1 files changed, 32 insertions, 30 deletions
diff --git a/src/lib/libssl/ssl_pkt.c b/src/lib/libssl/ssl_pkt.c
index 66c57b13a4..9aa71f7d4f 100644
--- a/src/lib/libssl/ssl_pkt.c
+++ b/src/lib/libssl/ssl_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_pkt.c,v 1.48 2021/08/04 12:41:25 jsing Exp $ */
+/* $OpenBSD: ssl_pkt.c,v 1.49 2021/08/28 15:20:58 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1203,51 +1203,53 @@ ssl3_write_alert(SSL *s)
 int
 ssl3_send_alert(SSL *s, int level, int desc)
 {
-        /* If a fatal one, remove from cache */
+        /* If alert is fatal, remove session from cache. */
        if (level == SSL3_AL_FATAL)
                SSL_CTX_remove_session(s->ctx, s->session);
        S3I(s)->alert_dispatch = 1;
        S3I(s)->send_alert[0] = level;
        S3I(s)->send_alert[1] = desc;
-        if (S3I(s)->wbuf.left == 0) /* data still being written out? */
-                return ssl3_dispatch_alert(s);
-        /* else data is still being written out, we will get written
+        /*
-         * some time in the future */
+         * If data is still being written out, the alert will be dispatched at
-        return -1;
+         * some point in the future.
+         */
+        if (S3I(s)->wbuf.left != 0)
+                return -1;
+        return ssl3_dispatch_alert(s);
 }
 int
 ssl3_dispatch_alert(SSL *s)
 {
-        int i, j;
+        void (*cb)(const SSL *ssl, int type, int val);
-        void (*cb)(const SSL *ssl, int type, int val) = NULL;
+        int ret;
        S3I(s)->alert_dispatch = 0;
-        i = ssl3_write_alert(s);
+        if ((ret = ssl3_write_alert(s)) <= 0) {
-        if (i <= 0) {
                S3I(s)->alert_dispatch = 1;
-        } else {
+                return ret;
-                /* Alert sent to BIO.  If it is important, flush it now.
+        }
-                 * If the message does not get sent due to non-blocking IO,
-                 * we will not worry too much. */
-                if (S3I(s)->send_alert[0] == SSL3_AL_FATAL)
-                        (void)BIO_flush(s->wbio);
-                if (s->internal->msg_callback)
+        /*
-                        s->internal->msg_callback(1, s->version, SSL3_RT_ALERT,
+         * Alert sent to BIO.  If it is important, flush it now.
-                            S3I(s)->send_alert, 2, s, s->internal->msg_callback_arg);
+         * If the message does not get sent due to non-blocking IO,
+         * we will not worry too much.
+         */
+        if (S3I(s)->send_alert[0] == SSL3_AL_FATAL)
+                (void)BIO_flush(s->wbio);
-                if (s->internal->info_callback != NULL)
+        if (s->internal->msg_callback)
-                        cb = s->internal->info_callback;
+                s->internal->msg_callback(1, s->version, SSL3_RT_ALERT,
-                else if (s->ctx->internal->info_callback != NULL)
+                    S3I(s)->send_alert, 2, s, s->internal->msg_callback_arg);
-                        cb = s->ctx->internal->info_callback;
-                if (cb != NULL) {
+        if ((cb = s->internal->info_callback) == NULL)
-                        j = (S3I(s)->send_alert[0]<<8)|S3I(s)->send_alert[1];
+                cb = s->ctx->internal->info_callback;
-                        cb(s, SSL_CB_WRITE_ALERT, j);
+        if (cb != NULL)
-                }
+                cb(s, SSL_CB_WRITE_ALERT, (S3I(s)->send_alert[0] << 8) |
-        }
+                    S3I(s)->send_alert[1]);
-        return (i);
+        return ret;
 }

diff --git a/src/lib/libssl/ssl_pkt.c b/src/lib/libssl/ssl_pkt.c index 66c57b13a4..9aa71f7d4f 100644 --- a/src/lib/libssl/ssl_pkt.c +++ b/src/lib/libssl/ssl_pkt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_pkt.c,v 1.48 2021/08/04 12:41:25 jsing Exp $ */	1	/* $OpenBSD: ssl_pkt.c,v 1.49 2021/08/28 15:20:58 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1203,51 +1203,53 @@ ssl3_write_alert(SSL *s)
1203	int	1203	int
1204	ssl3_send_alert(SSL *s, int level, int desc)	1204	ssl3_send_alert(SSL *s, int level, int desc)
1205	{	1205	{
1206	/* If a fatal one, remove from cache */	1206	/* If alert is fatal, remove session from cache. */
1207	if (level == SSL3_AL_FATAL)	1207	if (level == SSL3_AL_FATAL)
1208	SSL_CTX_remove_session(s->ctx, s->session);	1208	SSL_CTX_remove_session(s->ctx, s->session);
1209		1209
1210	S3I(s)->alert_dispatch = 1;	1210	S3I(s)->alert_dispatch = 1;
1211	S3I(s)->send_alert[0] = level;	1211	S3I(s)->send_alert[0] = level;
1212	S3I(s)->send_alert[1] = desc;	1212	S3I(s)->send_alert[1] = desc;
1213	if (S3I(s)->wbuf.left == 0) /* data still being written out? */
1214	return ssl3_dispatch_alert(s);
1215		1213
1216	/* else data is still being written out, we will get written	1214	/*
1217	* some time in the future */	1215	* If data is still being written out, the alert will be dispatched at
1218	return -1;	1216	* some point in the future.
		1217	*/
		1218	if (S3I(s)->wbuf.left != 0)
		1219	return -1;
		1220
		1221	return ssl3_dispatch_alert(s);
1219	}	1222	}
1220		1223
1221	int	1224	int
1222	ssl3_dispatch_alert(SSL *s)	1225	ssl3_dispatch_alert(SSL *s)
1223	{	1226	{
1224	int i, j;	1227	void (cb)(const SSL ssl, int type, int val);
1225	void (cb)(const SSL ssl, int type, int val) = NULL;	1228	int ret;
1226		1229
1227	S3I(s)->alert_dispatch = 0;	1230	S3I(s)->alert_dispatch = 0;
1228	i = ssl3_write_alert(s);	1231	if ((ret = ssl3_write_alert(s)) <= 0) {
1229	if (i <= 0) {
1230	S3I(s)->alert_dispatch = 1;	1232	S3I(s)->alert_dispatch = 1;
1231	} else {	1233	return ret;
1232	/* Alert sent to BIO. If it is important, flush it now.	1234	}
1233	* If the message does not get sent due to non-blocking IO,
1234	* we will not worry too much. */
1235	if (S3I(s)->send_alert[0] == SSL3_AL_FATAL)
1236	(void)BIO_flush(s->wbio);
1237		1235
1238	if (s->internal->msg_callback)	1236	/*
1239	s->internal->msg_callback(1, s->version, SSL3_RT_ALERT,	1237	* Alert sent to BIO. If it is important, flush it now.
1240	S3I(s)->send_alert, 2, s, s->internal->msg_callback_arg);	1238	* If the message does not get sent due to non-blocking IO,
		1239	* we will not worry too much.
		1240	*/
		1241	if (S3I(s)->send_alert[0] == SSL3_AL_FATAL)
		1242	(void)BIO_flush(s->wbio);
1241		1243
1242	if (s->internal->info_callback != NULL)	1244	if (s->internal->msg_callback)
1243	cb = s->internal->info_callback;	1245	s->internal->msg_callback(1, s->version, SSL3_RT_ALERT,
1244	else if (s->ctx->internal->info_callback != NULL)	1246	S3I(s)->send_alert, 2, s, s->internal->msg_callback_arg);
1245	cb = s->ctx->internal->info_callback;
1246		1247
1247	if (cb != NULL) {	1248	if ((cb = s->internal->info_callback) == NULL)
1248	j = (S3I(s)->send_alert[0]<<8)\|S3I(s)->send_alert[1];	1249	cb = s->ctx->internal->info_callback;
1249	cb(s, SSL_CB_WRITE_ALERT, j);	1250	if (cb != NULL)
1250	}	1251	cb(s, SSL_CB_WRITE_ALERT, (S3I(s)->send_alert[0] << 8) \|
1251	}	1252	S3I(s)->send_alert[1]);
1252	return (i);	1253
		1254	return ret;
1253	}	1255	}