1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c
index d3a68528bc..652953f2bb 100644
--- a/src/lib/libssl/tls13_client.c
+++ b/src/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.60 2020/05/16 14:44:55 jsing Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.61 2020/05/17 14:26:15 jsing Exp $ */
 /*
 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
 *
@@ -597,7 +597,7 @@ tls13_server_certificate_recv(struct tls13_ctx *ctx, CBS *cbs)
        /* A server must always provide a non-empty certificate list. */
        if (sk_X509_num(certs) < 1) {
-                ctx->alert = TLS13_ALERT_ILLEGAL_PARAMETER;
+                ctx->alert = TLS13_ALERT_DECODE_ERROR;
                tls13_set_errorx(ctx, TLS13_ERR_NO_PEER_CERTIFICATE, 0,
                    "peer failed to provide a certificate", NULL);
                goto err;

diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c index d3a68528bc..652953f2bb 100644 --- a/src/lib/libssl/tls13_client.c +++ b/src/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_client.c,v 1.60 2020/05/16 14:44:55 jsing Exp $ */	1	/* $OpenBSD: tls13_client.c,v 1.61 2020/05/17 14:26:15 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -597,7 +597,7 @@ tls13_server_certificate_recv(struct tls13_ctx ctx, CBS cbs)
597		597
598	/* A server must always provide a non-empty certificate list. */	598	/* A server must always provide a non-empty certificate list. */
599	if (sk_X509_num(certs) < 1) {	599	if (sk_X509_num(certs) < 1) {
600	ctx->alert = TLS13_ALERT_ILLEGAL_PARAMETER;	600	ctx->alert = TLS13_ALERT_DECODE_ERROR;
601	tls13_set_errorx(ctx, TLS13_ERR_NO_PEER_CERTIFICATE, 0,	601	tls13_set_errorx(ctx, TLS13_ERR_NO_PEER_CERTIFICATE, 0,
602	"peer failed to provide a certificate", NULL);	602	"peer failed to provide a certificate", NULL);
603	goto err;	603	goto err;