Make low-level record errors idempotent.
Enough were to make record processing idempotent (we either consume a
record or we don't), but some errors would cause us to keep processing
records when we should get stuck.
This leaves errors in the layer between the record bits and the
handshake. I'm hoping that will be easier to resolve once they do not
depend on BIO, at which point the checks added in this CL may move
around.
Bug: 206
Change-Id: I6b177079388820335e25947c5bd736451780ab8f
Reviewed-on: https://boringssl-review.googlesource.com/21366
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Steven Valdez <svaldez@google.com>
diff --git a/ssl/internal.h b/ssl/internal.h
index edbf4eb..b034b66 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -2130,7 +2130,7 @@
enum ssl_shutdown_t {
ssl_shutdown_none = 0,
ssl_shutdown_close_notify = 1,
- ssl_shutdown_fatal_alert = 2,
+ ssl_shutdown_error = 2,
};
struct SSL3_STATE {
@@ -2160,6 +2160,10 @@
// write_shutdown is the shutdown state for the write half of the connection.
enum ssl_shutdown_t write_shutdown;
+ // read_error, if |read_shutdown| is |ssl_shutdown_error|, is the error for
+ // the receive half of the connection.
+ ERR_SAVE_STATE *read_error;
+
int alert_dispatch;
int total_renegotiations;
@@ -2858,6 +2862,10 @@
// ssl_reset_error_state resets state for |SSL_get_error|.
void ssl_reset_error_state(SSL *ssl);
+// ssl_set_read_error sets |ssl|'s read half into an error state, saving the
+// current state of the error queue.
+void ssl_set_read_error(SSL* ssl);
+
} // namespace bssl
