Skip to content

Commit

Permalink
Make sure we always send an alert in libssl if we hit a fatal error
Browse files Browse the repository at this point in the history 
We had a spot where a fatal error was occurring but we hadn't sent an
alert. This results in a later assertion failure.

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from #11537)
  • Loading branch information
@mattcaswell
mattcaswell committed Apr 15, 2020
1 parent e395ba2 commit 09b3654
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion ssl/statem/statem_srvr.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2633,8 +2633,10 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
* THIS IS TEMPORARY
*/
EVP_PKEY_get0(s->s3.tmp.pkey);
if (EVP_PKEY_id(s->s3.tmp.pkey) == EVP_PKEY_NONE)
if (EVP_PKEY_id(s->s3.tmp.pkey) == EVP_PKEY_NONE) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, 0, ERR_R_EC_LIB);
goto err;
}

/* Encode the public key. */
encodedlen = EVP_PKEY_get1_tls_encodedpoint(s->s3.tmp.pkey,
Expand Down

0 comments on commit 09b3654

Please sign in to comment.