Condition the read_close_notify check on type, not shutdown state. The logic to drop records really should be in the caller. Unless ssl3_read_bytes is broken apart, condition on the type field which is more robust. If we manage to call, say, SSL_read after SSL_shutdown completes at 0 (instead of 1), this logic can incorrectly cause unknown record types to be dropped. Change-Id: Iab90e5d9190fcccbf6ff55e17079a2704ed99901 Reviewed-on: https://boringssl-review.googlesource.com/7953 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>

commit: ea65e100c7b5dc5cb44bd68fae64e67d19bde8f2 [log] [tgz]
author: David Benjamin <davidben@google.com> Tue May 10 17:57:32 2016 -0400
committer: David Benjamin <davidben@google.com> Tue May 17 21:27:43 2016 +0000
tree: 7de374ed19b44ec3c6937d1c0266876a23bd31d4
parent: fa214e4a18785a4281375b56c00732b470e9cd5b [diff]
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index bacbfe6..96d81d2 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c

@@ -577,7 +577,9 @@
     goto start;
   }
 
-  if (ssl->s3->send_shutdown == ssl_shutdown_close_notify) {
+  if (type == 0) {
+    /* This may only occur from read_close_notify. */
+    assert(ssl->s3->send_shutdown == ssl_shutdown_close_notify);
     /* close_notify has been sent, so discard all records other than alerts. */
     rr->length = 0;
     goto start;
commit	ea65e100c7b5dc5cb44bd68fae64e67d19bde8f2	[log] [tgz]
author	David Benjamin <davidben@google.com>	Tue May 10 17:57:32 2016 -0400
committer	David Benjamin <davidben@google.com>	Tue May 17 21:27:43 2016 +0000
tree	7de374ed19b44ec3c6937d1c0266876a23bd31d4
parent	fa214e4a18785a4281375b56c00732b470e9cd5b [diff]