diff options
| -rw-r--r-- | src/tls/tls_channel.cpp | 33 | ||||
| -rw-r--r-- | src/tls/tls_channel.h | 12 | ||||
| -rw-r--r-- | src/tls/tls_client.cpp | 2 | ||||
| -rw-r--r-- | src/tls/tls_server.cpp | 2 |
4 files changed, 31 insertions, 18 deletions
diff --git a/src/tls/tls_channel.cpp b/src/tls/tls_channel.cpp index 7d4bdc744..3831a6792 100644 --- a/src/tls/tls_channel.cpp +++ b/src/tls/tls_channel.cpp @@ -17,7 +17,8 @@ TLS_Channel::TLS_Channel(std::tr1::function<void (const byte[], size_t)> socket_ proc_fn(proc_fn), writer(socket_output_fn), state(0), - active(false) + handshake_completed(false), + connection_closed(false) { } @@ -46,7 +47,7 @@ size_t TLS_Channel::received_data(const byte buf[], size_t buf_size) if(rec_type == APPLICATION_DATA) { - if(active) + if(handshake_completed) { /* * OpenSSL among others sends empty records in versions @@ -71,12 +72,15 @@ size_t TLS_Channel::received_data(const byte buf[], size_t buf_size) proc_fn(0, 0, alert_msg.type()); - if(alert_msg.is_fatal() || alert_msg.type() == CLOSE_NOTIFY) + if(!connection_closed) { - if(alert_msg.type() == CLOSE_NOTIFY) - alert(FATAL, CLOSE_NOTIFY); - else - alert(FATAL, NULL_ALERT); + if(alert_msg.is_fatal() || alert_msg.type() == CLOSE_NOTIFY) + { + if(alert_msg.type() == CLOSE_NOTIFY) + alert(FATAL, CLOSE_NOTIFY); + else + alert(FATAL, NULL_ALERT); + } } } else @@ -160,7 +164,7 @@ void TLS_Channel::read_handshake(byte rec_type, void TLS_Channel::queue_for_sending(const byte buf[], size_t buf_size) { - if(active) + if(handshake_completed) { while(!pre_handshake_write_queue.end_of_data()) { @@ -177,7 +181,7 @@ void TLS_Channel::queue_for_sending(const byte buf[], size_t buf_size) void TLS_Channel::alert(Alert_Level alert_level, Alert_Type alert_code) { - if(alert_code != NULL_ALERT) + if(alert_code != NULL_ALERT && !connection_closed) { try { @@ -186,13 +190,16 @@ void TLS_Channel::alert(Alert_Level alert_level, Alert_Type alert_code) catch(...) { /* swallow it */ } } - if(active && alert_level == FATAL) + if(!connection_closed && + (alert_code == CLOSE_NOTIFY || alert_level == FATAL)) { - reader.reset(); - writer.reset(); + connection_closed = true; + delete state; state = 0; - active = false; + + reader.reset(); + writer.reset(); } } diff --git a/src/tls/tls_channel.h b/src/tls/tls_channel.h index 5f06181de..52036c78d 100644 --- a/src/tls/tls_channel.h +++ b/src/tls/tls_channel.h @@ -46,9 +46,14 @@ class BOTAN_DLL TLS_Channel void alert(Alert_Level level, Alert_Type type); /** - * Is the connection active? + * Is the connection active for sending application data? */ - bool is_active() const { return active; } + bool is_active() const { return handshake_completed && !is_closed(); } + + /** + * Has the connection been definitely closed + */ + bool is_closed() const { return connection_closed; } /** * Attempt to renegotiate the session @@ -115,7 +120,8 @@ class BOTAN_DLL TLS_Channel Secure_Renegotiation_State secure_renegotiation; - bool active; + bool handshake_completed; + bool connection_closed; }; } diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp index 8c7c4188e..bd6b66ba0 100644 --- a/src/tls/tls_client.cpp +++ b/src/tls/tls_client.cpp @@ -311,7 +311,7 @@ void TLS_Client::process_handshake_msg(Handshake_Type type, delete state; state = 0; - active = true; + handshake_completed = true; } else throw Unexpected_Message("Unknown handshake message received"); diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp index 645e207e4..3f65fa735 100644 --- a/src/tls/tls_server.cpp +++ b/src/tls/tls_server.cpp @@ -389,7 +389,7 @@ void TLS_Server::process_handshake_msg(Handshake_Type type, delete state; state = 0; - active = true; + handshake_completed = true; } else throw Unexpected_Message("Unknown handshake message received"); |