diff options
author | Matt Caswell <matt@openssl.org> | 2018-08-07 12:40:08 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-08-08 10:16:58 +0100 |
commit | de9e884b2f43c59834c2b1c3cfde35fa2c797f2b (patch) | |
tree | 6e696fc5f4b219da631d844d68cd9a392e966099 /ssl/statem/statem.h | |
parent | 7426cd343d99d3d82e3fb06c8df18e5cc6bcec75 (diff) |
Tolerate encrypted or plaintext alerts
At certain points in the handshake we could receive either a plaintext or
an encrypted alert from the client. We should tolerate both where
appropriate.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6887)
Diffstat (limited to 'ssl/statem/statem.h')
-rw-r--r-- | ssl/statem/statem.h | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/ssl/statem/statem.h b/ssl/statem/statem.h index 0799870178..144d930fc7 100644 --- a/ssl/statem/statem.h +++ b/ssl/statem/statem.h @@ -80,6 +80,13 @@ typedef enum { ENC_WRITE_STATE_WRITE_PLAIN_ALERTS } ENC_WRITE_STATES; +typedef enum { + /* The enc_read_ctx can be used normally */ + ENC_READ_STATE_VALID, + /* We may receive encrypted or plaintext alerts */ + ENC_READ_STATE_ALLOW_PLAIN_ALERTS +} ENC_READ_STATES; + /***************************************************************************** * * * This structure should be considered "opaque" to anything outside of the * @@ -110,6 +117,7 @@ struct ossl_statem_st { unsigned int no_cert_verify; int use_timer; ENC_WRITE_STATES enc_write_state; + ENC_READ_STATES enc_read_state; }; typedef struct ossl_statem_st OSSL_STATEM; |