summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/libssl/tls13_internal.h3
-rw-r--r--lib/libssl/tls13_legacy.c6
-rw-r--r--lib/libssl/tls13_lib.c24
-rw-r--r--lib/libssl/tls13_record_layer.c4
4 files changed, 29 insertions, 8 deletions
diff --git a/lib/libssl/tls13_internal.h b/lib/libssl/tls13_internal.h
index 764b58b00b6..d597ef5a960 100644
--- a/lib/libssl/tls13_internal.h
+++ b/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.76 2020/05/11 17:28:33 jsing Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.77 2020/05/11 17:46:46 jsing Exp $ */
/*
* Copyright (c) 2018 Bob Beck <beck@openbsd.org>
* Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -178,6 +178,7 @@ struct tls13_record_layer_callbacks {
tls13_read_cb wire_read;
tls13_write_cb wire_write;
tls13_alert_cb alert_recv;
+ tls13_alert_cb alert_sent;
tls13_phh_recv_cb phh_recv;
tls13_phh_sent_cb phh_sent;
};
diff --git a/lib/libssl/tls13_legacy.c b/lib/libssl/tls13_legacy.c
index 8f8259344f4..af1ad2169df 100644
--- a/lib/libssl/tls13_legacy.c
+++ b/lib/libssl/tls13_legacy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_legacy.c,v 1.5 2020/05/10 16:59:51 jsing Exp $ */
+/* $OpenBSD: tls13_legacy.c,v 1.6 2020/05/11 17:46:46 jsing Exp $ */
/*
* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
*
@@ -487,8 +487,8 @@ tls13_legacy_shutdown(SSL *ssl)
}
/* Send close notify. */
- if (!ctx->close_notify_sent) {
- ctx->close_notify_sent = 1;
+ if (!(ssl->internal->shutdown & SSL_SENT_SHUTDOWN)) {
+ ssl->internal->shutdown |= SSL_SENT_SHUTDOWN;
if ((ret = tls13_send_alert(ctx->rl, TLS13_ALERT_CLOSE_NOTIFY)) < 0)
return tls13_legacy_return_code(ssl, ret);
}
diff --git a/lib/libssl/tls13_lib.c b/lib/libssl/tls13_lib.c
index f096fe633ec..e86c4fd07f6 100644
--- a/lib/libssl/tls13_lib.c
+++ b/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_lib.c,v 1.42 2020/05/11 17:28:33 jsing Exp $ */
+/* $OpenBSD: tls13_lib.c,v 1.43 2020/05/11 17:46:46 jsing Exp $ */
/*
* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
* Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -106,7 +106,6 @@ static void
tls13_alert_received_cb(uint8_t alert_desc, void *arg)
{
struct tls13_ctx *ctx = arg;
- SSL *s = ctx->ssl;
if (alert_desc == TLS13_ALERT_CLOSE_NOTIFY) {
ctx->close_notify_recv = 1;
@@ -129,7 +128,25 @@ tls13_alert_received_cb(uint8_t alert_desc, void *arg)
SSLerror(ctx->ssl, SSL_AD_REASON_OFFSET + alert_desc);
ERR_asprintf_error_data("SSL alert number %d", alert_desc);
- SSL_CTX_remove_session(s->ctx, s->session);
+ SSL_CTX_remove_session(ctx->ssl->ctx, ctx->ssl->session);
+}
+
+static void
+tls13_alert_sent_cb(uint8_t alert_desc, void *arg)
+{
+ struct tls13_ctx *ctx = arg;
+
+ if (alert_desc == SSL_AD_CLOSE_NOTIFY) {
+ ctx->close_notify_sent = 1;
+ return;
+ }
+
+ if (alert_desc == SSL_AD_USER_CANCELLED) {
+ return;
+ }
+
+ /* All other alerts are treated as fatal in TLSv1.3. */
+ SSLerror(ctx->ssl, SSL_AD_REASON_OFFSET + alert_desc);
}
static void
@@ -336,6 +353,7 @@ static const struct tls13_record_layer_callbacks rl_callbacks = {
.wire_read = tls13_legacy_wire_read_cb,
.wire_write = tls13_legacy_wire_write_cb,
.alert_recv = tls13_alert_received_cb,
+ .alert_sent = tls13_alert_sent_cb,
.phh_recv = tls13_phh_received_cb,
.phh_sent = tls13_phh_done_cb,
};
diff --git a/lib/libssl/tls13_record_layer.c b/lib/libssl/tls13_record_layer.c
index 62b32e4631e..e7650b1ecc5 100644
--- a/lib/libssl/tls13_record_layer.c
+++ b/lib/libssl/tls13_record_layer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record_layer.c,v 1.38 2020/05/11 17:28:33 jsing Exp $ */
+/* $OpenBSD: tls13_record_layer.c,v 1.39 2020/05/11 17:46:46 jsing Exp $ */
/*
* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
*
@@ -321,6 +321,8 @@ tls13_record_layer_send_alert(struct tls13_record_layer *rl)
ret = TLS13_IO_ALERT;
}
+ rl->cb.alert_sent(rl->alert_desc, rl->cb_arg);
+
return ret;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-13 02:23:03 +0000