Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
接近 2 年 前同步成功

通知 12
Star 18
Fork 1
T
Third Party Openssl
提交 f69fe73a 编写于 作者: M Matt Caswell
浏览文件
操作

Fix more alert codes 

Reviewed-by: NTim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3436)
上级 ef57a475
隐藏空白更改
内联 并排
Showing with 6 addition and 6 deletion
ssl/statem/extensions_clnt.c
浏览文件 @ f69fe73a
...@@ -1312,7 +1312,7 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, ...@@ -1312,7 +1312,7 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
} }
if (!PACKET_get_net_2(pkt, &group_id)) { if (!PACKET_get_net_2(pkt, &group_id)) {
*al = SSL_AD_HANDSHAKE_FAILURE; *al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, SSL_R_LENGTH_MISMATCH); SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, SSL_R_LENGTH_MISMATCH);
return 0; return 0;
} }
...@@ -1322,7 +1322,7 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, ...@@ -1322,7 +1322,7 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
size_t i, num_curves; size_t i, num_curves;
if (PACKET_remaining(pkt) != 0) { if (PACKET_remaining(pkt) != 0) {
*al = SSL_AD_HANDSHAKE_FAILURE; *al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, SSL_R_LENGTH_MISMATCH); SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, SSL_R_LENGTH_MISMATCH);
return 0; return 0;
} }
...@@ -1364,7 +1364,7 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, ...@@ -1364,7 +1364,7 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
* This isn't for the group that we sent in the original * This isn't for the group that we sent in the original
* key_share! * key_share!
*/ */
*al = SSL_AD_HANDSHAKE_FAILURE; *al = SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, SSL_R_BAD_KEY_SHARE); SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, SSL_R_BAD_KEY_SHARE);
return 0; return 0;
} }
...@@ -1465,13 +1465,13 @@ int tls_parse_stoc_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x, ...@@ -1465,13 +1465,13 @@ int tls_parse_stoc_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
unsigned int identity; unsigned int identity;
if (!PACKET_get_net_2(pkt, &identity) || PACKET_remaining(pkt) != 0) { if (!PACKET_get_net_2(pkt, &identity) || PACKET_remaining(pkt) != 0) {
*al = SSL_AD_HANDSHAKE_FAILURE; *al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_TLS_PARSE_STOC_PSK, SSL_R_LENGTH_MISMATCH); SSLerr(SSL_F_TLS_PARSE_STOC_PSK, SSL_R_LENGTH_MISMATCH);
return 0; return 0;
} }
if (s->session->ext.tick_identity != (int)identity) { if (s->session->ext.tick_identity != (int)identity) {
*al = SSL_AD_HANDSHAKE_FAILURE; *al = SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_TLS_PARSE_STOC_PSK, SSL_R_BAD_PSK_IDENTITY); SSLerr(SSL_F_TLS_PARSE_STOC_PSK, SSL_R_BAD_PSK_IDENTITY);
return 0; return 0;
} }
......
ssl/statem/statem_clnt.c
浏览文件 @ f69fe73a
...@@ -1787,7 +1787,7 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt) ...@@ -1787,7 +1787,7 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt)
if (pkey == NULL || EVP_PKEY_missing_parameters(pkey)) { if (pkey == NULL || EVP_PKEY_missing_parameters(pkey)) {
x = NULL; x = NULL;
al = SSL3_AL_FATAL; al = SSL_AD_INTERNAL_ERROR;
SSLerr(SSL_F_TLS_PROCESS_SERVER_CERTIFICATE, SSLerr(SSL_F_TLS_PROCESS_SERVER_CERTIFICATE,
SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS); SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
goto f_err; goto f_err;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册