[openssl-commits] [openssl] OpenSSL_1_0_1-stable update
Matt Caswell
matt at openssl.org
Tue May 5 19:11:04 UTC 2015
The branch OpenSSL_1_0_1-stable has been updated
via 76d0c6d48e5a42dedb24691a67d733f6859aee4d (commit)
via a329ae226826c3e1fe61156c20096da374844146 (commit)
via f3c4abb3773efcee81768a5913cba5189a589eff (commit)
via 189e20c68c2399782034fec9f65d6b9ee88aac3d (commit)
from 4b771121f2b657f50e8c7a27e9fab0bb043f91bc (commit)
- Log -----------------------------------------------------------------
commit 76d0c6d48e5a42dedb24691a67d733f6859aee4d
Author: Matt Caswell <matt at openssl.org>
Date: Thu Apr 30 11:50:08 2015 +0100
Add more error state transitions (DTLS)
Ensure all fatal errors transition into the new error state for DTLS.
Reviewed-by: Rich Salz <rsalz at openssl.org>
(cherry picked from commit cefc93910c4c0f7fa9f8c1f8f7aad084a7fa87d2)
Conflicts:
ssl/d1_srvr.c
Conflicts:
ssl/d1_srvr.c
commit a329ae226826c3e1fe61156c20096da374844146
Author: Matt Caswell <matt at openssl.org>
Date: Thu Apr 30 11:32:35 2015 +0100
Add more error state transitions (client)
Ensure all fatal errors transition into the new error state on the client
side.
Reviewed-by: Rich Salz <rsalz at openssl.org>
(cherry picked from commit cc273a93617a5c1e69cb5db6f655e463f8e31806)
Conflicts:
ssl/s3_clnt.c
Conflicts:
ssl/s3_clnt.c
commit f3c4abb3773efcee81768a5913cba5189a589eff
Author: Matt Caswell <matt at openssl.org>
Date: Thu Apr 30 11:11:04 2015 +0100
Add more error state transitions
Ensure all fatal errors transition into the new error state on the server
side.
Reviewed-by: Rich Salz <rsalz at openssl.org>
(cherry picked from commit cf9b0b6fb253fd40225d7c648a08646686e62d2d)
Conflicts:
ssl/s3_srvr.c
commit 189e20c68c2399782034fec9f65d6b9ee88aac3d
Author: Matt Caswell <matt at openssl.org>
Date: Thu Apr 23 20:01:33 2015 +0100
Add Error state
Reusing an SSL object when it has encountered a fatal error can
have bad consequences. This is a bug in application code not libssl
but libssl should be more forgiving and not crash.
Reviewed-by: Rich Salz <rsalz at openssl.org>
(cherry picked from commit a89db885e0d8aac3a9df1bbccb0c1ddfd8b2e10a)
Conflicts:
ssl/s3_srvr.c
ssl/ssl_stat.c
-----------------------------------------------------------------------
Summary of changes:
ssl/d1_clnt.c | 10 ++++++++
ssl/d1_srvr.c | 8 ++++++
ssl/s3_clnt.c | 25 ++++++++++++++++++-
ssl/s3_srvr.c | 79 +++++++++++++++++++++++++++++++++++++++++++++++-----------
ssl/ssl.h | 1 +
ssl/ssl_stat.c | 6 +++++
6 files changed, 114 insertions(+), 15 deletions(-)
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 1394781..377c1e6 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -212,6 +212,7 @@ int dtls1_connect(SSL *s)
(s->version & 0xff00) != (DTLS1_BAD_VER & 0xff00)) {
SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR);
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -221,10 +222,12 @@ int dtls1_connect(SSL *s)
if (s->init_buf == NULL) {
if ((buf = BUF_MEM_new()) == NULL) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
s->init_buf = buf;
@@ -233,12 +236,14 @@ int dtls1_connect(SSL *s)
if (!ssl3_setup_buffers(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
/* setup buffing BIO */
if (!ssl_init_wbio_buffer(s, 0)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -417,6 +422,7 @@ int dtls1_connect(SSL *s)
*/
if (!ssl3_check_cert_and_algorithm(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
break;
@@ -548,6 +554,7 @@ int dtls1_connect(SSL *s)
#endif
if (!s->method->ssl3_enc->setup_key_block(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -555,6 +562,7 @@ int dtls1_connect(SSL *s)
SSL3_CHANGE_CIPHER_CLIENT_WRITE))
{
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
#ifndef OPENSSL_NO_SCTP
@@ -735,6 +743,7 @@ int dtls1_connect(SSL *s)
goto end;
/* break; */
+ case SSL_ST_ERR:
default:
SSLerr(SSL_F_DTLS1_CONNECT, SSL_R_UNKNOWN_STATE);
ret = -1;
@@ -945,6 +954,7 @@ static int dtls1_get_hello_verify(SSL *s)
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ s->state = SSL_ST_ERR;
return -1;
}
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index d12ad6d..d63e229 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -224,11 +224,13 @@ int dtls1_accept(SSL *s)
if (s->init_buf == NULL) {
if ((buf = BUF_MEM_new()) == NULL) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
BUF_MEM_free(buf);
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
s->init_buf = buf;
@@ -236,6 +238,7 @@ int dtls1_accept(SSL *s)
if (!ssl3_setup_buffers(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -257,6 +260,7 @@ int dtls1_accept(SSL *s)
#endif
if (!ssl_init_wbio_buffer(s, 1)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -744,6 +748,7 @@ int dtls1_accept(SSL *s)
s->session->cipher = s->s3->tmp.new_cipher;
if (!s->method->ssl3_enc->setup_key_block(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -772,6 +777,7 @@ int dtls1_accept(SSL *s)
SSL3_CHANGE_CIPHER_SERVER_WRITE))
{
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -852,6 +858,7 @@ int dtls1_accept(SSL *s)
goto end;
/* break; */
+ case SSL_ST_ERR:
default:
SSLerr(SSL_F_DTLS1_ACCEPT, SSL_R_UNKNOWN_STATE);
ret = -1;
@@ -932,6 +939,7 @@ int dtls1_send_hello_verify_request(SSL *s)
&(s->d1->cookie_len)) == 0) {
SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,
ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
return 0;
}
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 6025829..a521d56 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -238,6 +238,7 @@ int ssl3_connect(SSL *s)
if ((s->version & 0xff00) != 0x0300) {
SSLerr(SSL_F_SSL3_CONNECT, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
ret = -1;
goto end;
}
@@ -248,10 +249,12 @@ int ssl3_connect(SSL *s)
if (s->init_buf == NULL) {
if ((buf = BUF_MEM_new()) == NULL) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
s->init_buf = buf;
@@ -266,6 +269,7 @@ int ssl3_connect(SSL *s)
/* setup buffing BIO */
if (!ssl_init_wbio_buffer(s, 0)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -373,6 +377,7 @@ int ssl3_connect(SSL *s)
*/
if (!ssl3_check_cert_and_algorithm(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
break;
@@ -396,6 +401,7 @@ int ssl3_connect(SSL *s)
if ((ret = SRP_Calc_A_param(s)) <= 0) {
SSLerr(SSL_F_SSL3_CONNECT, SSL_R_SRP_A_CALC);
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
goto end;
}
}
@@ -487,6 +493,7 @@ int ssl3_connect(SSL *s)
#endif
if (!s->method->ssl3_enc->setup_key_block(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -494,6 +501,7 @@ int ssl3_connect(SSL *s)
SSL3_CHANGE_CIPHER_CLIENT_WRITE))
{
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -628,6 +636,7 @@ int ssl3_connect(SSL *s)
goto end;
/* break; */
+ case SSL_ST_ERR:
default:
SSLerr(SSL_F_SSL3_CONNECT, SSL_R_UNKNOWN_STATE);
ret = -1;
@@ -822,6 +831,7 @@ int ssl3_client_hello(SSL *s)
/* SSL3_ST_CW_CLNT_HELLO_B */
return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
err:
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -1082,6 +1092,7 @@ int ssl3_get_server_hello(SSL *s)
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
err:
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -1260,8 +1271,10 @@ int ssl3_get_server_certificate(SSL *s)
if (0) {
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
- }
err:
+ s->state = SSL_ST_ERR;
+ }
+
EVP_PKEY_free(pkey);
X509_free(x);
sk_X509_pop_free(sk, X509_free);
@@ -1931,6 +1944,7 @@ int ssl3_get_key_exchange(SSL *s)
EC_KEY_free(ecdh);
#endif
EVP_MD_CTX_cleanup(&md_ctx);
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -2087,7 +2101,10 @@ int ssl3_get_certificate_request(SSL *s)
ca_sk = NULL;
ret = 1;
+ goto done;
err:
+ s->state = SSL_ST_ERR;
+ done:
if (ca_sk != NULL)
sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
return (ret);
@@ -2164,6 +2181,7 @@ int ssl3_get_new_session_ticket(SSL *s)
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
err:
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -2224,6 +2242,7 @@ int ssl3_get_cert_status(SSL *s)
return 1;
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ s->state = SSL_ST_ERR;
return (-1);
}
#endif
@@ -2245,6 +2264,7 @@ int ssl3_get_server_done(SSL *s)
/* should contain no data */
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
SSLerr(SSL_F_SSL3_GET_SERVER_DONE, SSL_R_LENGTH_MISMATCH);
+ s->state = SSL_ST_ERR;
return -1;
}
ret = 1;
@@ -2988,6 +3008,7 @@ int ssl3_send_client_key_exchange(SSL *s)
EC_KEY_free(clnt_ecdh);
EVP_PKEY_free(srvr_pub_pkey);
#endif
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -3121,6 +3142,7 @@ int ssl3_send_client_verify(SSL *s)
err:
EVP_MD_CTX_cleanup(&mctx);
EVP_PKEY_CTX_free(pctx);
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -3189,6 +3211,7 @@ int ssl3_send_client_certificate(SSL *s)
if (!l) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
return 0;
}
s->init_num = (int)l;
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 92acb0ab..65d7a35 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -266,6 +266,7 @@ int ssl3_accept(SSL *s)
if ((s->version >> 8) != 3) {
SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
return -1;
}
s->type = SSL_ST_ACCEPT;
@@ -273,11 +274,13 @@ int ssl3_accept(SSL *s)
if (s->init_buf == NULL) {
if ((buf = BUF_MEM_new()) == NULL) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
BUF_MEM_free(buf);
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
s->init_buf = buf;
@@ -285,6 +288,7 @@ int ssl3_accept(SSL *s)
if (!ssl3_setup_buffers(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -303,6 +307,7 @@ int ssl3_accept(SSL *s)
*/
if (!ssl_init_wbio_buffer(s, 1)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -320,6 +325,7 @@ int ssl3_accept(SSL *s)
SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
} else {
/*
@@ -379,6 +385,7 @@ int ssl3_accept(SSL *s)
SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_CLIENTHELLO_TLSEXT);
ret = SSL_TLSEXT_ERR_ALERT_FATAL;
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
}
@@ -529,9 +536,12 @@ int ssl3_accept(SSL *s)
skip = 1;
s->s3->tmp.cert_request = 0;
s->state = SSL3_ST_SW_SRVR_DONE_A;
- if (s->s3->handshake_buffer)
- if (!ssl3_digest_cached_records(s))
+ if (s->s3->handshake_buffer) {
+ if (!ssl3_digest_cached_records(s)) {
+ s->state = SSL_ST_ERR;
return -1;
+ }
+ }
} else {
s->s3->tmp.cert_request = 1;
ret = ssl3_send_certificate_request(s);
@@ -629,11 +639,14 @@ int ssl3_accept(SSL *s)
*/
if (!s->s3->handshake_buffer) {
SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
return -1;
}
s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
- if (!ssl3_digest_cached_records(s))
+ if (!ssl3_digest_cached_records(s)) {
+ s->state = SSL_ST_ERR;
return -1;
+ }
} else {
int offset = 0;
int dgst_num;
@@ -647,9 +660,12 @@ int ssl3_accept(SSL *s)
* CertificateVerify should be generalized. But it is next
* step
*/
- if (s->s3->handshake_buffer)
- if (!ssl3_digest_cached_records(s))
+ if (s->s3->handshake_buffer) {
+ if (!ssl3_digest_cached_records(s)) {
+ s->state = SSL_ST_ERR;
return -1;
+ }
+ }
for (dgst_num = 0; dgst_num < SSL_MAX_DIGEST; dgst_num++)
if (s->s3->handshake_dgst[dgst_num]) {
int dgst_size;
@@ -665,6 +681,7 @@ int ssl3_accept(SSL *s)
dgst_size =
EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]);
if (dgst_size < 0) {
+ s->state = SSL_ST_ERR;
ret = -1;
goto end;
}
@@ -779,6 +796,7 @@ int ssl3_accept(SSL *s)
s->session->cipher = s->s3->tmp.new_cipher;
if (!s->method->ssl3_enc->setup_key_block(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -795,6 +813,7 @@ int ssl3_accept(SSL *s)
SSL3_CHANGE_CIPHER_SERVER_WRITE))
{
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -857,6 +876,7 @@ int ssl3_accept(SSL *s)
goto end;
/* break; */
+ case SSL_ST_ERR:
default:
SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_UNKNOWN_STATE);
ret = -1;
@@ -1489,8 +1509,10 @@ int ssl3_get_client_hello(SSL *s)
if (0) {
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
- }
err:
+ s->state = SSL_ST_ERR;
+ }
+
if (ciphers != NULL)
sk_SSL_CIPHER_free(ciphers);
return (ret);
@@ -1507,8 +1529,10 @@ int ssl3_send_server_hello(SSL *s)
buf = (unsigned char *)s->init_buf->data;
#ifdef OPENSSL_NO_TLSEXT
p = s->s3->server_random;
- if (ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE) <= 0)
+ if (ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE) <= 0) {
+ s->state = SSL_ST_ERR;
return -1;
+ }
#endif
/* Do the message type and length last */
d = p = &(buf[4]);
@@ -1543,6 +1567,7 @@ int ssl3_send_server_hello(SSL *s)
sl = s->session->session_id_length;
if (sl > (int)sizeof(s->session->session_id)) {
SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
return -1;
}
*(p++) = sl;
@@ -1565,6 +1590,7 @@ int ssl3_send_server_hello(SSL *s)
#ifndef OPENSSL_NO_TLSEXT
if (ssl_prepare_serverhello_tlsext(s) <= 0) {
SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT);
+ s->state = SSL_ST_ERR;
return -1;
}
if ((p =
@@ -1572,6 +1598,7 @@ int ssl3_send_server_hello(SSL *s)
buf + SSL3_RT_MAX_PLAIN_LENGTH)) ==
NULL) {
SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
return -1;
}
#endif
@@ -2055,6 +2082,7 @@ int ssl3_send_server_key_exchange(SSL *s)
BN_CTX_free(bn_ctx);
#endif
EVP_MD_CTX_cleanup(&md_ctx);
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -2152,6 +2180,7 @@ int ssl3_send_certificate_request(SSL *s)
/* SSL3_ST_SW_CERT_REQ_B */
return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
err:
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -2918,6 +2947,7 @@ int ssl3_get_client_key_exchange(SSL *s)
EC_KEY_free(srvr_ecdh);
BN_CTX_free(bn_ctx);
#endif
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -3132,6 +3162,7 @@ int ssl3_get_cert_verify(SSL *s)
if (0) {
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ s->state = SSL_ST_ERR;
}
end:
if (s->s3->handshake_buffer) {
@@ -3290,8 +3321,10 @@ int ssl3_get_client_certificate(SSL *s)
if (0) {
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
- }
err:
+ s->state = SSL_ST_ERR;
+ }
+
if (x != NULL)
X509_free(x);
if (sk != NULL)
@@ -3312,6 +3345,7 @@ int ssl3_send_server_certificate(SSL *s)
(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5)) {
SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,
ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
return (0);
}
}
@@ -3319,6 +3353,7 @@ int ssl3_send_server_certificate(SSL *s)
l = ssl3_output_cert_chain(s, x);
if (!l) {
SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
return (0);
}
s->state = SSL3_ST_SW_CERT_B;
@@ -3354,11 +3389,15 @@ int ssl3_send_newsession_ticket(SSL *s)
* Some length values are 16 bits, so forget it if session is too
* long
*/
- if (slen_full == 0 || slen_full > 0xFF00)
+ if (slen_full == 0 || slen_full > 0xFF00) {
+ s->state = SSL_ST_ERR;
return -1;
+ }
senc = OPENSSL_malloc(slen_full);
- if (!senc)
+ if (!senc) {
+ s->state = SSL_ST_ERR;
return -1;
+ }
EVP_CIPHER_CTX_init(&ctx);
HMAC_CTX_init(&hctx);
@@ -3481,6 +3520,7 @@ int ssl3_send_newsession_ticket(SSL *s)
OPENSSL_free(senc);
EVP_CIPHER_CTX_cleanup(&ctx);
HMAC_CTX_cleanup(&hctx);
+ s->state = SSL_ST_ERR;
return -1;
}
@@ -3494,8 +3534,10 @@ int ssl3_send_cert_status(SSL *s)
* 1 (ocsp response type) + 3 (ocsp response length)
* + (ocsp response)
*/
- if (!BUF_MEM_grow(s->init_buf, 8 + s->tlsext_ocsp_resplen))
+ if (!BUF_MEM_grow(s->init_buf, 8 + s->tlsext_ocsp_resplen)) {
+ s->state = SSL_ST_ERR;
return -1;
+ }
p = (unsigned char *)s->init_buf->data;
@@ -3538,6 +3580,7 @@ int ssl3_get_next_proto(SSL *s)
if (!s->s3->next_proto_neg_seen) {
SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,
SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION);
+ s->state = SSL_ST_ERR;
return -1;
}
@@ -3557,11 +3600,14 @@ int ssl3_get_next_proto(SSL *s)
*/
if (!s->s3->change_cipher_spec) {
SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS);
+ s->state = SSL_ST_ERR;
return -1;
}
- if (n < 2)
+ if (n < 2) {
+ s->state = SSL_ST_ERR;
return 0; /* The body must be > 1 bytes long */
+ }
p = (unsigned char *)s->init_msg;
@@ -3573,15 +3619,20 @@ int ssl3_get_next_proto(SSL *s)
* uint8 padding[padding_len];
*/
proto_len = p[0];
- if (proto_len + 2 > s->init_num)
+ if (proto_len + 2 > s->init_num) {
+ s->state = SSL_ST_ERR;
return 0;
+ }
padding_len = p[proto_len + 1];
- if (proto_len + padding_len + 2 != s->init_num)
+ if (proto_len + padding_len + 2 != s->init_num) {
+ s->state = SSL_ST_ERR;
return 0;
+ }
s->next_proto_negotiated = OPENSSL_malloc(proto_len);
if (!s->next_proto_negotiated) {
SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, ERR_R_MALLOC_FAILURE);
+ s->state = SSL_ST_ERR;
return 0;
}
memcpy(s->next_proto_negotiated, p + 1, proto_len);
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 790589d..62472a1 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1544,6 +1544,7 @@ extern "C" {
# define SSL_ST_BEFORE 0x4000
# define SSL_ST_OK 0x03
# define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)
+# define SSL_ST_ERR 0x05
# define SSL_CB_LOOP 0x01
# define SSL_CB_EXIT 0x02
diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c
index d725d78..1b9069f 100644
--- a/ssl/ssl_stat.c
+++ b/ssl/ssl_stat.c
@@ -117,6 +117,9 @@ const char *SSL_state_string_long(const SSL *s)
case SSL_ST_OK | SSL_ST_ACCEPT:
str = "ok/accept SSL initialization";
break;
+ case SSL_ST_ERR:
+ str = "error";
+ break;
#ifndef OPENSSL_NO_SSL2
case SSL2_ST_CLIENT_START_ENCRYPTION:
str = "SSLv2 client start encryption";
@@ -496,6 +499,9 @@ const char *SSL_state_string(const SSL *s)
case SSL_ST_OK:
str = "SSLOK ";
break;
+ case SSL_ST_ERR:
+ str = "SSLERR";
+ break;
#ifndef OPENSSL_NO_SSL2
case SSL2_ST_CLIENT_START_ENCRYPTION:
str = "2CSENC";
More information about the openssl-commits
mailing list