From 42cd25fa9da212fd74273499358af3b3947b722a Mon Sep 17 00:00:00 2001 From: cameronrich Date: Sat, 7 May 2011 00:10:20 +0000 Subject: [PATCH] Fixed closure alerts. git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@208 9a5d90b5-6617-0410-8a86-bb477d3ed2e3 --- ssl/tls1.c | 12 ++++++++---- ssl/tls1.h | 2 +- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/ssl/tls1.c b/ssl/tls1.c index 5a828e91a..4bc71a21c 100755 --- a/ssl/tls1.c +++ b/ssl/tls1.c @@ -247,8 +247,8 @@ EXP_FUNC void STDCALL ssl_free(SSL *ssl) return; /* only notify if we weren't notified first */ - if (!IS_SET_SSL_FLAG(SSL_RECEIVED_CLOSE_NOTIFY)) - /* spec says we must notify when we are dying */ + /* spec says we must notify when we are dying */ + if (!IS_SET_SSL_FLAG(SSL_SENT_CLOSE_NOTIFY)) send_alert(ssl, SSL_ALERT_CLOSE_NOTIFY); ssl_ctx = ssl->ssl_ctx; @@ -1021,6 +1021,7 @@ int send_packet(SSL *ssl, uint8_t protocol, const uint8_t *in, int length) } msg_length += length; + if (IS_SET_SSL_FLAG(SSL_TX_ENCRYPTED)) { int mode = IS_SET_SSL_FLAG(SSL_IS_CLIENT) ? @@ -1360,12 +1361,15 @@ int basic_read(SSL *ssl, uint8_t **in_data) buf[1] == SSL_ALERT_CLOSE_NOTIFY) { ret = SSL_CLOSE_NOTIFY; - SET_SSL_FLAG(SSL_RECEIVED_CLOSE_NOTIFY); + send_alert(ssl, SSL_ALERT_CLOSE_NOTIFY); + SET_SSL_FLAG(SSL_SENT_CLOSE_NOTIFY); } else + { ret = -buf[1]; + DISPLAY_ALERT(ssl, buf[1]); + } - DISPLAY_ALERT(ssl, buf[1]); break; default: diff --git a/ssl/tls1.h b/ssl/tls1.h index b533096ee..55552afe7 100755 --- a/ssl/tls1.h +++ b/ssl/tls1.h @@ -65,7 +65,7 @@ extern "C" { #define SSL_SESSION_RESUME 0x0008 #define SSL_IS_CLIENT 0x0010 #define SSL_HAS_CERT_REQ 0x0020 -#define SSL_RECEIVED_CLOSE_NOTIFY 0x0040 +#define SSL_SENT_CLOSE_NOTIFY 0x0040 /* some macros to muck around with flag bits */ #define SET_SSL_FLAG(A) (ssl->flag |= A)