Commit fee33643 authored by Matt Caswell's avatar Matt Caswell
Browse files

Fix enable-ssl3 enable-ssl3-method 



Commit 4aa5a566 accidentally missed off the catch all case of ignoring all
warning alerts that are otherwise unhandled. This breaks the SSLv3 tests
which send a "no certificate" warning alert.

Fixes #6496

[extended tests]

Reviewed-by: default avatarBernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/6509)
parent c4fad5d3

ssl/record/rec_layer_s3.c

+3 −0
Original line number Diff line number Diff line
@@ -1573,6 +1573,9 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, 
            SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_SSL3_READ_BYTES,

                     SSL_R_NO_RENEGOTIATION);

            return -1;

        } else if (alert_level == SSL3_AL_WARNING) {

            /* We ignore any other warning alert in TLSv1.2 and below */

            goto start;

        }



        SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_SSL3_READ_BYTES,