Skip to content
Commit 5741d5bb authored by Matt Caswell's avatar Matt Caswell
Browse files

Go into the error state if a fatal alert is sent or received



1.1.0 is not impacted by CVE-2019-1559, but this commit is a follow on
from that. That CVE was a result of applications calling SSL_shutdown
after a fatal alert has occurred. By chance 1.1.0 is not vulnerable to
that issue, but this change is additional hardening to prevent other
similar issues.

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
parent ad01b01c
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment