05/11 17:28:33 jsing Exp $ */
+/*	$OpenBSD: tls13_lib.c,v 1.43 2020/05/11 17:46:46 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -106,7 +106,6 @@ static void
 tls13_alert_received_cb(uint8_t alert_desc, void *arg)
 {
 	struct tls13_ctx *ctx = arg;
-	SSL *s = ctx->ssl;
 
 	if (alert_desc == TLS13_ALERT_CLOSE_NOTIFY) {
 		ctx->close_notify_recv = 1;
@@ -129,7 +128,25 @@ tls13_alert_received_cb(uint8_t alert_desc, void *arg)
 	SSLerror(ctx->ssl, SSL_AD_REASON_OFFSET + alert_desc);
 	ERR_asprintf_error_data("SSL alert number %d", alert_desc);
 
-	SSL_CTX_remove_session(s->ctx, s->session);
+	SSL_CTX_remove_session(ctx->ssl->ctx, ctx->ssl->session);
+}
+
+static void
+tls13_alert_sent_cb(uint8_t alert_desc, void *arg)
+{
+	struct tls13_ctx *ctx = arg;
+
+	if (alert_desc == SSL_AD_CLOSE_NOTIFY) {
+		ctx->close_notify_sent = 1;
+		return;
+	}
+
+	if (alert_desc == SSL_AD_USER_CANCELLED) {
+		return;
+	}
+
+	/* All other alerts are treated as fatal in TLSv1.3. */
+	SSLerror(ctx->ssl, SSL_AD_REASON_OFFSET + alert_desc);
 }
 
 static void
@@ -336,6 +353,7 @@ static const struct tls13_record_layer_callbacks rl_callbacks = {
 	.wire_read = tls13_legacy_wire_read_cb,
 	.wire_write = tls13_legacy_wire_write_cb,
 	.alert_recv = tls13_alert_received_cb,
+	.alert_sent = tls13_alert_sent_cb,
 	.phh_recv = tls13_phh_received_cb,
 	.phh_sent = tls13_phh_done_cb,
 };
diff --git a/lib/libssl/tls13_record_layer.c b/lib/libssl/tls13_record_layer.c
index 62b32e4631e..e7650b1ecc5 100644
--- a/lib/libssl/tls13_record_layer.c
+++ b/lib/libssl/tls13_record_layer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record_layer.c,v 1.38 2020/05/11 17:28:33 jsing Exp $ */
+/* $OpenBSD: tls13_record_layer.c,v 1.39 2020/05/11 17:46:46 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -321,6 +321,8 @@ tls13_record_layer_send_alert(struct tls13_record_layer *rl)
 		ret = TLS13_IO_ALERT;
 	}
 
+	rl->cb.alert_sent(rl->alert_desc, rl->cb_arg);
+
 	return ret;
 }