Commit 279bf3e0 authored by Matt Caswell's avatar Matt Caswell
Browse files

Fix the alert sent if no shared sig algs 



We were sending illegal parameter. This isn't correct. The parameters are
legal, we just don't have an overlap. A more appropriate alert is
handshake failure.

Fixes #2919

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6011)
parent b3899924

ssl/t1_lib.c

+1 −1
Original line number Diff line number Diff line
@@ -3165,7 +3165,7 @@ int tls1_set_server_sigalgs(SSL *s) 
        if (!s->cert->shared_sigalgs) {

            SSLerr(SSL_F_TLS1_SET_SERVER_SIGALGS,

                   SSL_R_NO_SHARED_SIGATURE_ALGORITHMS);

            al = SSL_AD_ILLEGAL_PARAMETER;

            al = SSL_AD_HANDSHAKE_FAILURE;

            goto err;

        }

    } else