summaryrefslogtreecommitdiffstats
path: root/ssl
diff options
context:
space:
mode:
authorBernd Edlinger <bernd.edlinger@hotmail.de>2018-09-11 11:44:13 +0200
committerBernd Edlinger <bernd.edlinger@hotmail.de>2018-09-12 14:47:54 +0200
commit5538ba99ab785287ad187909dd71f17040dbc180 (patch)
treed91ea96d52a71af888d2bf31c16cd90ba2a78f15 /ssl
parent18ef2dbbd720b6c1f7531e7d0c2ee38075c9f275 (diff)
Fix a possible recursion in SSLfatal handling
Fixes: #7161 (hopefully) Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7175) (cherry picked from commit 6839a7a7f4973a3fc2f87b12664c26d524bef1f4)
Diffstat (limited to 'ssl')
-rw-r--r--ssl/statem/statem.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c
index d75f9ea036..f76c0e4803 100644
--- a/ssl/statem/statem.c
+++ b/ssl/statem/statem.c
@@ -118,11 +118,12 @@ void ossl_statem_set_renegotiate(SSL *s)
void ossl_statem_fatal(SSL *s, int al, int func, int reason, const char *file,
int line)
{
+ ERR_put_error(ERR_LIB_SSL, func, reason, file, line);
/* We shouldn't call SSLfatal() twice. Once is enough */
- assert(s->statem.state != MSG_FLOW_ERROR);
+ if (s->statem.in_init && s->statem.state == MSG_FLOW_ERROR)
+ return;
s->statem.in_init = 1;
s->statem.state = MSG_FLOW_ERROR;
- ERR_put_error(ERR_LIB_SSL, func, reason, file, line);
if (al != SSL_AD_NO_ALERT
&& s->statem.enc_write_state != ENC_WRITE_STATE_INVALID)
ssl3_send_alert(s, SSL3_AL_FATAL, al);