]> git.ipfire.org Git - thirdparty/openssl.git/commit - ssl/statem/statem_clnt.c
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 10e6d23) | patch
Fix SSLv3 alert if no Client Ceritifcate sent after a request for one
authorMatt Caswell <matt@openssl.org>
Wed, 22 Jun 2016 18:43:46 +0000 (19:43 +0100)
committerMatt Caswell <matt@openssl.org>
Mon, 18 Jul 2016 13:30:14 +0000 (14:30 +0100)
commit672f3337c36d932bf214edf0a1a65fd069142282
treec2e0c3472495b51546c6485da2774a114dece66atree | snapshot
parent10e6d235494f69365914f959f83b448b0b21dca2commit | diff
Fix SSLv3 alert if no Client Ceritifcate sent after a request for one

In TLS if the server sends a CertificateRequest and the client does not
provide one, if the server cannot continue it should send a
HandshakeFailure alert. In SSLv3 the same should happen, but instead we
were sending an UnexpectedMessage alert. This is incorrect - the message
isn't unexpected - it is valid for the client not to send one - its just
that we cannot continue without one.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
ssl/statem/statem.c diff | blob | blame | history
ssl/statem/statem_clnt.c diff | blob | blame | history
ssl/statem/statem_srvr.c diff | blob | blame | history
A mirror of the official openssl repository