summaryrefslogtreecommitdiffstats
path: root/ssl/statem/extensions.c
diff options
context:
space:
mode:
authorMatt Caswell <matt@openssl.org>2018-05-18 09:08:19 +0100
committerMatt Caswell <matt@openssl.org>2018-06-11 15:46:21 +0100
commitfb62e47c782397cadf607b92ce50f2bbe250d12e (patch)
treed0c62044e28b8a0086dbf2bbdae02193fb8b8b29 /ssl/statem/extensions.c
parent4aa5a5669c69a66fbd8b31c52014356f1e960501 (diff)
Don't send a warning alert in TLSv1.3
TLSv1.3 ignores the alert level, so we should suppress sending of warning only alerts. Fixes #6211 Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6370)
Diffstat (limited to 'ssl/statem/extensions.c')
-rw-r--r--ssl/statem/extensions.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 8885e5e0d7..496039e3d4 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -984,7 +984,9 @@ static int final_server_name(SSL *s, unsigned int context, int sent)
return 0;
case SSL_TLSEXT_ERR_ALERT_WARNING:
- ssl3_send_alert(s, SSL3_AL_WARNING, altmp);
+ /* TLSv1.3 doesn't have warning alerts so we suppress this */
+ if (!SSL_IS_TLS13(s))
+ ssl3_send_alert(s, SSL3_AL_WARNING, altmp);
return 1;
case SSL_TLSEXT_ERR_NOACK:
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-12 04:08:46 +0000