[openssl] OpenSSL_1_1_1-stable update

kaduk at mit.edu kaduk at mit.edu
Mon Oct 26 16:31:28 UTC 2020


The branch OpenSSL_1_1_1-stable has been updated
       via  8979ffee95043baffa51887b1d43d9b07f9fae1b (commit)
      from  2e06150e3928daa06d5ff70c32bffad8088ebe58 (commit)


- Log -----------------------------------------------------------------
commit 8979ffee95043baffa51887b1d43d9b07f9fae1b
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Oct 22 13:53:27 2020 +0100

    Ensure we raise SSLfatal on error
    
    We were missing a call to SSLfatal. A comment claimed that we had already
    called it - but that is incorrect.
    
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    (Merged from https://github.com/openssl/openssl/pull/13230)

-----------------------------------------------------------------------

Summary of changes:
 ssl/statem/statem_srvr.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 14cb27e6db..cf45a40ce4 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -2577,7 +2577,7 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
 
         s->s3->tmp.pkey = ssl_generate_pkey(pkdhp);
         if (s->s3->tmp.pkey == NULL) {
-            /* SSLfatal() already called */
+            SSLfatal(s, SSL_AD_INTERNAL_ERROR, 0, ERR_R_INTERNAL_ERROR);
             goto err;
         }
 


More information about the openssl-commits mailing list