Handle shutdown during init/handshake earlier
Sending close_notify during init causes some problems for some
applications so we instead revert to the previous behavior returning an
error instead of silently passing.
(Imported from upstream's 64193c8218540499984cd63cda41f3cd491f3f59)
Change-Id: I5efed1ce152197d291e6c7ece6e5dbb8f3ad867d
Reviewed-on: https://boringssl-review.googlesource.com/7232
Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 3ccfa8e..20a61ef 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -646,6 +646,12 @@
return -1;
}
+ /* We can't shutdown properly if we are in the middle of a handshake. */
+ if (SSL_in_init(ssl)) {
+ OPENSSL_PUT_ERROR(SSL, SSL_R_SHUTDOWN_WHILE_IN_INIT);
+ return -1;
+ }
+
/* Do nothing if configured not to send a close_notify. */
if (ssl->quiet_shutdown) {
ssl->shutdown = SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN;
@@ -671,11 +677,6 @@
return ret;
}
} else if (!(ssl->shutdown & SSL_RECEIVED_SHUTDOWN)) {
- if (SSL_in_init(ssl)) {
- /* We can't shutdown properly if we are in the middle of a handshake. */
- OPENSSL_PUT_ERROR(SSL, SSL_R_SHUTDOWN_WHILE_IN_INIT);
- return -1;
- }
/* If we are waiting for a close from our peer, we are closed */
ssl->method->ssl_read_close_notify(ssl);
if (!(ssl->shutdown & SSL_RECEIVED_SHUTDOWN)) {