[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Thu Nov 15 11:52:33 UTC 2018
The branch master has been updated
via 157af9be4106c951afadf7b12afe4cbaba0c0823 (commit)
from ac48fba036e1764dfa98ed0f0aa932491aa1c4ef (commit)
- Log -----------------------------------------------------------------
commit 157af9be4106c951afadf7b12afe4cbaba0c0823
Author: Matt Caswell <matt at openssl.org>
Date: Thu Nov 8 14:03:17 2018 +0000
Add a missing SSLfatal call
A missing SSLfatal call can result in an assertion failed error if the
condition gets triggered.
Reviewed-by: Tim Hudson <tjh at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7594)
-----------------------------------------------------------------------
Summary of changes:
ssl/s3_msg.c | 8 ++++++--
ssl/t1_enc.c | 5 ++++-
2 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/ssl/s3_msg.c b/ssl/s3_msg.c
index 4238254..040a728 100644
--- a/ssl/s3_msg.c
+++ b/ssl/s3_msg.c
@@ -26,12 +26,16 @@ int ssl3_do_change_cipher_spec(SSL *s)
}
s->session->cipher = s->s3->tmp.new_cipher;
- if (!s->method->ssl3_enc->setup_key_block(s))
+ if (!s->method->ssl3_enc->setup_key_block(s)) {
+ /* SSLfatal() already called */
return 0;
+ }
}
- if (!s->method->ssl3_enc->change_cipher_state(s, i))
+ if (!s->method->ssl3_enc->change_cipher_state(s, i)) {
+ /* SSLfatal() already called */
return 0;
+ }
return 1;
}
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 2db913f..2be37c7 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -131,8 +131,11 @@ int tls1_change_cipher_state(SSL *s, int which)
}
dd = s->enc_read_ctx;
mac_ctx = ssl_replace_hash(&s->read_hash, NULL);
- if (mac_ctx == NULL)
+ if (mac_ctx == NULL) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_CHANGE_CIPHER_STATE,
+ ERR_R_INTERNAL_ERROR);
goto err;
+ }
#ifndef OPENSSL_NO_COMP
COMP_CTX_free(s->expand);
s->expand = NULL;
More information about the openssl-commits
mailing list