Refuse to send data during handshake

That prevents buggy applications from transmitting sensitive data during
handshake.

Resolves #158

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

2 files changed, 9 insertions, 1 deletions

diff --git a/lib/errors.c b/lib/errors.c
index cb3c8893ed..e17ce86557 100644
--- a/lib/errors.c
+++ b/lib/errors.c
@@ -399,7 +399,7 @@ static const gnutls_error_entry error_entries[] = {
 		    GNUTLS_E_UNRECOGNIZED_NAME),
 	ERROR_ENTRY(N_("There was an issue converting to or from UTF8."),
 		    GNUTLS_E_IDNA_ERROR),
-	ERROR_ENTRY(N_("Cannot obtain resumption parameters while handshake is incomplete."),
+	ERROR_ENTRY(N_("Cannot perform this action while handshake is in progress."),
 		    GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE),
 	ERROR_ENTRY(N_("The obtained public key is invalid."),
 		    GNUTLS_E_PK_INVALID_PUBKEY),
diff --git a/lib/record.c b/lib/record.c
index e2921055d2..e10fa46433 100644
--- a/lib/record.c
+++ b/lib/record.c
@@ -1624,6 +1624,14 @@ ssize_t
 gnutls_record_send(gnutls_session_t session, const void *data,
 		   size_t data_size)
 {
+	if (unlikely(!session->internals.initial_negotiation_completed)) {
+		/* this is to protect buggy applications from sending unencrypted
+		 * data. We allow sending however, if we are in false start handshake
+		 * state. */
+		if (session->internals.recv_state != RECV_STATE_FALSE_START)
+			return gnutls_assert_val(GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE);
+	}
+
 	if (session->internals.record_flush_mode == RECORD_FLUSH) {
 		return _gnutls_send_int(session, GNUTLS_APPLICATION_DATA,
 					-1, EPOCH_WRITE_CURRENT, data,