diff options
| author | Tomas Mraz <tomas@openssl.org> | 2022-12-09 13:27:02 +0100 |
|---|---|---|
| committer | Pauli <pauli@openssl.org> | 2022-12-13 10:10:57 +1100 |
| commit | 97b8db1af2f71059ecea986e4d12fc6a23699a74 (patch) | |
| tree | 088eac4eca6faedb54863b022f0ba26d015a9130 /ssl/statem | |
| parent | d89e0361d5ff5b32c24edac6c60c5ae38714e6c3 (diff) | |
| download | openssl-new-97b8db1af2f71059ecea986e4d12fc6a23699a74.tar.gz | |
Make error reason for disallowed legacy sigalg more specific
The internal error reason is confusing and indicating an error
in OpenSSL and not a configuration problem.
Fixes #19867
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19875)
Diffstat (limited to 'ssl/statem')
| -rw-r--r-- | ssl/statem/statem_clnt.c | 3 | ||||
| -rw-r--r-- | ssl/statem/statem_lib.c | 3 |
2 files changed, 4 insertions, 2 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 4114131435..a1b7954a66 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2349,7 +2349,8 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL_CONNECTION *s, PACKET *pkt) goto err; } } else if (!tls1_set_peer_legacy_sigalg(s, pkey)) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, + SSL_R_LEGACY_SIGALG_DISALLOWED_OR_UNSUPPORTED); goto err; } diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 155afd5d91..10e6ef9edd 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -442,7 +442,8 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL_CONNECTION *s, PACKET *pkt) goto err; } } else if (!tls1_set_peer_legacy_sigalg(s, pkey)) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, + SSL_R_LEGACY_SIGALG_DISALLOWED_OR_UNSUPPORTED); goto err; } |