2
0

s3_msg.c 3.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106
  1. /*
  2. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the OpenSSL license (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include "ssl_local.h"
  10. int ssl3_do_change_cipher_spec(SSL *s)
  11. {
  12. int i;
  13. if (s->server)
  14. i = SSL3_CHANGE_CIPHER_SERVER_READ;
  15. else
  16. i = SSL3_CHANGE_CIPHER_CLIENT_READ;
  17. if (s->s3->tmp.key_block == NULL) {
  18. if (s->session == NULL || s->session->master_key_length == 0) {
  19. /* might happen if dtls1_read_bytes() calls this */
  20. SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, SSL_R_CCS_RECEIVED_EARLY);
  21. return 0;
  22. }
  23. s->session->cipher = s->s3->tmp.new_cipher;
  24. if (!s->method->ssl3_enc->setup_key_block(s))
  25. return 0;
  26. }
  27. if (!s->method->ssl3_enc->change_cipher_state(s, i))
  28. return 0;
  29. return 1;
  30. }
  31. int ssl3_send_alert(SSL *s, int level, int desc)
  32. {
  33. /* Map tls/ssl alert value to correct one */
  34. if (SSL_TREAT_AS_TLS13(s))
  35. desc = tls13_alert_code(desc);
  36. else
  37. desc = s->method->ssl3_enc->alert_value(desc);
  38. if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION)
  39. desc = SSL_AD_HANDSHAKE_FAILURE; /* SSL 3.0 does not have
  40. * protocol_version alerts */
  41. if (desc < 0)
  42. return -1;
  43. if (s->shutdown & SSL_SENT_SHUTDOWN && desc != SSL_AD_CLOSE_NOTIFY)
  44. return -1;
  45. /* If a fatal one, remove from cache */
  46. if ((level == SSL3_AL_FATAL) && (s->session != NULL))
  47. SSL_CTX_remove_session(s->session_ctx, s->session);
  48. s->s3->alert_dispatch = 1;
  49. s->s3->send_alert[0] = level;
  50. s->s3->send_alert[1] = desc;
  51. if (!RECORD_LAYER_write_pending(&s->rlayer)) {
  52. /* data still being written out? */
  53. return s->method->ssl_dispatch_alert(s);
  54. }
  55. /*
  56. * else data is still being written out, we will get written some time in
  57. * the future
  58. */
  59. return -1;
  60. }
  61. int ssl3_dispatch_alert(SSL *s)
  62. {
  63. int i, j;
  64. size_t alertlen;
  65. void (*cb) (const SSL *ssl, int type, int val) = NULL;
  66. size_t written;
  67. s->s3->alert_dispatch = 0;
  68. alertlen = 2;
  69. i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3->send_alert[0], &alertlen, 1, 0,
  70. &written);
  71. if (i <= 0) {
  72. s->s3->alert_dispatch = 1;
  73. } else {
  74. /*
  75. * Alert sent to BIO - now flush. If the message does not get sent due
  76. * to non-blocking IO, we will not worry too much.
  77. */
  78. (void)BIO_flush(s->wbio);
  79. if (s->msg_callback)
  80. s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert,
  81. 2, s, s->msg_callback_arg);
  82. if (s->info_callback != NULL)
  83. cb = s->info_callback;
  84. else if (s->ctx->info_callback != NULL)
  85. cb = s->ctx->info_callback;
  86. if (cb != NULL) {
  87. j = (s->s3->send_alert[0] << 8) | s->s3->send_alert[1];
  88. cb(s, SSL_CB_WRITE_ALERT, j);
  89. }
  90. }
  91. return i;
  92. }