Fix a possible recursion in SSLfatal handling

Fixes: #7161 (hopefully) Reviewed-by: N Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7175) (cherry picked from commit 6839a7a7f4973a3fc2f87b12664c26d524bef1f4)

Fix a possible recursion in SSLfatal handling
Fixes: #7161 (hopefully) Reviewed-by: N Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7175) (cherry picked from commit 6839a7a7f4973a3fc2f87b12664c26d524bef1f4)
5538ba99 · Bernd Edlinger · 18ef2dbb · 5538ba99
显示空白变更内容
内联并排

Showing with 3 addition and 2 deletion

ssl/statem/statem.c ssl/statem/statem.c +3 -2

未找到文件。
--- a/ssl/statem/statem.c
+++ b/ssl/statem/statem.c
@@ -118,11 +118,12 @@ void ossl_statem_set_renegotiate(SSL *s)
 void ossl_statem_fatal(SSL *s, int al, int func, int reason, const char *file,
                       int line)
 {
+    ERR_put_error(ERR_LIB_SSL, func, reason, file, line);
    /* We shouldn't call SSLfatal() twice. Once is enough */
-    assert(s->statem.state != MSG_FLOW_ERROR);
+    if (s->statem.in_init && s->statem.state == MSG_FLOW_ERROR)
+      return;
    s->statem.in_init = 1;
    s->statem.state = MSG_FLOW_ERROR;
-    ERR_put_error(ERR_LIB_SSL, func, reason, file, line);
    if (al != SSL_AD_NO_ALERT
            && s->statem.enc_write_state != ENC_WRITE_STATE_INVALID)
        ssl3_send_alert(s, SSL3_AL_FATAL, al);