[openssl] master update

Matt Caswell matt at openssl.org
Tue Feb 26 14:37:05 UTC 2019 

The branch master has been updated
       via  f4800345d95d632d424f9b2725418c0c2ec6f029 (commit)
      from  565a19eef35926b4b9675f6cc3964fb290a5b380 (commit)


- Log -----------------------------------------------------------------
commit f4800345d95d632d424f9b2725418c0c2ec6f029
Author: Matt Caswell <matt at openssl.org>
Date:   Wed Feb 20 14:21:36 2019 +0000

    Clarify that SSL_shutdown() must not be called after a fatal error
    
    Follow on from CVE-2019-1559
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 doc/man3/SSL_get_error.pod | 13 ++++++++-----
 doc/man3/SSL_shutdown.pod  |  4 ++++
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/doc/man3/SSL_get_error.pod b/doc/man3/SSL_get_error.pod
index 876aac7..150dd50 100644
--- a/doc/man3/SSL_get_error.pod
+++ b/doc/man3/SSL_get_error.pod
@@ -138,17 +138,20 @@ Details depend on the application.
 
 =item SSL_ERROR_SYSCALL
 
-Some non-recoverable I/O error occurred.
-The OpenSSL error queue may contain more information on the error.
-For socket I/O on Unix systems, consult B<errno> for details.
+Some non-recoverable, fatal I/O error occurred. The OpenSSL error queue may
+contain more information on the error. For socket I/O on Unix systems, consult
+B<errno> for details. If this error occurs then no further I/O operations should
+be performed on the connection and SSL_shutdown() must not be called.
 
 This value can also be returned for other errors, check the error queue for
 details.
 
 =item SSL_ERROR_SSL
 
-A failure in the SSL library occurred, usually a protocol error.  The
-OpenSSL error queue contains more information on the error.
+A non-recoverable, fatal error in the SSL library occurred, usually a protocol
+error.  The OpenSSL error queue contains more information on the error. If this
+error occurs then no further I/O operations should be performed on the
+connection and SSL_shutdown() must not be called.
 
 =back
 
diff --git a/doc/man3/SSL_shutdown.pod b/doc/man3/SSL_shutdown.pod
index f9b7212..6e470a1 100644
--- a/doc/man3/SSL_shutdown.pod
+++ b/doc/man3/SSL_shutdown.pod
@@ -22,6 +22,10 @@ Whether the operation succeeds or not, the SSL_SENT_SHUTDOWN flag is set and
 a currently open session is considered closed and good and will be kept in the
 session cache for further reuse.
 
+Note that SSL_shutdown() must not be called if a previous fatal error has
+occurred on a connection i.e. if SSL_get_error() has returned SSL_ERROR_SYSCALL
+or SSL_ERROR_SSL.
+
 The shutdown procedure consists of two steps: sending of the close_notify
 shutdown alert, and reception of the peer's close_notify shutdown alert.
 The order of those two steps depends on the application.

More information about the openssl-commits mailing list