Use a flag to track when we need to call SSL_shutdown(). This avoids an

issue where by calling tls_close() on a TLS context that has not attempted
a handshake, results in an unexpected failure.

Reported by Vinay Sajip.

ok beck@

4 files changed, 11 insertions, 5 deletions

diff --git a/src/lib/libtls/tls.c b/src/lib/libtls/tls.c
index c028d19539..9b03c2b6f0 100644
--- a/src/lib/libtls/tls.c
+++ b/src/lib/libtls/tls.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls.c,v 1.58 2017/01/22 08:27:50 claudio Exp $ */
+/* $OpenBSD: tls.c,v 1.59 2017/01/26 12:56:37 jsing Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -649,7 +649,7 @@ tls_close(struct tls *ctx)
                 goto out;
         }
 
-        if (ctx->ssl_conn != NULL) {
+        if (ctx->state & TLS_SSL_NEEDS_SHUTDOWN) {
                 ERR_clear_error();
                 ssl_ret = SSL_shutdown(ctx->ssl_conn);
                 if (ssl_ret < 0) {
@@ -658,6 +658,7 @@ tls_close(struct tls *ctx)
                         if (rv == TLS_WANT_POLLIN || rv == TLS_WANT_POLLOUT)
                                 goto out;
                 }
+                ctx->state &= ~TLS_SSL_NEEDS_SHUTDOWN;
         }
 
         if (ctx->socket != -1) {
diff --git a/src/lib/libtls/tls_client.c b/src/lib/libtls/tls_client.c
index d22a8a95ce..a1e2caa717 100644
--- a/src/lib/libtls/tls_client.c
+++ b/src/lib/libtls/tls_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_client.c,v 1.39 2017/01/12 16:15:58 jsing Exp $ */
+/* $OpenBSD: tls_client.c,v 1.40 2017/01/26 12:56:37 jsing Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -297,6 +297,8 @@ tls_handshake_client(struct tls *ctx)
                 goto err;
         }
 
+        ctx->state |= TLS_SSL_NEEDS_SHUTDOWN;
+
         ERR_clear_error();
         if ((ssl_ret = SSL_connect(ctx->ssl_conn)) != 1) {
                 rv = tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, "handshake");
diff --git a/src/lib/libtls/tls_internal.h b/src/lib/libtls/tls_internal.h
index 3650ca9462..37737c3499 100644
--- a/src/lib/libtls/tls_internal.h
+++ b/src/lib/libtls/tls_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_internal.h,v 1.51 2017/01/24 01:48:05 claudio Exp $ */
+/* $OpenBSD: tls_internal.h,v 1.52 2017/01/26 12:56:37 jsing Exp $ */
 /*
  * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
@@ -118,6 +118,7 @@ struct tls_conninfo {
 
 #define TLS_EOF_NO_CLOSE_NOTIFY (1 << 0)
 #define TLS_HANDSHAKE_COMPLETE  (1 << 1)
+#define TLS_SSL_NEEDS_SHUTDOWN  (1 << 2)
 
 struct tls_ocsp_result {
         const char *result_msg;
diff --git a/src/lib/libtls/tls_server.c b/src/lib/libtls/tls_server.c
index 5bf87552cb..1a1a48a169 100644
--- a/src/lib/libtls/tls_server.c
+++ b/src/lib/libtls/tls_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_server.c,v 1.33 2017/01/24 01:48:05 claudio Exp $ */
+/* $OpenBSD: tls_server.c,v 1.34 2017/01/26 12:56:37 jsing Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -457,6 +457,8 @@ tls_handshake_server(struct tls *ctx)
                 goto err;
         }
 
+        ctx->state |= TLS_SSL_NEEDS_SHUTDOWN;
+
         ERR_clear_error();
         if ((ssl_ret = SSL_accept(ctx->ssl_conn)) != 1) {
                 rv = tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, "handshake");