File openssl-CVE-2019-1559.patch of Package openssl.29127

Overview Repositories Revisions Requests Users Attributes Meta

File openssl-CVE-2019-1559.patch of Package openssl.29127

Index: openssl-1.0.2j/doc/ssl/SSL_get_error.pod
===================================================================
--- openssl-1.0.2j.orig/doc/ssl/SSL_get_error.pod
+++ openssl-1.0.2j/doc/ssl/SSL_get_error.pod
@@ -89,17 +89,17 @@ Details depend on the application.
 
 =item SSL_ERROR_SYSCALL
 
-Some I/O error occurred.  The OpenSSL error queue may contain more
-information on the error.  If the error queue is empty
-(i.e. ERR_get_error() returns 0), B<ret> can be used to find out more
-about the error: If B<ret == 0>, an EOF was observed that violates
-the protocol.  If B<ret == -1>, the underlying B<BIO> reported an
-I/O error (for socket I/O on Unix systems, consult B<errno> for details).
+Some non-recoverable, fatal I/O error occurred. The OpenSSL error queue may
+contain more information on the error. For socket I/O on Unix systems, consult
+B<errno> for details. If this error occurs then no further I/O operations should
+be performed on the connection and SSL_shutdown() must not be called.
 
 =item SSL_ERROR_SSL
 
-A failure in the SSL library occurred, usually a protocol error.  The
-OpenSSL error queue contains more information on the error.
+A non-recoverable, fatal error in the SSL library occurred, usually a protocol
+error.  The OpenSSL error queue contains more information on the error. If this
+error occurs then no further I/O operations should be performed on the
+connection and SSL_shutdown() must not be called.
 
 =back
 
Index: openssl-1.0.2j/doc/ssl/SSL_shutdown.pod
===================================================================
--- openssl-1.0.2j.orig/doc/ssl/SSL_shutdown.pod
+++ openssl-1.0.2j/doc/ssl/SSL_shutdown.pod
@@ -22,6 +22,10 @@ Whether the operation succeeds or not, t
 a currently open session is considered closed and good and will be kept in the
 session cache for further reuse.
 
+Note that SSL_shutdown() must not be called if a previous fatal error has
+occurred on a connection i.e. if SSL_get_error() has returned SSL_ERROR_SYSCALL
+or SSL_ERROR_SSL.
+
 The shutdown procedure consists of 2 steps: the sending of the "close notify"
 shutdown alert and the reception of the peer's "close notify" shutdown
 alert. According to the TLS standard, it is acceptable for an application
Index: openssl-1.0.2j/ssl/d1_pkt.c
===================================================================
--- openssl-1.0.2j.orig/ssl/d1_pkt.c
+++ openssl-1.0.2j/ssl/d1_pkt.c
@@ -1290,6 +1290,7 @@ int dtls1_read_bytes(SSL *s, int type, u
             ERR_add_error_data(2, "SSL alert number ", tmp);
             s->shutdown |= SSL_RECEIVED_SHUTDOWN;
             SSL_CTX_remove_session(s->session_ctx, s->session);
+            s->state = SSL_ST_ERR;
             return (0);
         } else {
             al = SSL_AD_ILLEGAL_PARAMETER;
Index: openssl-1.0.2j/ssl/s3_pkt.c
===================================================================
--- openssl-1.0.2j.orig/ssl/s3_pkt.c
+++ openssl-1.0.2j/ssl/s3_pkt.c
@@ -1489,6 +1489,7 @@ int ssl3_read_bytes(SSL *s, int type, un
             ERR_add_error_data(2, "SSL alert number ", tmp);
             s->shutdown |= SSL_RECEIVED_SHUTDOWN;
             SSL_CTX_remove_session(s->session_ctx, s->session);
+            s->state = SSL_ST_ERR;
             return (0);
         } else {
             al = SSL_AD_ILLEGAL_PARAMETER;
@@ -1711,9 +1712,12 @@ int ssl3_send_alert(SSL *s, int level, i
                                           * protocol_version alerts */
     if (desc < 0)
         return -1;
-    /* If a fatal one, remove from cache */
-    if ((level == 2) && (s->session != NULL))
-        SSL_CTX_remove_session(s->session_ctx, s->session);
+    /* If a fatal one, remove from cache and go into the error state */
+    if (level == SSL3_AL_FATAL) {
+        if (s->session != NULL)
+            SSL_CTX_remove_session(s->session_ctx, s->session);
+        s->state = SSL_ST_ERR;
+    }
 
     s->s3->alert_dispatch = 1;
     s->s3->send_alert[0] = level;

Places

File openssl-CVE-2019-1559.patch of Package openssl.29127

Places