diff options
author | Daiki Ueno <dueno@redhat.com> | 2018-08-07 12:32:56 +0200 |
---|---|---|
committer | Daiki Ueno <dueno@redhat.com> | 2018-08-08 11:19:20 +0200 |
commit | c862b8920e3548c8a157cdafdd6f24d183e5eccb (patch) | |
tree | 2edac8b1ba645834e5663de693b232f44bf9becb | |
parent | 05c99c612069c6cdcb5bdfa457275ded9b321fb8 (diff) | |
download | gnutls-c862b8920e3548c8a157cdafdd6f24d183e5eccb.tar.gz |
alert: map GNUTLS_E_NO_COMMON_KEY_SHARE to handshake_failure
Previously, when server received a ClientHello that does include only
groups from unassigned ranges in supported_groups, it aborted the
connection with an illegal_parameter.
Resolves #537
Signed-off-by: Daiki Ueno <dueno@redhat.com>
-rw-r--r-- | lib/alert.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/alert.c b/lib/alert.c index 5755970ca1..9b10123345 100644 --- a/lib/alert.c +++ b/lib/alert.c @@ -221,7 +221,6 @@ int gnutls_error_to_alert(int err, int *level) case GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER: case GNUTLS_E_ILLEGAL_SRP_USERNAME: case GNUTLS_E_PK_INVALID_PUBKEY: - case GNUTLS_E_NO_COMMON_KEY_SHARE: ret = GNUTLS_A_ILLEGAL_PARAMETER; _level = GNUTLS_AL_FATAL; break; @@ -255,6 +254,7 @@ int gnutls_error_to_alert(int err, int *level) case GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL: case GNUTLS_E_UNKNOWN_PK_ALGORITHM: case GNUTLS_E_UNWANTED_ALGORITHM: + case GNUTLS_E_NO_COMMON_KEY_SHARE: ret = GNUTLS_A_HANDSHAKE_FAILURE; _level = GNUTLS_AL_FATAL; break; |