From: Daiki Ueno <dueno@redhat.com>
Date: Tue, 7 Aug 2018 10:32:56 +0000 (+0200)
Subject: alert: map GNUTLS_E_NO_COMMON_KEY_SHARE to handshake_failure
X-Git-Tag: gnutls_3_6_4~42^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c862b8920e3548c8a157cdafdd6f24d183e5eccb;p=thirdparty%2Fgnutls.git

alert: map GNUTLS_E_NO_COMMON_KEY_SHARE to handshake_failure

Previously, when server received a ClientHello that does include only
groups from unassigned ranges in supported_groups, it aborted the
connection with an illegal_parameter.

Resolves #537

Signed-off-by: Daiki Ueno <dueno@redhat.com>
---

diff --git a/lib/alert.c b/lib/alert.c
index 5755970ca1..9b10123345 100644
--- a/lib/alert.c
+++ b/lib/alert.c
@@ -221,7 +221,6 @@ int gnutls_error_to_alert(int err, int *level)
 	case GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER:
 	case GNUTLS_E_ILLEGAL_SRP_USERNAME:
 	case GNUTLS_E_PK_INVALID_PUBKEY:
-	case GNUTLS_E_NO_COMMON_KEY_SHARE:
 		ret = GNUTLS_A_ILLEGAL_PARAMETER;
 		_level = GNUTLS_AL_FATAL;
 		break;
@@ -255,6 +254,7 @@ int gnutls_error_to_alert(int err, int *level)
 	case GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL:
 	case GNUTLS_E_UNKNOWN_PK_ALGORITHM:
 	case GNUTLS_E_UNWANTED_ALGORITHM:
+	case GNUTLS_E_NO_COMMON_KEY_SHARE:
 		ret = GNUTLS_A_HANDSHAKE_FAILURE;
 		_level = GNUTLS_AL_FATAL;
 		break;