From: Dmitry Belyavskiy <beldmit@gmail.com>
Date: Wed, 4 Aug 2021 13:40:24 +0000 (+0200)
Subject: Omitted signature_algorithms extension alerts updated
X-Git-Tag: openssl-3.0.0~129
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b4f1b7b65871de8f44228e77fc9ab2ac8b6d7918;p=thirdparty%2Fopenssl.git

Omitted signature_algorithms extension alerts updated

Fixes #15484

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16217)
---

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 3579202c224..9345838f6ab 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3302,7 +3302,7 @@ int tls_choose_sigalg(SSL *s, int fatalerrs)
                 if ((lu = tls1_get_legacy_sigalg(s, -1)) == NULL) {
                     if (!fatalerrs)
                         return 1;
-                    SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+                    SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
                              SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM);
                     return 0;
                 }
@@ -3317,7 +3317,7 @@ int tls_choose_sigalg(SSL *s, int fatalerrs)
                 if (i == sent_sigslen) {
                     if (!fatalerrs)
                         return 1;
-                    SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER,
+                    SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
                              SSL_R_WRONG_SIGNATURE_TYPE);
                     return 0;
                 }