Refuse to send data during handshake

That prevents buggy applications from transmitting sensitive data during
handshake.

Resolves #158

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

diff --git a/lib/errors.c b/lib/errors.c
index cb3c8893ed9038debf4093e02b0569d9e49d34b1..e17ce86557d892d2b268e0b99fa01bbf8b75efcf 100644 (file)
--- a/lib/errors.c
+++ b/lib/errors.c
@@ -399,7 +399,7 @@ static const gnutls_error_entry error_entries[] = {
                    GNUTLS_E_UNRECOGNIZED_NAME),
        ERROR_ENTRY(N_("There was an issue converting to or from UTF8."),
                    GNUTLS_E_IDNA_ERROR),
-       ERROR_ENTRY(N_("Cannot obtain resumption parameters while handshake is incomplete."),
+       ERROR_ENTRY(N_("Cannot perform this action while handshake is in progress."),
                    GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE),
        ERROR_ENTRY(N_("The obtained public key is invalid."),
                    GNUTLS_E_PK_INVALID_PUBKEY),

diff --git a/lib/record.c b/lib/record.c
index e2921055d2add0cb88412e3c8fe122ddb7966d12..e10fa46433e1837b0531d3b280ccc3fec612093e 100644 (file)
--- a/lib/record.c
+++ b/lib/record.c
@@ -1624,6 +1624,14 @@ ssize_t
 gnutls_record_send(gnutls_session_t session, const void *data,
                   size_t data_size)
 {
+       if (unlikely(!session->internals.initial_negotiation_completed)) {
+               /* this is to protect buggy applications from sending unencrypted
+                * data. We allow sending however, if we are in false start handshake
+                * state. */
+               if (session->internals.recv_state != RECV_STATE_FALSE_START)
+                       return gnutls_assert_val(GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE);
+       }
+
        if (session->internals.record_flush_mode == RECORD_FLUSH) {
                return _gnutls_send_int(session, GNUTLS_APPLICATION_DATA,
                                        -1, EPOCH_WRITE_CURRENT, data,