From 46c0c6a7b768b3aa9319915bd3af13633e7745e2 Mon Sep 17 00:00:00 2001 From: beck <> Date: Tue, 21 Jan 2020 03:40:05 +0000 Subject: Add alert processing in tls client code, by adding alert to the tls13 context, and emiting the alert at the upper layers when the lower level code fails ok jsing@, tb@ --- src/lib/libssl/tls13_handshake.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'src/lib/libssl/tls13_handshake.c') diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c index c86187caec..48a01d3ca4 100644 --- a/src/lib/libssl/tls13_handshake.c +++ b/src/lib/libssl/tls13_handshake.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_handshake.c,v 1.37 2020/01/20 22:04:17 beck Exp $ */ +/* $OpenBSD: tls13_handshake.c,v 1.38 2020/01/21 03:40:05 beck Exp $ */ /* * Copyright (c) 2018-2019 Theo Buehler * Copyright (c) 2019 Joel Sing @@ -291,7 +291,8 @@ tls13_handshake_perform(struct tls13_ctx *ctx) ctx->handshake_completed = 1; tls13_record_layer_handshake_completed(ctx->rl); return TLS13_IO_SUCCESS; - } + } else if (ctx->alert) + return tls13_send_alert(ctx->rl, ctx->alert); if (action->sender == ctx->mode) { if ((ret = tls13_handshake_send_action(ctx, action)) <= 0) @@ -329,6 +330,8 @@ tls13_handshake_send_action(struct tls13_ctx *ctx, /* XXX - provide CBB. */ if (!action->send(ctx)) return TLS13_IO_FAILURE; + else if (ctx->alert) + return tls13_send_alert(ctx->rl, ctx->alert); } if ((ret = tls13_handshake_msg_send(ctx->hs_msg, ctx->rl)) <= 0) @@ -389,6 +392,8 @@ tls13_handshake_recv_action(struct tls13_ctx *ctx, ret = TLS13_IO_FAILURE; if (action->recv(ctx)) ret = TLS13_IO_SUCCESS; + else if (ctx->alert) + ret = tls13_send_alert(ctx->rl, ctx->alert); tls13_handshake_msg_free(ctx->hs_msg); ctx->hs_msg = NULL; -- cgit v1.2.3-55-g6feb