Store verify_result with sessions to avoid potential security hole.

[openssl.git] / ssl / ssl_lib.c

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index fec98dd8f43d44eee71df442be777ec74a43c4a6..105bcb2fca8abc8e425230d65d3c2ee37b28e14b 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -576,6 +576,13 @@ int SSL_get_read_ahead(SSL *s)
 
 int SSL_pending(SSL *s)
        {
+       /* SSL_pending cannot work properly if read-ahead is enabled
+        * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
+        * and it is impossible to fix since SSL_pending cannot report
+        * errors that may be observed while scanning the new data.
+        * (Note that SSL_pending() is often used as a boolean value,
+        * so we'd better not return -1.)
+        */
        return(s->method->ssl_pending(s));
        }
 
@@ -1543,6 +1550,8 @@ int SSL_get_error(SSL *s,int i)
                        reason=BIO_get_retry_reason(bio);
                        if (reason == BIO_RR_CONNECT)
                                return(SSL_ERROR_WANT_CONNECT);
+                       else if (reason == BIO_RR_ACCEPT)
+                               return(SSL_ERROR_WANT_ACCEPT);
                        else
                                return(SSL_ERROR_SYSCALL); /* unknown */
                        }
@@ -1561,6 +1570,8 @@ int SSL_get_error(SSL *s,int i)
                        reason=BIO_get_retry_reason(bio);
                        if (reason == BIO_RR_CONNECT)
                                return(SSL_ERROR_WANT_CONNECT);
+                       else if (reason == BIO_RR_ACCEPT)
+                               return(SSL_ERROR_WANT_ACCEPT);
                        else
                                return(SSL_ERROR_SYSCALL);
                        }