From 1b81c9d193b05da688d088eb4d92b1add0d56c02 Mon Sep 17 00:00:00 2001 From: tb <> Date: Tue, 8 Jun 2021 17:22:00 +0000 Subject: Adjust alert for ECPF without uncompressed point format According to RFC 8422, we must send an illegal_parameter alert on receiving an ECPF extension that doesn't include the uncompressed format, not a decode_error. Reported via GitHub issue #675. ok jsing --- src/lib/libssl/ssl_tlsext.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index 2bf7d5a051..bd70733362 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_tlsext.c,v 1.92 2021/05/16 14:10:43 jsing Exp $ */ +/* $OpenBSD: ssl_tlsext.c,v 1.93 2021/06/08 17:22:00 tb Exp $ */ /* * Copyright (c) 2016, 2017, 2019 Joel Sing * Copyright (c) 2017 Doug Hogan @@ -359,10 +359,11 @@ tlsext_ecpf_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) if (CBS_len(cbs) != 0) goto err; - /* Must contain uncompressed (0) */ + /* Must contain uncompressed (0) - RFC 8422, section 5.1.2. */ if (!CBS_contains_zero_byte(&ecpf)) { SSLerror(s, SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST); - goto err; + *alert = SSL3_AD_ILLEGAL_PARAMETER; + return 0; } if (!s->internal->hit) { -- cgit v1.2.3-55-g6feb