Commit ebb188f0d0 for openssl.org
commit ebb188f0d08e35e25e9f2f4c5392036c75048014
Author: Igor Ustinov <igus68@gmail.com>
Date: Fri Feb 27 11:41:49 2026 +0100
Ensure fatal errors from the record layer put the state machine into err
We fix a problem with the record layer handling code where a fatal error
in the record layer that does not have an alert code associated with it
caused us to not transition the state machine into the error state. If we
have a fatal error we should always do that.
This patch was developed by Matt Caswell <matt@openssl.org>
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Saša NedvÄ›dický <sashan@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Thu Mar 5 14:03:27 2026
(Merged from https://github.com/openssl/openssl/pull/30230)
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 670b03ab0b..3a256861f7 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -529,13 +529,18 @@ int ossl_tls_handle_rlayer_return(SSL_CONNECTION *s, int writing, int ret,
ERR_new();
ERR_set_debug(file, line, 0);
ossl_statem_fatal(s, al, SSL_R_RECORD_LAYER_FAILURE, NULL);
+ } else {
+ /*
+ * Some failure but there is no alert code. We don't log an
+ * error for this. The record layer should have logged an error
+ * already or, if not, its due to some sys call error which will be
+ * reported via SSL_ERROR_SYSCALL and errno. We do still set the
+ * state machine into an error state via ossl_statem_send_fatal().
+ * This doesn't actually send an alert because we are using
+ * SSL_AD_NO_ALERT.
+ */
+ ossl_statem_send_fatal(s, SSL_AD_NO_ALERT);
}
- /*
- * else some failure but there is no alert code. We don't log an
- * error for this. The record layer should have logged an error
- * already or, if not, its due to some sys call error which will be
- * reported via SSL_ERROR_SYSCALL and errno.
- */
}
/*
* The record layer distinguishes the cases of EOF, non-fatal