Branch: Tag:

2014-10-14

2014-10-14 16:09:18 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.File: Propagate fatal alerts to close and write callbacks.

SSL did not call the close_callback on SSL.File()s that connect outgoing
and abort the handshake by sending fatal alerts to the server.

Fatal alerts generated locally (ie due to broken data from peer)
are now signalled on the close and write callbacks with errno set
to ECONNABORTED and fatal alerts received from the peer have errno
set to ECONNRESET.

Thanks to Tobias S. Josefowitz <tobij@tobij.de> for the report.

Tentative fix for [LysLysKOM 21005266].

480:    if (packet->content_type == PACKET_alert)    {    if (packet->level == ALERT_fatal) { -  state = [int(0..0)|ConnectionState](state | CONNECTION_local_fatal); +  state = [int(0..0)|ConnectionState](state | CONNECTION_local_fatal | +  CONNECTION_peer_closed);    // SSL3 5.4:    // Alert messages with a level of fatal result in the immediate    // termination of the connection. In this case, other
559:    {    SSL3_DEBUG_MSG("SSL.Connection: Fatal alert %O\n",    ALERT_descriptions[description]); -  state = [int(0..0)|ConnectionState](state | CONNECTION_peer_fatal); +  state = [int(0..0)|ConnectionState](state | CONNECTION_peer_fatal | +  CONNECTION_peer_closed);    return -1;    }    if (description == ALERT_close_notify)