git.openssl.org Git - openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Fri, 3 Dec 2021 15:56:58 +0000 (15:56 +0000)
committer	Matt Caswell <matt@openssl.org>
	Tue, 14 Dec 2021 13:48:34 +0000 (13:48 +0000)
commit	c1c1bb7c5e2baa109baec62d2af09d24caae5557
tree	4be436a8bbc7a60f7ecfefdb59f826389c105257	tree \| snapshot
parent	5eef9e1deb11d769dff3b76a21634e39bd533336	commit \| diff

Fix invalid handling of verify errors in libssl

In the event that X509_verify() returned an internal error result then
libssl would mishandle this and set rwstate to SSL_RETRY_VERIFY. This
subsequently causes SSL_get_error() to return SSL_ERROR_WANT_RETRY_VERIFY.
That return code is supposed to only ever be returned if an application
is using an app verify callback to complete replace the use of
X509_verify(). Applications may not be written to expect that return code
and could therefore crash (or misbehave in some other way) as a result.

CVE-2021-4044

Reviewed-by: Tomas Mraz <tomas@openssl.org>

ssl/ssl_cert.c		diff \| blob \| history
ssl/statem/statem_clnt.c		diff \| blob \| history