Fixes so alerts are sent properly in s3_pkt.c

PR: 851

[backport from OpenSSL_0_9_7-stable branch / head]

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 75b49f715f130679bc5528422a142d0a944d773e..82e7e677e54ee98101d6f3f7d96f198b777c2f9b 100644 (file)
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -862,7 +862,7 @@ start:
                {
                al=SSL_AD_UNEXPECTED_MESSAGE;
                SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);
-               goto err;
+               goto f_err;
                }
 
        /* If the other end has shut down, throw anything we read away
@@ -969,7 +969,7 @@ start:
                        {
                        al=SSL_AD_DECODE_ERROR;
                        SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_HELLO_REQUEST);
-                       goto err;
+                       goto f_err;
                        }
 
                if (SSL_is_init_finished(s) &&
@@ -1074,17 +1074,17 @@ start:
                if (    (rr->length != 1) || (rr->off != 0) ||
                        (rr->data[0] != SSL3_MT_CCS))
                        {
-                       i=SSL_AD_ILLEGAL_PARAMETER;
+                       al=SSL_AD_ILLEGAL_PARAMETER;
                        SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);
-                       goto err;
+                       goto f_err;
                        }
 
                /* Check we have a cipher to change to */
                if (s->s3->tmp.new_cipher == NULL)
                        {
-                       i=SSL_AD_UNEXPECTED_MESSAGE;
+                       al=SSL_AD_UNEXPECTED_MESSAGE;
                        SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
-                       goto err;
+                       goto f_err;
                        }
 
                rr->length=0;