Add Error state

Reusing an SSL object when it has encountered a fatal error can
have bad consequences. This is a bug in application code not libssl
but libssl should be more forgiving and not crash.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit a89db885e0d8aac3a9df1bbccb0c1ddfd8b2e10a)

Conflicts:
	ssl/s3_srvr.c
	ssl/ssl_stat.c

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 2e7cb7a327e7613234d4276eafcaee5f8bf58eaf..8e25b1d42d507d850571dde214df8d7ef2626446 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -849,6 +849,7 @@ int ssl3_accept(SSL *s)
             goto end;
             /* break; */
 
             goto end;
             /* break; */
 

+        case SSL_ST_ERR:

         default:
             SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_UNKNOWN_STATE);
             ret = -1;
         default:
             SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_UNKNOWN_STATE);
             ret = -1;


@@ -1463,8 +1464,10 @@ int ssl3_get_client_hello(SSL *s)
     if (0) {
  f_err:
         ssl3_send_alert(s, SSL3_AL_FATAL, al);
     if (0) {
  f_err:
         ssl3_send_alert(s, SSL3_AL_FATAL, al);

-    }

  err:
  err:

+        s->state = SSL_ST_ERR;
+    }
+

     if (ciphers != NULL)
         sk_SSL_CIPHER_free(ciphers);
     return ret < 0 ? -1 : ret;
     if (ciphers != NULL)
         sk_SSL_CIPHER_free(ciphers);
     return ret < 0 ? -1 : ret;

diff --git a/ssl/ssl.h b/ssl/ssl.h
index 32d1482e1e0ad9481b626203b8d96c398d8dfe2e..70fa00bb3b7eb1681923faf4a8492666ed3a8064 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1727,6 +1727,7 @@ extern "C" {
 # define SSL_ST_BEFORE                   0x4000
 # define SSL_ST_OK                       0x03
 # define SSL_ST_RENEGOTIATE              (0x04|SSL_ST_INIT)
 # define SSL_ST_BEFORE                   0x4000
 # define SSL_ST_OK                       0x03
 # define SSL_ST_RENEGOTIATE              (0x04|SSL_ST_INIT)

+# define SSL_ST_ERR                      0x05

 
 # define SSL_CB_LOOP                     0x01
 # define SSL_CB_EXIT                     0x02
 
 # define SSL_CB_LOOP                     0x01
 # define SSL_CB_EXIT                     0x02

diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c
index d725d783423968b3ee97580f8de6d381fbe17457..1b9069f978d2b937409383e884b895c5e99faa9d 100644 (file)
--- a/ssl/ssl_stat.c
+++ b/ssl/ssl_stat.c
@@ -117,6 +117,9 @@ const char *SSL_state_string_long(const SSL *s)
     case SSL_ST_OK | SSL_ST_ACCEPT:
         str = "ok/accept SSL initialization";
         break;
     case SSL_ST_OK | SSL_ST_ACCEPT:
         str = "ok/accept SSL initialization";
         break;

+    case SSL_ST_ERR:
+        str = "error";
+        break;

 #ifndef OPENSSL_NO_SSL2
     case SSL2_ST_CLIENT_START_ENCRYPTION:
         str = "SSLv2 client start encryption";
 #ifndef OPENSSL_NO_SSL2
     case SSL2_ST_CLIENT_START_ENCRYPTION:
         str = "SSLv2 client start encryption";


@@ -496,6 +499,9 @@ const char *SSL_state_string(const SSL *s)
     case SSL_ST_OK:
         str = "SSLOK ";
         break;
     case SSL_ST_OK:
         str = "SSLOK ";
         break;

+    case SSL_ST_ERR:
+        str = "SSLERR";
+        break;

 #ifndef OPENSSL_NO_SSL2
     case SSL2_ST_CLIENT_START_ENCRYPTION:
         str = "2CSENC";
 #ifndef OPENSSL_NO_SSL2
     case SSL2_ST_CLIENT_START_ENCRYPTION:
         str = "2CSENC";