Fix a crash in SSLfatal due to invalid enc_write_ctx

Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5645)
author: Bernd Edlinger <bernd.edlinger@hotmail.de> 2018-03-16 13:29:51 +0100
committer: Bernd Edlinger <bernd.edlinger@hotmail.de> 2018-03-19 14:16:54 +0100
commit: d4ef4fbf46a51837a54e4a7cd0140eb9f08fdf30 (patch)
tree: 1507db0bb8061345eca6f69296477e43aef8e43d /ssl/t1_enc.c
parent: Fix no-cmac (diff)
download: openssl-d4ef4fbf46a51837a54e4a7cd0140eb9f08fdf30.tar.xz
openssl-d4ef4fbf46a51837a54e4a7cd0140eb9f08fdf30.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index bd7ff50c21..a138b60633 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -154,6 +154,7 @@ int tls1_change_cipher_state(SSL *s, int which)
         mac_secret = &(s->s3->read_mac_secret[0]);
         mac_secret_size = &(s->s3->read_mac_secret_size);
     } else {
+        s->statem.invalid_enc_write_ctx = 1;
         if (s->ext.use_etm)
             s->s3->flags |= TLS1_FLAGS_ENCRYPT_THEN_MAC_WRITE;
         else
@@ -316,6 +317,7 @@ int tls1_change_cipher_state(SSL *s, int which)
                  ERR_R_INTERNAL_ERROR);
         goto err;
     }
+    s->statem.invalid_enc_write_ctx = 0;
 
 #ifdef SSL_DEBUG
     printf("which = %04X\nkey=", which);
author	Bernd Edlinger <bernd.edlinger@hotmail.de>	2018-03-16 13:29:51 +0100
committer	Bernd Edlinger <bernd.edlinger@hotmail.de>	2018-03-19 14:16:54 +0100
commit	d4ef4fbf46a51837a54e4a7cd0140eb9f08fdf30 (patch)
tree	1507db0bb8061345eca6f69296477e43aef8e43d /ssl/t1_enc.c
parent	Fix no-cmac (diff)
download	openssl-d4ef4fbf46a51837a54e4a7cd0140eb9f08fdf30.tar.xz openssl-d4ef4fbf46a51837a54e4a7cd0140eb9f08fdf30.zip