ssl3_send_alert(s, SSL3_AL_FATAL, al);
}
+/*
+ * This macro should only be called if we are already expecting to be in
+ * a fatal error state. We verify that we are, and set it if not (this would
+ * indicate a bug).
+ */
+#define check_fatal(s, f) \
+ do { \
+ if (!ossl_assert((s)->statem.in_init \
+ || (s)->statem.state != MSG_FLOW_ERROR)) \
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, (f), \
+ SSL_R_MISSING_FATAL); \
+ } while (0)
+
/*
* Discover whether the current connection is in the error state.
*
if (cb != NULL)
cb(s, SSL_CB_HANDSHAKE_START, 1);
+ /*
+ * Fatal errors in this block don't send an alert because we have
+ * failed to even initialise properly. Sending an alert is probably
+ * doomed to failure.
+ */
+
if (SSL_IS_DTLS(s)) {
if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00) &&
(server || (s->version & 0xff00) != (DTLS1_BAD_VER & 0xff00))) {
- /* We've failed to even initialise so no alert sent */
SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_STATE_MACHINE,
ERR_R_INTERNAL_ERROR);
goto end;
}
} else {
if ((s->version >> 8) != SSL3_VERSION_MAJOR) {
- /* We've failed to even initialise so no alert sent */
SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_STATE_MACHINE,
ERR_R_INTERNAL_ERROR);
goto end;
}
if (!ssl_security(s, SSL_SECOP_VERSION, 0, s->version, NULL)) {
- /* We've failed to even initialise so no alert sent */
SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_STATE_MACHINE,
ERR_R_INTERNAL_ERROR);
goto end;
if (s->init_buf == NULL) {
if ((buf = BUF_MEM_new()) == NULL) {
+ SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_STATE_MACHINE,
+ ERR_R_INTERNAL_ERROR);
goto end;
}
if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
+ SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_STATE_MACHINE,
+ ERR_R_INTERNAL_ERROR);
goto end;
}
s->init_buf = buf;
}
if (!ssl3_setup_buffers(s)) {
+ SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_STATE_MACHINE,
+ ERR_R_INTERNAL_ERROR);
goto end;
}
s->init_num = 0;
if (!SSL_IS_DTLS(s) || !BIO_dgram_is_sctp(SSL_get_wbio(s)))
#endif
if (!ssl_init_wbio_buffer(s)) {
+ SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_STATE_MACHINE,
+ ERR_R_INTERNAL_ERROR);
goto end;
}
if ((SSL_in_before(s))
|| s->renegotiate) {
- if (!tls_setup_handshake(s))
+ if (!tls_setup_handshake(s)) {
+ /* SSLfatal() already called */
goto end;
+ }
if (SSL_IS_FIRST_HANDSHAKE(s))
st->read_state_first_init = 1;
}
} else {
/* Error */
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_STATE_MACHINE,
- ERR_R_INTERNAL_ERROR);
+ check_fatal(s, SSL_F_STATE_MACHINE);
+ SSLerr(SSL_F_STATE_MACHINE, ERR_R_INTERNAL_ERROR);
goto end;
}
}
* to that state if so
*/
if (!transition(s, mt)) {
+ check_fatal(s, SSL_F_READ_STATE_MACHINE);
return SUB_STATE_ERROR;
}
switch (ret) {
case MSG_PROCESS_ERROR:
+ check_fatal(s, SSL_F_READ_STATE_MACHINE);
return SUB_STATE_ERROR;
case MSG_PROCESS_FINISHED_READING:
st->read_state_work = post_process_message(s, st->read_state_work);
switch (st->read_state_work) {
case WORK_ERROR:
+ check_fatal(s, SSL_F_READ_STATE_MACHINE);
+ /* Fall through */
case WORK_MORE_A:
case WORK_MORE_B:
case WORK_MORE_C:
break;
case WRITE_TRAN_ERROR:
+ check_fatal(s, SSL_F_WRITE_STATE_MACHINE);
return SUB_STATE_ERROR;
}
break;
case WRITE_STATE_PRE_WORK:
switch (st->write_state_work = pre_work(s, st->write_state_work)) {
case WORK_ERROR:
+ check_fatal(s, SSL_F_WRITE_STATE_MACHINE);
+ /* Fall through */
case WORK_MORE_A:
case WORK_MORE_B:
case WORK_MORE_C:
}
if (confunc != NULL && !confunc(s, &pkt)) {
WPACKET_cleanup(&pkt);
- /* SSLfatal() already called */
+ check_fatal(s, SSL_F_WRITE_STATE_MACHINE);
return SUB_STATE_ERROR;
}
if (!ssl_close_construct_packet(s, &pkt, mt)
case WRITE_STATE_POST_WORK:
switch (st->write_state_work = post_work(s, st->write_state_work)) {
case WORK_ERROR:
+ check_fatal(s, SSL_F_WRITE_STATE_MACHINE);
+ /* Fall through */
case WORK_MORE_A:
case WORK_MORE_B:
case WORK_MORE_C:
break;
default:
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_WRITE_STATE_MACHINE,
+ ERR_R_INTERNAL_ERROR);
return SUB_STATE_ERROR;
}
}
projects / oweals / openssl.git / commitdiff