This repository has been archived by the owner. It is now read-only.

tls: fix to send TLS Alert before socket destroyed #7961

Closed
wants to merge 1 commit into
from

Conversation

Projects
None yet
2 participants
@shigeki

shigeki commented Jul 17, 2014

When TLS Alert is occured in handshake, ClearOut only write it into wbio and does not flush to socket. TLS Alert should be written to socket with EncOut before socket is destroyed within its error callback.
After this patch, TLS Alert surly is sent from node server which is limited to accept TLS1.2 as below

$ openssl s_client -quiet -tls1_1  -connect localhost:443
140321003767456:error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version:s3_pkt.c:1554:SSL alert number 70
140321003767456:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake failure:s3_pkt.c:658:
tls: fix to send TLS Alert before socket destroyed
When TLS Alert is occured in handshake, ClearOut only write it into
wbio and does not flush to socket. TLS Alert should be written to
socket with EncOut before socket is destroyed within its error
callback.
@indutny

This comment has been minimized.

Show comment Hide comment
@indutny

indutny Jul 23, 2014

Member

Landed in 2bb4867, thank you!

Member

indutny commented Jul 23, 2014

Landed in 2bb4867, thank you!

@indutny indutny closed this Jul 23, 2014

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.