generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add Error state

Browse Source 
Reusing an SSL object when it has encountered a fatal error can
have bad consequences. This is a bug in application code not libssl
but libssl should be more forgiving and not crash.

Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Matt Caswell
2015-04-23 20:01:33 +01:00
parent a28ef860be
commit a89db885e0
3 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ssl/s3_srvr.c
View File

@@ -847,6 +847,7 @@ int ssl3_accept(SSL *s)
goto end;
/* break; */
case SSL_ST_ERR:
default:
SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_UNKNOWN_STATE);
ret = -1;
@@ -1444,8 +1445,10 @@ int ssl3_get_client_hello(SSL *s)
if (0) {
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
}
err:
s->state = SSL_ST_ERR;
}
sk_SSL_CIPHER_free(ciphers);
return ret < 0 ? -1 : ret;
}