From: Matt Caswell Date: Mon, 7 Dec 2015 16:50:38 +0000 (+0000) Subject: Handle SSL_shutdown while in init more appropriately X-Git-Tag: OpenSSL_1_1_0-pre3~483 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=7bb196a71;p=oweals%2Fopenssl.git Handle SSL_shutdown while in init more appropriately Calling SSL_shutdown while in init previously gave a "1" response, meaning everything was successfully closed down (even though it wasn't). Better is to send our close_notify, but fail when trying to receive one. The problem with doing a shutdown while in the middle of a handshake is that once our close_notify is sent we shouldn't really do anything else (including process handshake/CCS messages) until we've received a close_notify back from the peer. However the peer might send a CCS before acting on our close_notify - so we won't be able to read it because we're not acting on CCS messages! Reviewed-by: Viktor Dukhovni --- diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 3152348dcd..d26b4af1a7 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1992,6 +1992,7 @@ void ERR_load_SSL_strings(void); # define SSL_F_SSL3_SETUP_KEY_BLOCK 157 # define SSL_F_SSL3_SETUP_READ_BUFFER 156 # define SSL_F_SSL3_SETUP_WRITE_BUFFER 291 +# define SSL_F_SSL3_SHUTDOWN 396 # define SSL_F_SSL3_WRITE_BYTES 158 # define SSL_F_SSL3_WRITE_PENDING 159 # define SSL_F_SSL_ACCEPT 390 @@ -2344,6 +2345,7 @@ void ERR_load_SSL_strings(void); # define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345 # define SSL_R_SERVERHELLO_TLSEXT 275 # define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277 +# define SSL_R_SHUTDOWN_WHILE_IN_INIT 407 # define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360 # define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 # define SSL_R_SRP_A_CALC 361 diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 4b2f196782..28204bc7b1 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -4328,6 +4328,21 @@ int ssl3_shutdown(SSL *s) return (ret); } } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { + if (SSL_in_init(s)) { + /* + * We can't shutdown properly if we are in the middle of a + * handshake. Doing so is problematic because the peer may send a + * CCS before it acts on our close_notify. However we should not + * continue to process received handshake messages or CCS once our + * close_notify has been sent. Therefore any close_notify from + * the peer will be unreadable because we have not moved to the next + * cipher state. Its best just to avoid this can-of-worms. Return + * an error if we are wanting to wait for a close_notify from the + * peer and we are in init. + */ + SSLerr(SSL_F_SSL3_SHUTDOWN, SSL_R_SHUTDOWN_WHILE_IN_INIT); + return -1; + } /* * If we are waiting for a close from our peer, we are closed */ diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 2abd0155e6..a112ad41e8 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -128,6 +128,7 @@ static ERR_STRING_DATA SSL_str_functs[] = { {ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK), "ssl3_setup_key_block"}, {ERR_FUNC(SSL_F_SSL3_SETUP_READ_BUFFER), "ssl3_setup_read_buffer"}, {ERR_FUNC(SSL_F_SSL3_SETUP_WRITE_BUFFER), "ssl3_setup_write_buffer"}, + {ERR_FUNC(SSL_F_SSL3_SHUTDOWN), "ssl3_shutdown"}, {ERR_FUNC(SSL_F_SSL3_WRITE_BYTES), "ssl3_write_bytes"}, {ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "ssl3_write_pending"}, {ERR_FUNC(SSL_F_SSL_ACCEPT), "SSL_accept"}, @@ -577,6 +578,7 @@ static ERR_STRING_DATA SSL_str_reasons[] = { {ERR_REASON(SSL_R_SERVERHELLO_TLSEXT), "serverhello tlsext"}, {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED), "session id context uninitialized"}, + {ERR_REASON(SSL_R_SHUTDOWN_WHILE_IN_INIT), "shutdown while in init"}, {ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR), "signature algorithms error"}, {ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE), diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index e922e3f07c..fe9749ec83 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1564,10 +1564,7 @@ int SSL_shutdown(SSL *s) return -1; } - if (!SSL_in_init(s)) - return (s->method->ssl_shutdown(s)); - else - return (1); + return s->method->ssl_shutdown(s); } int SSL_renegotiate(SSL *s)