File openssl-CVE-2019-1559.patch of Package openssl-1_0_0.16376

Index: openssl-1.0.2p/doc/ssl/SSL_get_error.pod
===================================================================
--- openssl-1.0.2p.orig/doc/ssl/SSL_get_error.pod	2018-08-14 14:48:58.000000000 +0200
+++ openssl-1.0.2p/doc/ssl/SSL_get_error.pod	2019-03-05 12:28:29.722943831 +0100
@@ -90,14 +90,17 @@ Details depend on the application.
 
 =item SSL_ERROR_SYSCALL
 
-Some non-recoverable I/O error occurred.
-The OpenSSL error queue may contain more information on the error.
-For socket I/O on Unix systems, consult B<errno> for details.
+Some non-recoverable, fatal I/O error occurred. The OpenSSL error queue may
+contain more information on the error. For socket I/O on Unix systems, consult
+B<errno> for details. If this error occurs then no further I/O operations should
+be performed on the connection and SSL_shutdown() must not be called.
 
 =item SSL_ERROR_SSL
 
-A failure in the SSL library occurred, usually a protocol error.  The
-OpenSSL error queue contains more information on the error.
+A non-recoverable, fatal error in the SSL library occurred, usually a protocol
+error.  The OpenSSL error queue contains more information on the error. If this
+error occurs then no further I/O operations should be performed on the
+connection and SSL_shutdown() must not be called.
 
 =back
 
Index: openssl-1.0.2p/doc/ssl/SSL_shutdown.pod
===================================================================
--- openssl-1.0.2p.orig/doc/ssl/SSL_shutdown.pod	2018-08-14 14:48:58.000000000 +0200
+++ openssl-1.0.2p/doc/ssl/SSL_shutdown.pod	2019-03-05 12:28:29.722943831 +0100
@@ -22,6 +22,10 @@ Whether the operation succeeds or not, t
 a currently open session is considered closed and good and will be kept in the
 session cache for further reuse.
 
+Note that SSL_shutdown() must not be called if a previous fatal error has
+occurred on a connection i.e. if SSL_get_error() has returned SSL_ERROR_SYSCALL
+or SSL_ERROR_SSL.
+
 The shutdown procedure consists of 2 steps: the sending of the "close notify"
 shutdown alert and the reception of the peer's "close notify" shutdown
 alert. According to the TLS standard, it is acceptable for an application
Index: openssl-1.0.2p/ssl/d1_pkt.c
===================================================================
--- openssl-1.0.2p.orig/ssl/d1_pkt.c	2018-08-14 14:48:59.000000000 +0200
+++ openssl-1.0.2p/ssl/d1_pkt.c	2019-03-05 12:28:29.722943831 +0100
@@ -1311,6 +1311,7 @@ int dtls1_read_bytes(SSL *s, int type, u
             ERR_add_error_data(2, "SSL alert number ", tmp);
             s->shutdown |= SSL_RECEIVED_SHUTDOWN;
             SSL_CTX_remove_session(s->session_ctx, s->session);
+            s->state = SSL_ST_ERR;
             return (0);
         } else {
             al = SSL_AD_ILLEGAL_PARAMETER;
Index: openssl-1.0.2p/ssl/s3_pkt.c
===================================================================
--- openssl-1.0.2p.orig/ssl/s3_pkt.c	2018-08-14 14:48:59.000000000 +0200
+++ openssl-1.0.2p/ssl/s3_pkt.c	2019-03-05 12:28:29.722943831 +0100
@@ -1500,6 +1500,7 @@ int ssl3_read_bytes(SSL *s, int type, un
             ERR_add_error_data(2, "SSL alert number ", tmp);
             s->shutdown |= SSL_RECEIVED_SHUTDOWN;
             SSL_CTX_remove_session(s->session_ctx, s->session);
+            s->state = SSL_ST_ERR;
             return (0);
         } else {
             al = SSL_AD_ILLEGAL_PARAMETER;
@@ -1719,9 +1720,12 @@ int ssl3_send_alert(SSL *s, int level, i
                                           * protocol_version alerts */
     if (desc < 0)
         return -1;
-    /* If a fatal one, remove from cache */
-    if ((level == 2) && (s->session != NULL))
-        SSL_CTX_remove_session(s->session_ctx, s->session);
+    /* If a fatal one, remove from cache and go into the error state */
+    if (level == SSL3_AL_FATAL) {
+        if (s->session != NULL)
+            SSL_CTX_remove_session(s->session_ctx, s->session);
+        s->state = SSL_ST_ERR;
+    }
 
     s->s3->alert_dispatch = 1;
     s->s3->send_alert[0] = level;
openSUSE Build Service is sponsored by