diff options
| author | jsing <> | 2020-01-29 17:03:58 +0000 |
|---|---|---|
| committer | jsing <> | 2020-01-29 17:03:58 +0000 |
| commit | 1d2b3dae57fb14e9884d047f00465183e2fca7a4 (patch) | |
| tree | 7b81eb186a3012379a015398a5c6737542a43dd4 /src | |
| parent | 6a39d7d82cb61d16ae272917efd1e8ff2b48b448 (diff) | |
| download | openbsd-1d2b3dae57fb14e9884d047f00465183e2fca7a4.tar.gz openbsd-1d2b3dae57fb14e9884d047f00465183e2fca7a4.tar.bz2 openbsd-1d2b3dae57fb14e9884d047f00465183e2fca7a4.zip | |
If the TLSv1.3 code has not recorded an error and something already exists
on the error stack, refrain from pushing an 'unknown' error on the stack.
This should allow libcrypto errors (including bio) to be visible, where we
have nothing better to offer.
ok tb@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/tls13_client.c | 3 | ||||
| -rw-r--r-- | src/lib/libssl/tls13_lib.c | 6 | ||||
| -rw-r--r-- | src/lib/libssl/tls13_server.c | 3 |
3 files changed, 9 insertions, 3 deletions
diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c index f75f605ace..3c55be6e68 100644 --- a/src/lib/libssl/tls13_client.c +++ b/src/lib/libssl/tls13_client.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_client.c,v 1.37 2020/01/26 06:55:17 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_client.c,v 1.38 2020/01/29 17:03:58 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -87,6 +87,7 @@ tls13_legacy_connect(SSL *ssl) | |||
| 87 | } | 87 | } |
| 88 | } | 88 | } |
| 89 | 89 | ||
| 90 | ERR_clear_error(); | ||
| 90 | S3I(ssl)->hs.state = SSL_ST_CONNECT; | 91 | S3I(ssl)->hs.state = SSL_ST_CONNECT; |
| 91 | 92 | ||
| 92 | ret = tls13_connect(ctx); | 93 | ret = tls13_connect(ctx); |
diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c index 2a13e8f773..3a90c0d6df 100644 --- a/src/lib/libssl/tls13_lib.c +++ b/src/lib/libssl/tls13_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_lib.c,v 1.31 2020/01/26 02:45:27 beck Exp $ */ | 1 | /* $OpenBSD: tls13_lib.c,v 1.32 2020/01/29 17:03:58 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2019 Bob Beck <beck@openbsd.org> | 4 | * Copyright (c) 2019 Bob Beck <beck@openbsd.org> |
| @@ -408,6 +408,10 @@ tls13_legacy_error(SSL *ssl) | |||
| 408 | break; | 408 | break; |
| 409 | } | 409 | } |
| 410 | 410 | ||
| 411 | /* Something (probably libcrypto) already pushed an error on the stack. */ | ||
| 412 | if (reason == SSL_R_UNKNOWN && ERR_peek_error() != 0) | ||
| 413 | return; | ||
| 414 | |||
| 411 | ERR_put_error(ERR_LIB_SSL, (0xfff), reason, ctx->error.file, | 415 | ERR_put_error(ERR_LIB_SSL, (0xfff), reason, ctx->error.file, |
| 412 | ctx->error.line); | 416 | ctx->error.line); |
| 413 | } | 417 | } |
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c index 41b4d2b24e..a559e03219 100644 --- a/src/lib/libssl/tls13_server.c +++ b/src/lib/libssl/tls13_server.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_server.c,v 1.20 2020/01/26 06:55:17 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_server.c,v 1.21 2020/01/29 17:03:58 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> | 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> |
| @@ -78,6 +78,7 @@ tls13_legacy_accept(SSL *ssl) | |||
| 78 | } | 78 | } |
| 79 | } | 79 | } |
| 80 | 80 | ||
| 81 | ERR_clear_error(); | ||
| 81 | S3I(ssl)->hs.state = SSL_ST_ACCEPT; | 82 | S3I(ssl)->hs.state = SSL_ST_ACCEPT; |
| 82 | 83 | ||
| 83 | ret = tls13_accept(ctx); | 84 | ret = tls13_accept(ctx); |