2
0

s3_msg.c 3.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104
  1. /*
  2. * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the OpenSSL license (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include "ssl_locl.h"
  10. int ssl3_do_change_cipher_spec(SSL *s)
  11. {
  12. int i;
  13. if (s->server)
  14. i = SSL3_CHANGE_CIPHER_SERVER_READ;
  15. else
  16. i = SSL3_CHANGE_CIPHER_CLIENT_READ;
  17. if (s->s3->tmp.key_block == NULL) {
  18. if (s->session == NULL || s->session->master_key_length == 0) {
  19. /* might happen if dtls1_read_bytes() calls this */
  20. SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, SSL_R_CCS_RECEIVED_EARLY);
  21. return 0;
  22. }
  23. s->session->cipher = s->s3->tmp.new_cipher;
  24. if (!s->method->ssl3_enc->setup_key_block(s))
  25. return 0;
  26. }
  27. if (!s->method->ssl3_enc->change_cipher_state(s, i))
  28. return 0;
  29. return 1;
  30. }
  31. int ssl3_send_alert(SSL *s, int level, int desc)
  32. {
  33. /* Map tls/ssl alert value to correct one */
  34. if (SSL_TREAT_AS_TLS13(s))
  35. desc = tls13_alert_code(desc);
  36. else
  37. desc = s->method->ssl3_enc->alert_value(desc);
  38. if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION)
  39. desc = SSL_AD_HANDSHAKE_FAILURE; /* SSL 3.0 does not have
  40. * protocol_version alerts */
  41. if (desc < 0)
  42. return -1;
  43. /* If a fatal one, remove from cache */
  44. if ((level == SSL3_AL_FATAL) && (s->session != NULL))
  45. SSL_CTX_remove_session(s->session_ctx, s->session);
  46. s->s3->alert_dispatch = 1;
  47. s->s3->send_alert[0] = level;
  48. s->s3->send_alert[1] = desc;
  49. if (!RECORD_LAYER_write_pending(&s->rlayer)) {
  50. /* data still being written out? */
  51. return s->method->ssl_dispatch_alert(s);
  52. }
  53. /*
  54. * else data is still being written out, we will get written some time in
  55. * the future
  56. */
  57. return -1;
  58. }
  59. int ssl3_dispatch_alert(SSL *s)
  60. {
  61. int i, j;
  62. size_t alertlen;
  63. void (*cb) (const SSL *ssl, int type, int val) = NULL;
  64. size_t written;
  65. s->s3->alert_dispatch = 0;
  66. alertlen = 2;
  67. i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3->send_alert[0], &alertlen, 1, 0,
  68. &written);
  69. if (i <= 0) {
  70. s->s3->alert_dispatch = 1;
  71. } else {
  72. /*
  73. * Alert sent to BIO - now flush. If the message does not get sent due
  74. * to non-blocking IO, we will not worry too much.
  75. */
  76. (void)BIO_flush(s->wbio);
  77. if (s->msg_callback)
  78. s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert,
  79. 2, s, s->msg_callback_arg);
  80. if (s->info_callback != NULL)
  81. cb = s->info_callback;
  82. else if (s->ctx->info_callback != NULL)
  83. cb = s->ctx->info_callback;
  84. if (cb != NULL) {
  85. j = (s->s3->send_alert[0] << 8) | s->s3->send_alert[1];
  86. cb(s, SSL_CB_WRITE_ALERT, j);
  87. }
  88. }
  89. return i;
  90. }