generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Always return errors in ssl3_get_client_hello

Browse Source 
If we successfully match a cookie don't set return value to 2 as this
results in other error conditions returning 2 as well.

Instead set return value to -2 which can be checked later if everything
else is OK.
This commit is contained in:
Dr. Stephen Henson 2013-04-09 15:53:38 +01:00
parent c6913eeb76
commit c56f5b8edf
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ssl/s3_srvr.c
View File

@ -1082,8 +1082,8 @@ int ssl3_get_client_hello(SSL *s)
SSL_R_COOKIE_MISMATCH); SSL_R_COOKIE_MISMATCH);
goto f_err; goto f_err;
} }
/* Set to -2 so if successful we return 2 */
ret = 2; ret = -2;
} }
p += cookie_len; p += cookie_len;
@ -1461,7 +1461,7 @@ int ssl3_get_client_hello(SSL *s)
} }
} }
if (ret < 0) ret=1; if (ret < 0) ret=-ret;
if (0) if (0)
{ {
f_err: f_err:
@ -1469,7 +1469,7 @@ f_err:
} }
err: err:
if (ciphers != NULL) sk_SSL_CIPHER_free(ciphers); if (ciphers != NULL) sk_SSL_CIPHER_free(ciphers);
return(ret); return ret < 0 ? -1 : ret;
} }
int ssl3_send_server_hello(SSL *s) int ssl3_send_server_hello(SSL *s)