From b70929d8816a98e03f2a44de9ee1c07edde90382 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Thu, 23 Jan 2020 02:49:38 +0000
Subject: Add a TLS13_IO_ALERT return value so that we can explicitly signal
 when we sent or received a fatal alert.

Pull the fatal_alert check up into tls13_legacy_error(). Also, if sending
an alert resulted in EOF, do not propagate this back since we do not want
to signal EOF to the caller (rather we want to indicate failure).

ok beck@ tb@
---
 src/lib/libssl/tls13_internal.h     |  9 +++++----
 src/lib/libssl/tls13_lib.c          | 13 ++++++++++---
 src/lib/libssl/tls13_record_layer.c | 11 +++++++----
 3 files changed, 22 insertions(+), 11 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h
index d8a74ef67a..4d6d626433 100644
--- a/src/lib/libssl/tls13_internal.h
+++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.46 2020/01/23 02:24:38 jsing Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.47 2020/01/23 02:49:38 jsing Exp $ */
 /*
  * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
  * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -33,9 +33,10 @@ __BEGIN_HIDDEN_DECLS
 #define TLS13_IO_SUCCESS	 1
 #define TLS13_IO_EOF		 0
 #define TLS13_IO_FAILURE	-1
-#define TLS13_IO_WANT_POLLIN	-2
-#define TLS13_IO_WANT_POLLOUT	-3
-#define TLS13_IO_USE_LEGACY	-4
+#define TLS13_IO_ALERT		-2
+#define TLS13_IO_WANT_POLLIN	-3
+#define TLS13_IO_WANT_POLLOUT	-4
+#define TLS13_IO_USE_LEGACY	-5
 
 #define TLS13_ERR_VERIFY_FAILED	16
 #define TLS13_ERR_HRR_FAILED	17
diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c
index 51a2a383ed..727f617471 100644
--- a/src/lib/libssl/tls13_lib.c
+++ b/src/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_lib.c,v 1.21 2020/01/22 13:10:51 jsing Exp $ */
+/*	$OpenBSD: tls13_lib.c,v 1.22 2020/01/23 02:49:38 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -349,6 +349,10 @@ tls13_legacy_error(SSL *ssl)
 	struct tls13_ctx *ctx = ssl->internal->tls13;
 	int reason = SSL_R_UNKNOWN;
 
+	/* If we received a fatal alert we already put an error on the stack. */
+	if (S3I(ssl)->fatal_alert != 0)
+		return;
+
 	switch (ctx->error.code) {
 	case TLS13_ERR_VERIFY_FAILED:
 		reason = SSL_R_CERTIFICATE_VERIFY_FAILED;
@@ -384,8 +388,11 @@ tls13_legacy_return_code(SSL *ssl, ssize_t ret)
 		return 0;
 
 	case TLS13_IO_FAILURE:
-		if (S3I(ssl)->fatal_alert == 0)
-			tls13_legacy_error(ssl);
+		tls13_legacy_error(ssl);
+		return -1;
+
+	case TLS13_IO_ALERT:
+		tls13_legacy_error(ssl);
 		return -1;
 
 	case TLS13_IO_WANT_POLLIN:
diff --git a/src/lib/libssl/tls13_record_layer.c b/src/lib/libssl/tls13_record_layer.c
index 4de7340999..f6dbbf1550 100644
--- a/src/lib/libssl/tls13_record_layer.c
+++ b/src/lib/libssl/tls13_record_layer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record_layer.c,v 1.22 2020/01/22 06:23:00 jsing Exp $ */
+/* $OpenBSD: tls13_record_layer.c,v 1.23 2020/01/23 02:49:38 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -278,7 +278,7 @@ tls13_record_layer_process_alert(struct tls13_record_layer *rl)
 	} else if (alert_level == SSL3_AL_FATAL) {
 		rl->read_closed = 1;
 		rl->write_closed = 1;
-		ret = TLS13_IO_FAILURE; /* XXX - ALERT? */
+		ret = TLS13_IO_ALERT;
 	} else
 		return tls13_send_alert(rl, SSL_AD_ILLEGAL_PARAMETER);
 
@@ -293,8 +293,11 @@ tls13_record_layer_send_alert(struct tls13_record_layer *rl)
 
 	/* This has to fit into a single record, per RFC 8446 section 5.1. */
 	if ((ret = tls13_record_layer_write_record(rl, SSL3_RT_ALERT,
-	    rl->alert_data, rl->alert_len)) != rl->alert_len)
+	    rl->alert_data, rl->alert_len)) != rl->alert_len) {
+		if (ret == TLS13_IO_EOF)
+			ret = TLS13_IO_ALERT;
 		return ret;
+	}
 
 	freezero(rl->alert_data, rl->alert_len);
 	rl->alert_data = NULL;
@@ -309,7 +312,7 @@ tls13_record_layer_send_alert(struct tls13_record_layer *rl)
 	} else {
 		rl->read_closed = 1;
 		rl->write_closed = 1;
-		ret = TLS13_IO_SUCCESS; /* XXX - ALERT? */
+		ret = TLS13_IO_ALERT;
 	}
 
 	return ret;
-- 
cgit v1.2.3-55-g6feb