mirror of https://github.com/openssl/openssl
Revert "Abort on unrecognised warning alerts"
This reverts commit 77a6be4dfc
.
There were some unexpected side effects to this commit, e.g. in SSLv3 a
warning alert gets sent "no_certificate" if a client does not send a
Certificate during Client Auth. With the above commit this causes the
connection to abort, which is incorrect. There may be some other edge cases
like this so we need to have a rethink on this.
Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
parent
d602c2b680
commit
3c0c68ae46
|
@ -1351,15 +1351,9 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
|
|||
goto f_err;
|
||||
}
|
||||
#ifdef SSL_AD_MISSING_SRP_USERNAME
|
||||
else if (alert_descr == SSL_AD_MISSING_SRP_USERNAME) {
|
||||
return 0;
|
||||
}
|
||||
else if (alert_descr == SSL_AD_MISSING_SRP_USERNAME)
|
||||
return (0);
|
||||
#endif
|
||||
else {
|
||||
al = SSL_AD_HANDSHAKE_FAILURE;
|
||||
SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNKNOWN_ALERT_TYPE);
|
||||
goto f_err;
|
||||
}
|
||||
} else if (alert_level == SSL3_AL_FATAL) {
|
||||
char tmp[16];
|
||||
|
||||
|
|
Loading…
Reference in New Issue