Lost alert in DTLS
authorLubom <lubomir.sedlar@gmail.com>
Thu, 7 May 2015 13:20:31 +0000 (14:20 +0100)
committerMatt Caswell <matt@openssl.org>
Fri, 22 May 2015 08:44:44 +0000 (09:44 +0100)
If a client receives a bad hello request in DTLS then the alert is not
sent correctly.

RT#2801

Signed-off-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 4dc1aa0436fdb8af50960db676b739c8ef81f38c)

ssl/d1_pkt.c

index 940ca69..fe30ec7 100644 (file)
@@ -1069,7 +1069,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
             (s->d1->handshake_fragment[3] != 0)) {
             al = SSL_AD_DECODE_ERROR;
             SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_HELLO_REQUEST);
-            goto err;
+            goto f_err;
         }
 
         /*