mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 06:25:31 +00:00
Code Issues Releases Wiki Activity

Fix crash in TLS caused by improper handling of shutdown messages

Browse Source 
The problem was found when flamethrower was accidentally run in DoT
mode against DoH port.
This commit is contained in:
Artem Boldariev
2021-05-12 14:39:24 +03:00
parent 1947f6372d
commit 6816a741ca
1 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lib/isc/netmgr/tlsstream.c
View File

@@ -382,8 +382,9 @@ tls_do_bio(isc_nmsocket_t *sock, isc_region_t *received_data,
send_data->uvbuf.base,
send_data->uvbuf.len, &len);
if (rv != 1 || len != send_data->uvbuf.len) {
result = received_shutdown ? ISC_R_CANCELED
: ISC_R_TLSERROR;
result = received_shutdown || sent_shutdown
? ISC_R_CANCELED
: ISC_R_TLSERROR;
send_data->cb.send(send_data->handle, result,
send_data->cbarg);
send_data = NULL;
@@ -396,9 +397,9 @@ tls_do_bio(isc_nmsocket_t *sock, isc_region_t *received_data,
* connection and called isc_tls_send(). The
* socket will be detached there, in
* tls_senddone().*/
if (sent_shutdown && received_shutdown) {
if (sent_shutdown || received_shutdown) {
return;
} else if (!received_shutdown) {
} else {
isc__nmsocket_detach(&sock);
return;
}