From: EasySec <Easy.Sec@free.fr>
Date: Sat, 5 Nov 2016 21:56:13 +0000 (+0100)
Subject: When no SRP identity is found, no error was reported server side
X-Git-Tag: OpenSSL_1_1_1-pre1~3132
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=7bb37cb5938a0cf76c12c8421950e72634d5f61c;p=oweals%2Fopenssl.git

When no SRP identity is found, no error was reported server side

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1859)
---

diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 6bd16b879b..89de0257ac 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1526,6 +1526,9 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst)
             if (al != TLS1_AD_UNKNOWN_PSK_IDENTITY)
                 SSLerr(SSL_F_TLS_POST_PROCESS_CLIENT_HELLO,
                        SSL_R_CLIENTHELLO_TLSEXT);
+            else
+                SSLerr(SSL_F_TLS_POST_PROCESS_CLIENT_HELLO,
+                       SSL_R_PSK_IDENTITY_NOT_FOUND);
             goto f_err;
         }
     }