Google Git
Sign in
boringssl/boringssl.git/a14934ff2de02c6a12cc34272a26816940e93a60^!/./ssl/ssl_lib.c
commit
a14934ff2de02c6a12cc34272a26816940e93a60
[log]
author
Steven Valdez <svaldez@google.com>
Mon Feb 29 10:05:08 2016 -0500
committer
David Benjamin <davidben@google.com>
Mon Feb 29 20:33:51 2016 +0000
tree
dbb09d1cf7bcbc9df1bcc367266807952300ccfa
parent
c4eec0c16b02c97a62a95b6a08656c3a9ddb6baa [diff] [blame]
Handle shutdown during init/handshake earlier

Sending close_notify during init causes some problems for some
applications so we instead revert to the previous behavior returning an
error instead of silently passing.

(Imported from upstream's 64193c8218540499984cd63cda41f3cd491f3f59)

Change-Id: I5efed1ce152197d291e6c7ece6e5dbb8f3ad867d
Reviewed-on: https://boringssl-review.googlesource.com/7232
Reviewed-by: David Benjamin <davidben@google.com>

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 3ccfa8e..20a61ef 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c

@@ -646,6 +646,12 @@
     return -1;
   }
 
+  /* We can't shutdown properly if we are in the middle of a handshake. */
+  if (SSL_in_init(ssl)) {
+    OPENSSL_PUT_ERROR(SSL, SSL_R_SHUTDOWN_WHILE_IN_INIT);
+    return -1;
+  }
+
   /* Do nothing if configured not to send a close_notify. */
   if (ssl->quiet_shutdown) {
     ssl->shutdown = SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN;
@@ -671,11 +677,6 @@
       return ret;
     }
   } else if (!(ssl->shutdown & SSL_RECEIVED_SHUTDOWN)) {
-    if (SSL_in_init(ssl)) {
-      /* We can't shutdown properly if we are in the middle of a handshake. */
-      OPENSSL_PUT_ERROR(SSL, SSL_R_SHUTDOWN_WHILE_IN_INIT);
-      return -1;
-    }
     /* If we are waiting for a close from our peer, we are closed */
     ssl->method->ssl_read_close_notify(ssl);
     if (!(ssl->shutdown & SSL_RECEIVED_SHUTDOWN)) {