projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b389992)
Fix the alert sent if no shared sig algs
authorMatt Caswell <matt@openssl.org>
Thu, 19 Apr 2018 09:38:57 +0000 (10:38 +0100)
committerMatt Caswell <matt@openssl.org>
Fri, 20 Apr 2018 10:42:07 +0000 (11:42 +0100)
We were sending illegal parameter. This isn't correct. The parameters are
legal, we just don't have an overlap. A more appropriate alert is
handshake failure.

Fixes #2919

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6011)

ssl/t1_lib.c patch | blob | history

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 179802ca598a27358966c9e4a0c24f6405612bdc..8cb8816f9b13ffa03d0ad011151dd6530f3ca538 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3165,7 +3165,7 @@ int tls1_set_server_sigalgs(SSL *s)
         if (!s->cert->shared_sigalgs) {
             SSLerr(SSL_F_TLS1_SET_SERVER_SIGALGS,
                    SSL_R_NO_SHARED_SIGATURE_ALGORITHMS);
-            al = SSL_AD_ILLEGAL_PARAMETER;
+            al = SSL_AD_HANDSHAKE_FAILURE;
             goto err;
         }
     } else
Unnamed repository; edit this file 'description' to name the repository.