diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2013-04-09 15:53:38 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2013-09-18 13:46:02 +0100 |
commit | c391a74266f70d2be4c2dd8d1e02cbd6f6e72605 (patch) | |
tree | 871996fe7c0bb325582f64bf578abd1e5b6de773 /ssl | |
parent | 65a87d3cc3c21bb54e6e813ee21ad049fea1310a (diff) |
Always return errors in ssl3_get_client_hello
If we successfully match a cookie don't set return value to 2 as this
results in other error conditions returning 2 as well.
Instead set return value to -2 which can be checked later if everything
else is OK.
(cherry picked from commit c56f5b8edfbcec704f924870daddd96a5f768fbb)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s3_srvr.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index d9a21811e4..8546c09ca2 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1083,8 +1083,8 @@ int ssl3_get_client_hello(SSL *s) SSL_R_COOKIE_MISMATCH); goto f_err; } - - ret = 2; + /* Set to -2 so if successful we return 2 */ + ret = -2; } p += cookie_len; @@ -1455,7 +1455,7 @@ int ssl3_get_client_hello(SSL *s) } } - if (ret < 0) ret=1; + if (ret < 0) ret=-ret; if (0) { f_err: @@ -1463,7 +1463,7 @@ f_err: } err: if (ciphers != NULL) sk_SSL_CIPHER_free(ciphers); - return(ret); + return ret < 0 ? -1 : ret; } int ssl3_send_server_hello(SSL *s) |