[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Matt Caswell
matt at openssl.org
Fri Apr 20 10:40:21 UTC 2018
The branch OpenSSL_1_1_0-stable has been updated
via f55e2fa7b9d4692b31ad7ad72e71915e853de384 (commit)
from 544069175245b9826dc5f9ddf9e2f38f5b08e1c5 (commit)
- Log -----------------------------------------------------------------
commit f55e2fa7b9d4692b31ad7ad72e71915e853de384
Author: Matt Caswell <matt at openssl.org>
Date: Thu Apr 19 10:38:57 2018 +0100
Fix the alert sent if no shared sig algs
We were sending illegal parameter. This isn't correct. The parameters are
legal, we just don't have an overlap. A more appropriate alert is
handshake failure.
Fixes #2919
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6010)
-----------------------------------------------------------------------
Summary of changes:
ssl/t1_lib.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 5ba7377..6f4078e 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2800,7 +2800,7 @@ int tls1_set_server_sigalgs(SSL *s)
if (!s->cert->shared_sigalgs) {
SSLerr(SSL_F_TLS1_SET_SERVER_SIGALGS,
SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS);
- al = SSL_AD_ILLEGAL_PARAMETER;
+ al = SSL_AD_HANDSHAKE_FAILURE;
goto err;
}
} else {
More information about the openssl-commits
mailing list