wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

add SendAlert(ssl, alert_fatal, bad_certificate);

Browse Source
This commit is contained in:
Takashi Kojo
2017-07-30 08:56:17 +09:00
committed by Jacob Barthelmeh
parent 401db67bcd
commit 2a4766198a
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/internal.c
View File

@ -8421,7 +8421,6 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
if (!ok) {
WOLFSSL_MSG("Verify callback overriding valid certificate!");
ret = -1;
SendAlert(ssl, alert_fatal, bad_certificate);
ssl->options.isClosed = 1;
}
#ifndef NO_CERTS
@ -8526,6 +8525,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
}
else {
WOLFSSL_MSG("\tNo callback override available, fatal");
SendAlert(ssl, alert_fatal, bad_certificate);
args->fatal = 1;
}
}
@ -8678,6 +8678,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
if (args->fatal) {
ssl->error = ret;
SendAlert(ssl, alert_fatal, bad_certificate);
#ifdef OPENSSL_EXTRA
ssl->peerVerifyRet = X509_V_ERR_CERT_REJECTED;
#endif
@ -23593,7 +23594,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
return ret;
}
#endif /* WOLFSSL_ASYNC_CRYPT */
if (ret != 0){
SendAlert(ssl, alert_fatal, bad_certificate);
}
/* Digest is not allocated, so do this to prevent free */
ssl->buffers.digest.buffer = NULL;
ssl->buffers.digest.length = 0;