diff options
author | Matt Caswell <matt@openssl.org> | 2020-04-13 16:57:16 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-04-15 11:38:33 +0100 |
commit | 09b3654096ed344edd78cf156cb3ddcdbced6f9a (patch) | |
tree | e40ad74401d19a6004c97f71b1ff4dc51926e212 | |
parent | e395ba223d45ead1bafe05bb8c4e19fdbc201bd0 (diff) |
Make sure we always send an alert in libssl if we hit a fatal error
We had a spot where a fatal error was occurring but we hadn't sent an
alert. This results in a later assertion failure.
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11537)
-rw-r--r-- | ssl/statem/statem_srvr.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 1bab800ced..25a23b3ad8 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2633,8 +2633,10 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt) * THIS IS TEMPORARY */ EVP_PKEY_get0(s->s3.tmp.pkey); - if (EVP_PKEY_id(s->s3.tmp.pkey) == EVP_PKEY_NONE) + if (EVP_PKEY_id(s->s3.tmp.pkey) == EVP_PKEY_NONE) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, 0, ERR_R_EC_LIB); goto err; + } /* Encode the public key. */ encodedlen = EVP_PKEY_get1_tls_encodedpoint(s->s3.tmp.pkey, |