]>
Commit | Line | Data |
---|---|---|
846e33c7 | 1 | /* |
6738bf14 | 2 | * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. |
c103c7e2 | 3 | * |
846e33c7 RS |
4 | * Licensed under the OpenSSL license (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
c103c7e2 MC |
8 | */ |
9 | ||
c103c7e2 MC |
10 | #include "ssl_locl.h" |
11 | ||
12 | int ssl3_do_change_cipher_spec(SSL *s) | |
13 | { | |
14 | int i; | |
c103c7e2 | 15 | |
49ae7423 | 16 | if (s->server) |
c103c7e2 MC |
17 | i = SSL3_CHANGE_CIPHER_SERVER_READ; |
18 | else | |
19 | i = SSL3_CHANGE_CIPHER_CLIENT_READ; | |
20 | ||
21 | if (s->s3->tmp.key_block == NULL) { | |
22 | if (s->session == NULL || s->session->master_key_length == 0) { | |
23 | /* might happen if dtls1_read_bytes() calls this */ | |
a230b26e | 24 | SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, SSL_R_CCS_RECEIVED_EARLY); |
26a7d938 | 25 | return 0; |
c103c7e2 MC |
26 | } |
27 | ||
28 | s->session->cipher = s->s3->tmp.new_cipher; | |
29 | if (!s->method->ssl3_enc->setup_key_block(s)) | |
26a7d938 | 30 | return 0; |
c103c7e2 MC |
31 | } |
32 | ||
33 | if (!s->method->ssl3_enc->change_cipher_state(s, i)) | |
26a7d938 | 34 | return 0; |
c103c7e2 | 35 | |
208fb891 | 36 | return 1; |
c103c7e2 MC |
37 | } |
38 | ||
39 | int ssl3_send_alert(SSL *s, int level, int desc) | |
40 | { | |
41 | /* Map tls/ssl alert value to correct one */ | |
49e7fe12 MC |
42 | if (SSL_TREAT_AS_TLS13(s)) |
43 | desc = tls13_alert_code(desc); | |
44 | else | |
45 | desc = s->method->ssl3_enc->alert_value(desc); | |
c103c7e2 MC |
46 | if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION) |
47 | desc = SSL_AD_HANDSHAKE_FAILURE; /* SSL 3.0 does not have | |
48 | * protocol_version alerts */ | |
49 | if (desc < 0) | |
50 | return -1; | |
51 | /* If a fatal one, remove from cache */ | |
52 | if ((level == SSL3_AL_FATAL) && (s->session != NULL)) | |
e2bb9b9b | 53 | SSL_CTX_remove_session(s->session_ctx, s->session); |
c103c7e2 MC |
54 | |
55 | s->s3->alert_dispatch = 1; | |
56 | s->s3->send_alert[0] = level; | |
57 | s->s3->send_alert[1] = desc; | |
f161995e | 58 | if (!RECORD_LAYER_write_pending(&s->rlayer)) { |
c103c7e2 MC |
59 | /* data still being written out? */ |
60 | return s->method->ssl_dispatch_alert(s); | |
61 | } | |
62 | /* | |
63 | * else data is still being written out, we will get written some time in | |
64 | * the future | |
65 | */ | |
66 | return -1; | |
67 | } | |
68 | ||
69 | int ssl3_dispatch_alert(SSL *s) | |
70 | { | |
71 | int i, j; | |
7ee8627f | 72 | size_t alertlen; |
c103c7e2 | 73 | void (*cb) (const SSL *ssl, int type, int val) = NULL; |
7ee8627f | 74 | size_t written; |
c103c7e2 MC |
75 | |
76 | s->s3->alert_dispatch = 0; | |
d102d9df | 77 | alertlen = 2; |
7ee8627f MC |
78 | i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3->send_alert[0], &alertlen, 1, 0, |
79 | &written); | |
c103c7e2 MC |
80 | if (i <= 0) { |
81 | s->s3->alert_dispatch = 1; | |
82 | } else { | |
83 | /* | |
270d65fa TS |
84 | * Alert sent to BIO - now flush. If the message does not get sent due |
85 | * to non-blocking IO, we will not worry too much. | |
c103c7e2 | 86 | */ |
270d65fa | 87 | (void)BIO_flush(s->wbio); |
c103c7e2 MC |
88 | |
89 | if (s->msg_callback) | |
90 | s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert, | |
91 | 2, s, s->msg_callback_arg); | |
92 | ||
93 | if (s->info_callback != NULL) | |
94 | cb = s->info_callback; | |
95 | else if (s->ctx->info_callback != NULL) | |
96 | cb = s->ctx->info_callback; | |
97 | ||
98 | if (cb != NULL) { | |
99 | j = (s->s3->send_alert[0] << 8) | s->s3->send_alert[1]; | |
100 | cb(s, SSL_CB_WRITE_ALERT, j); | |
101 | } | |
102 | } | |
7ee8627f | 103 | return i; |
c103c7e2 | 104 | } |