Fixed SSL error checks in transport_ssl_cb

Fix error define use. The callback is called from ssl3_dispatch_alert or dtls1_dispatch_alert where the alert define is left shifted by 8. Additionally ignore close notifcation. (#3814)
2017-02-27 15:41:27 +01:00 · 2017-02-27 15:41:27 +01:00 · e455cc1745
parent 689d2696d2
commit e455cc1745
1 changed files with 6 additions and 3 deletions
--- a/libfreerdp/core/transport.c
+++ b/libfreerdp/core/transport.c
@ -154,13 +154,13 @@ out:

 static void transport_ssl_cb(SSL* ssl, int where, int ret)
 {
-	if (where | SSL_CB_ALERT)
+	if (where & SSL_CB_ALERT)
 	{
 		rdpTransport* transport = (rdpTransport*) SSL_get_app_data(ssl);

 		switch (ret)
 		{
-			case SSL3_AL_FATAL | SSL_AD_ACCESS_DENIED:
+			case (SSL3_AL_FATAL << 8) | SSL_AD_ACCESS_DENIED:
 				{
 					if (!freerdp_get_last_error(transport->context))
 					{
@ -169,7 +169,7 @@ static void transport_ssl_cb(SSL* ssl, int where, int ret)
 				}
 				break;

-			case SSL3_AL_FATAL | SSL_AD_INTERNAL_ERROR:
+			case (SSL3_AL_FATAL << 8) | SSL_AD_INTERNAL_ERROR:
 				{
 					if (transport->NlaMode)
 					{
@ -193,6 +193,9 @@ static void transport_ssl_cb(SSL* ssl, int where, int ret)

 					break;

+				case (SSL3_AL_WARNING << 8) | SSL3_AD_CLOSE_NOTIFY:
+					break;
+
 				default:
 					WLog_Print(transport->log, WLOG_WARN, "Unhandled SSL error (where=%d, ret=%d [%s, %s])", where, ret,
 					           SSL_alert_type_string_long(ret), SSL_alert_desc_string_long(ret));