Always flush the BIO when we send any alert

At the moment we flush the write BIO if we send a fatal alert, but not a warning one. This can mean the warning is never sent if we never do another write and subsequently flush the BIO. Instead we should just always flush after writing an alert. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3432)
2024-11-21 01:15:20 +08:00 · 2017-05-12 09:05:11 -04:00 · 2017-05-12 09:05:11 -04:00 · 270d65fa34
commit 270d65fa34
parent 84344efa7a
1 changed files with 3 additions and 5 deletions
--- a/ssl/s3_msg.c
+++ b/ssl/s3_msg.c
@ -105,12 +105,10 @@ int ssl3_dispatch_alert(SSL *s)
        s->s3->alert_dispatch = 1;
    } else {
        /*
-         * Alert sent to BIO.  If it is important, flush it now. If the
-         * message does not get sent due to non-blocking IO, we will not
-         * worry too much.
+         * Alert sent to BIO - now flush. If the message does not get sent due
+         * to non-blocking IO, we will not worry too much.
         */
-        if (s->s3->send_alert[0] == SSL3_AL_FATAL)
-            (void)BIO_flush(s->wbio);
+        (void)BIO_flush(s->wbio);

        if (s->msg_callback)
            s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert,