diff options
author | Matt Caswell <matt@openssl.org> | 2015-04-30 11:50:08 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-05-05 19:45:59 +0100 |
commit | cefc93910c4c0f7fa9f8c1f8f7aad084a7fa87d2 (patch) | |
tree | ef440136b62c7458a0f5ed63cf0536302e37f641 /ssl/d1_clnt.c | |
parent | cc273a93617a5c1e69cb5db6f655e463f8e31806 (diff) |
Add more error state transitions (DTLS)
Ensure all fatal errors transition into the new error state for DTLS.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'ssl/d1_clnt.c')
-rw-r--r-- | ssl/d1_clnt.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c index b8efa88e7b..142438ac1d 100644 --- a/ssl/d1_clnt.c +++ b/ssl/d1_clnt.c @@ -230,6 +230,7 @@ int dtls1_connect(SSL *s) (s->version & 0xff00) != (DTLS1_BAD_VER & 0xff00)) { SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR); ret = -1; + s->state = SSL_ST_ERR; goto end; } @@ -239,10 +240,12 @@ int dtls1_connect(SSL *s) if (s->init_buf == NULL) { if ((buf = BUF_MEM_new()) == NULL) { ret = -1; + s->state = SSL_ST_ERR; goto end; } if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) { ret = -1; + s->state = SSL_ST_ERR; goto end; } s->init_buf = buf; @@ -251,12 +254,14 @@ int dtls1_connect(SSL *s) if (!ssl3_setup_buffers(s)) { ret = -1; + s->state = SSL_ST_ERR; goto end; } /* setup buffing BIO */ if (!ssl_init_wbio_buffer(s, 0)) { ret = -1; + s->state = SSL_ST_ERR; goto end; } @@ -435,6 +440,7 @@ int dtls1_connect(SSL *s) */ if (!ssl3_check_cert_and_algorithm(s)) { ret = -1; + s->state = SSL_ST_ERR; goto end; } break; @@ -566,6 +572,7 @@ int dtls1_connect(SSL *s) #endif if (!s->method->ssl3_enc->setup_key_block(s)) { ret = -1; + s->state = SSL_ST_ERR; goto end; } @@ -573,6 +580,7 @@ int dtls1_connect(SSL *s) SSL3_CHANGE_CIPHER_CLIENT_WRITE)) { ret = -1; + s->state = SSL_ST_ERR; goto end; } #ifndef OPENSSL_NO_SCTP @@ -746,6 +754,7 @@ int dtls1_connect(SSL *s) goto end; /* break; */ + case SSL_ST_ERR: default: SSLerr(SSL_F_DTLS1_CONNECT, SSL_R_UNKNOWN_STATE); ret = -1; @@ -826,5 +835,6 @@ static int dtls1_get_hello_verify(SSL *s) f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); + s->state = SSL_ST_ERR; return -1; } |