Provide a clean interface for sending TLSv1.3 alerts.

ok beck@
author: jsing <> 2019-11-18 02:44:20 +0000
committer: jsing <> 2019-11-18 02:44:20 +0000
commit: d29c2aa42ff08eae9d602f68ded7137c5fc198b7 (patch)
tree: dcc8866cbf81ac5c1b835c9fd0bdc702dc8029ed
parent: 34c3a0b06b3b47e9a51dc4ba51a5aef8bb2e5004 (diff)
download: openbsd-d29c2aa42ff08eae9d602f68ded7137c5fc198b7.tar.gz
openbsd-d29c2aa42ff08eae9d602f68ded7137c5fc198b7.tar.bz2
openbsd-d29c2aa42ff08eae9d602f68ded7137c5fc198b7.zip
2 files changed, 17 insertions, 5 deletions
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h
index df5f13eb66..5fd1956cfd 100644
--- a/src/lib/libssl/tls13_internal.h
+++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.32 2019/11/17 21:47:01 jsing Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.33 2019/11/18 02:44:20 jsing Exp $ */
 /*
 * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
 * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -120,8 +120,6 @@ int tls13_record_layer_set_read_traffic_key(struct tls13_record_layer *rl,
    struct tls13_secret *read_key);
 int tls13_record_layer_set_write_traffic_key(struct tls13_record_layer *rl,
    struct tls13_secret *write_key);
-ssize_t tls13_record_layer_alert(struct tls13_record_layer *rl,
-    uint8_t alert_level, uint8_t alert_desc);
 ssize_t tls13_record_layer_phh(struct tls13_record_layer *rl, CBS *cbs);
 ssize_t tls13_read_handshake_data(struct tls13_record_layer *rl, uint8_t *buf, size_t n);
@@ -131,6 +129,8 @@ ssize_t tls13_read_application_data(struct tls13_record_layer *rl, uint8_t *buf,
 ssize_t tls13_write_application_data(struct tls13_record_layer *rl, const uint8_t *buf,
    size_t n);
+ssize_t tls13_send_alert(struct tls13_record_layer *rl, uint8_t alert_desc);
 /*
 * Handshake Messages.
 */
diff --git a/src/lib/libssl/tls13_record_layer.c b/src/lib/libssl/tls13_record_layer.c
index ebefac0a25..188f56e0b4 100644
--- a/src/lib/libssl/tls13_record_layer.c
+++ b/src/lib/libssl/tls13_record_layer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record_layer.c,v 1.14 2019/11/17 21:47:01 jsing Exp $ */
+/* $OpenBSD: tls13_record_layer.c,v 1.15 2019/11/18 02:44:20 jsing Exp $ */
 /*
 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
 *
@@ -328,7 +328,7 @@ tls13_record_layer_send_pending(struct tls13_record_layer *rl)
        return TLS13_IO_SUCCESS;
 }
-ssize_t
+static ssize_t
 tls13_record_layer_alert(struct tls13_record_layer *rl,
    uint8_t alert_level, uint8_t alert_desc)
 {
@@ -967,3 +967,15 @@ tls13_write_application_data(struct tls13_record_layer *rl, const uint8_t *buf,
        return tls13_record_layer_write(rl, SSL3_RT_APPLICATION_DATA, buf, n);
 }
+ssize_t
+tls13_send_alert(struct tls13_record_layer *rl, uint8_t alert_desc)
+{
+        uint8_t alert_level = SSL3_AL_FATAL;
+        if (alert_desc == SSL_AD_CLOSE_NOTIFY ||
+            alert_desc == SSL_AD_USER_CANCELLED)
+                alert_level = SSL3_AL_WARNING;
+        return tls13_record_layer_alert(rl, alert_level, alert_desc);
+}
author	jsing <>	2019-11-18 02:44:20 +0000
committer	jsing <>	2019-11-18 02:44:20 +0000
commit	d29c2aa42ff08eae9d602f68ded7137c5fc198b7 (patch)
tree	dcc8866cbf81ac5c1b835c9fd0bdc702dc8029ed
parent	34c3a0b06b3b47e9a51dc4ba51a5aef8bb2e5004 (diff)
download	openbsd-d29c2aa42ff08eae9d602f68ded7137c5fc198b7.tar.gz openbsd-d29c2aa42ff08eae9d602f68ded7137c5fc198b7.tar.bz2 openbsd-d29c2aa42ff08eae9d602f68ded7137c5fc198b7.zip