提交 fb62e47c 编写于 作者: M Matt Caswell

Don't send a warning alert in TLSv1.3

TLSv1.3 ignores the alert level, so we should suppress sending of
warning only alerts.

Fixes #6211
Reviewed-by: NAndy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6370)
上级 4aa5a566
......@@ -984,7 +984,9 @@ static int final_server_name(SSL *s, unsigned int context, int sent)
return 0;
case SSL_TLSEXT_ERR_ALERT_WARNING:
ssl3_send_alert(s, SSL3_AL_WARNING, altmp);
/* TLSv1.3 doesn't have warning alerts so we suppress this */
if (!SSL_IS_TLS13(s))
ssl3_send_alert(s, SSL3_AL_WARNING, altmp);
return 1;
case SSL_TLSEXT_ERR_NOACK:
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册