RT 3060: amend patch Use existing error code SSL_R_RECORD_TOO_SMALL for too many empty records. For ease of backporting the patch to release branches. Reviewed-by: Bodo Moeller <bodo@openssl.org>
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 9a1d65d..ea45b86 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c
@@ -574,7 +574,7 @@ if (empty_record_count > MAX_EMPTY_RECORDS) { al=SSL_AD_UNEXPECTED_MESSAGE; - SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_TOO_MANY_EMPTY_FRAGMENTS); + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_RECORD_TOO_SMALL); goto f_err; } goto again;
diff --git a/ssl/ssl.h b/ssl/ssl.h index dc18255..5f542d1 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h
@@ -3072,7 +3072,6 @@ #define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157 #define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233 #define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234 -#define SSL_R_TOO_MANY_EMPTY_FRAGMENTS 393 #define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235 #define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236 #define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 5712e67..796e2b6 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c
@@ -581,7 +581,6 @@ {ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),"tls invalid ecpointformat list"}, {ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),"tls peer did not respond with certificate list"}, {ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG),"tls rsa encrypted value length is wrong"}, -{ERR_REASON(SSL_R_TOO_MANY_EMPTY_FRAGMENTS),"too many empty fragments"}, {ERR_REASON(SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER),"tried to use unsupported cipher"}, {ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS),"unable to decode dh certs"}, {ERR_REASON(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS),"unable to decode ecdh certs"},