kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use the right alert for bad CA lists.

Browse Source 
Bug: 245
Change-Id: I6bfaf2dbe4996219773742a88c401d6cfffe3a3d
Reviewed-on: https://boringssl-review.googlesource.com/28284
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
David Benjamin 2018-05-09 13:56:09 -04:00 committed by CQ bot account: commit-bot@chromium.org
parent 3babc86d0f
commit 418cdc4df4
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ssl/ssl_cert.cc
View File

@ -663,7 +663,7 @@ UniquePtr<STACK_OF(CRYPTO_BUFFER)> ssl_parse_client_CA_list(SSL *ssl,
}
if (!ssl->ctx->x509_method->check_client_CA_list(ret.get())) {
*out_alert = SSL_AD_INTERNAL_ERROR;
*out_alert = SSL_AD_DECODE_ERROR;
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
return nullptr;
}