Send an illegal parameter alert if the update type in a KeyUpdate is wrong

Previously we sent a decode_error alert. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3436)
author: Matt Caswell <matt@openssl.org> 2017-05-11 10:14:17 +0100
committer: Matt Caswell <matt@openssl.org> 2017-05-11 13:13:04 +0100
commit: 2d871227faf7f4e287caa04be43957f8e2df43a4 (patch)
tree: 6f6de90e26827aac567d9603822f039646bca260 /ssl
parent: 1a281aab730fc089291b774b05441c737f0d1d3d (diff)
1 files changed, 8 insertions, 3 deletions
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index 8b1dddaa3b..34871114b9 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -583,14 +583,19 @@ MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt)
     }
 
     if (!PACKET_get_1(pkt, &updatetype)
-            || PACKET_remaining(pkt) != 0
-            || (updatetype != SSL_KEY_UPDATE_NOT_REQUESTED
-                && updatetype != SSL_KEY_UPDATE_REQUESTED)) {
+            || PACKET_remaining(pkt) != 0) {
         al = SSL_AD_DECODE_ERROR;
         SSLerr(SSL_F_TLS_PROCESS_KEY_UPDATE, SSL_R_BAD_KEY_UPDATE);
         goto err;
     }
 
+    if (updatetype != SSL_KEY_UPDATE_NOT_REQUESTED
+            && updatetype != SSL_KEY_UPDATE_REQUESTED) {
+        al = SSL_AD_ILLEGAL_PARAMETER;
+        SSLerr(SSL_F_TLS_PROCESS_KEY_UPDATE, SSL_R_BAD_KEY_UPDATE);
+        goto err;
+    }
+
     /*
      * If we get a request for us to update our sending keys too then, we need
      * to additionally send a KeyUpdate message. However that message should
author	Matt Caswell <matt@openssl.org>	2017-05-11 10:14:17 +0100
committer	Matt Caswell <matt@openssl.org>	2017-05-11 13:13:04 +0100
commit	2d871227faf7f4e287caa04be43957f8e2df43a4 (patch)
tree	6f6de90e26827aac567d9603822f039646bca260 /ssl
parent	1a281aab730fc089291b774b05441c737f0d1d3d (diff)