[gnutls-devel] GnuTLS | Wrong alert when client does not advertise any groups that server supports (#537)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Fri Aug 3 14:39:52 CEST 2018
Thanks, most likely the fix is trivial, though I haven't tried it yet (may be side-effects if the server and client use this error code for different purposes).
```
diff --git a/lib/alert.c b/lib/alert.c
index 6b1950778..39797c165 100644
--- a/lib/alert.c
+++ b/lib/alert.c
@@ -220,7 +220,6 @@ int gnutls_error_to_alert(int err, int *level)
case GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER:
case GNUTLS_E_ILLEGAL_SRP_USERNAME:
case GNUTLS_E_PK_INVALID_PUBKEY:
- case GNUTLS_E_NO_COMMON_KEY_SHARE:
ret = GNUTLS_A_ILLEGAL_PARAMETER;
_level = GNUTLS_AL_FATAL;
break;
@@ -254,6 +253,7 @@ int gnutls_error_to_alert(int err, int *level)
case GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL:
case GNUTLS_E_UNKNOWN_PK_ALGORITHM:
case GNUTLS_E_UNWANTED_ALGORITHM:
+ case GNUTLS_E_NO_COMMON_KEY_SHARE:
ret = GNUTLS_A_HANDSHAKE_FAILURE;
_level = GNUTLS_AL_FATAL;
break;
```
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/537#note_92344438
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20180803/8cd745b6/attachment.html>
More information about the Gnutls-devel
mailing list