Revert "Abort on unrecognised warning alerts"

This reverts commit 15d81749322c3498027105f8ee44e8c25479d475.

There were some unexpected side effects to this commit, e.g. in SSLv3 a
warning alert gets sent "no_certificate" if a client does not send a
Certificate during Client Auth. With the above commit this causes the
connection to abort, which is incorrect. There may be some other edge cases
like this so we need to have a rethink on this.

Reviewed-by: Tim Hudson <tjh@openssl.org>

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 91f0c58fb2c4bb49916a6bc4418fb6aed17ce4d9..df124cf52caf019f665a4f794196a8fe4fe32c5b 100644 (file)
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -1462,13 +1462,8 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
             }
 #ifdef SSL_AD_MISSING_SRP_USERNAME
             else if (alert_descr == SSL_AD_MISSING_SRP_USERNAME)
-                return 0;
+                return (0);
 #endif
-            else {
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNKNOWN_ALERT_TYPE);
-                goto f_err;
-            }
         } else if (alert_level == SSL3_AL_FATAL) {
             char tmp[16];