generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add Error state

Browse Source 
Reusing an SSL object when it has encountered a fatal error can
have bad consequences. This is a bug in application code not libssl
but libssl should be more forgiving and not crash.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit a89db885e0)

Conflicts:
	ssl/s3_srvr.c
	ssl/ssl_stat.c
This commit is contained in:
Matt Caswell
2015-04-23 20:01:33 +01:00
parent 4b771121f2
commit 189e20c68c
3 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ssl/s3_srvr.c
View File

@@ -857,6 +857,7 @@ int ssl3_accept(SSL *s)
goto end;
/* break; */
case SSL_ST_ERR:
default:
SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_UNKNOWN_STATE);
ret = -1;
@@ -1489,8 +1490,10 @@ int ssl3_get_client_hello(SSL *s)
if (0) {
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
}
err:
s->state = SSL_ST_ERR;
}
if (ciphers != NULL)
sk_SSL_CIPHER_free(ciphers);
return (ret);