From 7bb37cb5938a0cf76c12c8421950e72634d5f61c Mon Sep 17 00:00:00 2001
From: EasySec <Easy.Sec@free.fr>
Date: Sat, 5 Nov 2016 22:56:13 +0100
Subject: [PATCH] When no SRP identity is found, no error was reported server
 side

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1859)
---
 ssl/statem/statem_srvr.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 6bd16b879b..89de0257ac 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1526,6 +1526,9 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst)
             if (al != TLS1_AD_UNKNOWN_PSK_IDENTITY)
                 SSLerr(SSL_F_TLS_POST_PROCESS_CLIENT_HELLO,
                        SSL_R_CLIENTHELLO_TLSEXT);
+            else
+                SSLerr(SSL_F_TLS_POST_PROCESS_CLIENT_HELLO,
+                       SSL_R_PSK_IDENTITY_NOT_FOUND);
             goto f_err;
         }
     }
-- 
GitLab