Google Git
Sign in
boringssl/boringssl.git/ea65e100c7b5dc5cb44bd68fae64e67d19bde8f2^!/.
commit
ea65e100c7b5dc5cb44bd68fae64e67d19bde8f2
[log]
author
David Benjamin <davidben@google.com>
Tue May 10 17:57:32 2016 -0400
committer
David Benjamin <davidben@google.com>
Tue May 17 21:27:43 2016 +0000
tree
7de374ed19b44ec3c6937d1c0266876a23bd31d4
parent
fa214e4a18785a4281375b56c00732b470e9cd5b [diff]
Condition the read_close_notify check on type, not shutdown state.

The logic to drop records really should be in the caller. Unless
ssl3_read_bytes is broken apart, condition on the type field which is more
robust.

If we manage to call, say, SSL_read after SSL_shutdown completes at 0 (instead
of 1), this logic can incorrectly cause unknown record types to be dropped.

Change-Id: Iab90e5d9190fcccbf6ff55e17079a2704ed99901
Reviewed-on: https://boringssl-review.googlesource.com/7953
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index bacbfe6..96d81d2 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c

@@ -577,7 +577,9 @@
     goto start;
   }
 
-  if (ssl->s3->send_shutdown == ssl_shutdown_close_notify) {
+  if (type == 0) {
+    /* This may only occur from read_close_notify. */
+    assert(ssl->s3->send_shutdown == ssl_shutdown_close_notify);
     /* close_notify has been sent, so discard all records other than alerts. */
     rr->length = 0;
     goto start;