On 26/10/2022 18:33, pepone.onrez wrote:
Hi,
I'm trying to understand how to handle TLS alerts, I have set up a
callback with
SSL_CTX_set_info_callback(_ctx, ssl_info_callback);
And I can see alerts sent by the peer, does the application need to call
SSL_shutdown upon receiving
a fatal alert, or is this done automatically by the OpenSSL library?
A fatal alert indicates an immediate shutdown. You should not call
SSL_shutdown() after this. This is only for "normal" shutdowns. On
receipt of a fatal alert you can simply close the connection
immediately. No alert needs to be sent back.
> With my testing, I see my client gets "read SSL3 alert fatal unknown CA"
> after the call to SSL_connect finishes without error
An endpoint finishes its handshake after it has both sent and received a
"Finished" message. This does not happen simultaneously on both
endpoints at the same time. In TLSv1.3 the server sends its Finished
message first. The client responds with its
Certificate/CertificateVerify/Finished messages. At this point the
client has completed its handshake (it has both sent and received a
Finished message) and so SSL_connect returns successfully. The server
however has not yet completed the handshake (it hasn't yet processed the
final flight of messages including the Finished message from the client).
If the certificate sent by the client is not acceptable then it will
respond with a fatal alert. The client won't see this until it next
calls SSL_read. At this point SSL_read() will return an error and
SSL_get_error() will indicate SSL_ERROR_SSL. You should just close the
connection at this point without calling SSL_shutdown().
Matt