summaryrefslogtreecommitdiff
path: root/src/lib/libssl/tls13_record_layer.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/tls13_record_layer.c')
-rw-r--r--src/lib/libssl/tls13_record_layer.c26
1 files changed, 19 insertions, 7 deletions
diff --git a/src/lib/libssl/tls13_record_layer.c b/src/lib/libssl/tls13_record_layer.c
index a6b00a83b3..dff5cd2bbe 100644
--- a/src/lib/libssl/tls13_record_layer.c
+++ b/src/lib/libssl/tls13_record_layer.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls13_record_layer.c,v 1.18 2020/01/21 12:08:04 jsing Exp $ */ 1/* $OpenBSD: tls13_record_layer.c,v 1.19 2020/01/22 01:02:28 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -51,6 +51,8 @@ struct tls13_record_layer {
51 /* Pending alert messages. */ 51 /* Pending alert messages. */
52 uint8_t *alert_data; 52 uint8_t *alert_data;
53 size_t alert_len; 53 size_t alert_len;
54 uint8_t alert_level;
55 uint8_t alert_desc;
54 56
55 /* Pending post-handshake handshake messages (RFC 8446, section 4.6). */ 57 /* Pending post-handshake handshake messages (RFC 8446, section 4.6). */
56 CBS phh_cbs; 58 CBS phh_cbs;
@@ -281,12 +283,19 @@ tls13_record_layer_send_alert(struct tls13_record_layer *rl)
281 rl->alert_data = NULL; 283 rl->alert_data = NULL;
282 rl->alert_len = 0; 284 rl->alert_len = 0;
283 285
284 /* XXX - only close write channel when sending close notify. */ 286 if (rl->alert_desc == SSL_AD_CLOSE_NOTIFY) {
285 rl->read_closed = 1; 287 rl->write_closed = 1;
286 rl->write_closed = 1; 288 ret = TLS13_IO_SUCCESS;
289 } else if (rl->alert_desc == SSL_AD_USER_CANCELLED) {
290 /* Ignored at the record layer. */
291 ret = TLS13_IO_SUCCESS;
292 } else {
293 rl->read_closed = 1;
294 rl->write_closed = 1;
295 ret = TLS13_IO_SUCCESS; /* XXX - ALERT? */
296 }
287 297
288 /* XXX - we may want a TLS13_IO_ALERT (or handle as errors). */ 298 return ret;
289 return TLS13_IO_FAILURE;
290} 299}
291 300
292static ssize_t 301static ssize_t
@@ -314,7 +323,7 @@ tls13_record_layer_send_phh(struct tls13_record_layer *rl)
314 return TLS13_IO_SUCCESS; 323 return TLS13_IO_SUCCESS;
315} 324}
316 325
317static ssize_t 326ssize_t
318tls13_record_layer_send_pending(struct tls13_record_layer *rl) 327tls13_record_layer_send_pending(struct tls13_record_layer *rl)
319{ 328{
320 /* 329 /*
@@ -354,6 +363,9 @@ tls13_record_layer_alert(struct tls13_record_layer *rl,
354 if (!CBB_finish(&cbb, &rl->alert_data, &rl->alert_len)) 363 if (!CBB_finish(&cbb, &rl->alert_data, &rl->alert_len))
355 goto err; 364 goto err;
356 365
366 rl->alert_level = alert_level;
367 rl->alert_desc = alert_desc;
368
357 return tls13_record_layer_send_pending(rl); 369 return tls13_record_layer_send_pending(rl);
358 370
359 err: 371 err: