From: Dr. Stephen Henson Date: Sat, 15 May 2004 17:55:07 +0000 (+0000) Subject: Fixes so alerts are sent properly in s3_pkt.c X-Git-Tag: BEN_FIPS_TEST_6~42^2~232 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=4843acc868d09de38b596bd94f85f30bcdafdb8a;p=openssl Fixes so alerts are sent properly in s3_pkt.c PR: 851 --- diff --git a/CHANGES b/CHANGES index 4c3f5beb15..9eccc8e50c 100644 --- a/CHANGES +++ b/CHANGES @@ -706,6 +706,9 @@ Changes between 0.9.7d and 0.9.7e [XX xxx XXXX] + *) Various fixes to s3_pkt.c so alerts are sent properly. + [David Holmes ] + *) Reduce the chances of duplicate issuer name and serial numbers (in violation of RFC3280) using the OpenSSL certificate creation utilities. This is done by creating a random 64 bit value for the initial serial diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 3f88429e79..1f89e8ccef 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -862,7 +862,7 @@ start: { al=SSL_AD_UNEXPECTED_MESSAGE; SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED); - goto err; + goto f_err; } /* If the other end has shut down, throw anything we read away @@ -969,7 +969,7 @@ start: { al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_HELLO_REQUEST); - goto err; + goto f_err; } if (s->msg_callback) @@ -1080,9 +1080,9 @@ start: if ( (rr->length != 1) || (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) { - i=SSL_AD_ILLEGAL_PARAMETER; + al=SSL_AD_ILLEGAL_PARAMETER; SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC); - goto err; + goto f_err; } rr->length=0;