Fix enable-ssl3 enable-ssl3-method

Commit 4aa5a5669 accidentally missed off the catch all case of ignoring all warning alerts that are otherwise unhandled. This breaks the SSLv3 tests which send a "no certificate" warning alert. Fixes #6496 [extended tests] Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/6509)
author: Matt Caswell <matt@openssl.org> 2018-06-18 12:06:52 +0100
committer: Matt Caswell <matt@openssl.org> 2018-06-19 18:21:38 +0100
commit: fee33643a8aa64a8eb72ac92fd3a04d3aa7005d3 (patch)
tree: e47be11a0e8e1c1be4dddc02ce2a45687b7ce3ee
parent: c4fad5d348a5f57c4c08e63c444702c310ec891a (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 75b506bd85..8d5b53fb39 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -1573,6 +1573,9 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
             SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_SSL3_READ_BYTES,
                      SSL_R_NO_RENEGOTIATION);
             return -1;
+        } else if (alert_level == SSL3_AL_WARNING) {
+            /* We ignore any other warning alert in TLSv1.2 and below */
+            goto start;
         }
 
         SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_SSL3_READ_BYTES,
author	Matt Caswell <matt@openssl.org>	2018-06-18 12:06:52 +0100
committer	Matt Caswell <matt@openssl.org>	2018-06-19 18:21:38 +0100
commit	fee33643a8aa64a8eb72ac92fd3a04d3aa7005d3 (patch)
tree	e47be11a0e8e1c1be4dddc02ce2a45687b7ce3ee
parent	c4fad5d348a5f57c4c08e63c444702c310ec891a (diff)