[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Tue Jun 19 17:21:51 UTC 2018
The branch master has been updated
via fee33643a8aa64a8eb72ac92fd3a04d3aa7005d3 (commit)
from c4fad5d348a5f57c4c08e63c444702c310ec891a (commit)
- Log -----------------------------------------------------------------
commit fee33643a8aa64a8eb72ac92fd3a04d3aa7005d3
Author: Matt Caswell <matt at openssl.org>
Date: Mon Jun 18 12:06:52 2018 +0100
Fix enable-ssl3 enable-ssl3-method
Commit 4aa5a5669 accidentally missed off the catch all case of ignoring all
warning alerts that are otherwise unhandled. This breaks the SSLv3 tests
which send a "no certificate" warning alert.
Fixes #6496
[extended tests]
Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/6509)
-----------------------------------------------------------------------
Summary of changes:
ssl/record/rec_layer_s3.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 75b506b..8d5b53f 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -1573,6 +1573,9 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_SSL3_READ_BYTES,
SSL_R_NO_RENEGOTIATION);
return -1;
+ } else if (alert_level == SSL3_AL_WARNING) {
+ /* We ignore any other warning alert in TLSv1.2 and below */
+ goto start;
}
SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_SSL3_READ_BYTES,
More information about the openssl-commits
mailing list