ssl: send alert on bad psk

2025-07-30 02:37:28 +02:00 · 2023-03-07 10:40:27 +00:00
parent 7b53baea62
commit 4227f763a8
1 changed files with 6 additions and 0 deletions
--- a/src/ssl.c
+++ b/src/ssl.c
@ -13505,6 +13505,12 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
                #ifdef WOLFSSL_CHECK_ALERT_ON_ERR
                    ProcessReplyEx(ssl, 1); /* See if an alert was sent. */
                #endif
+#ifdef WOLFSSL_EXTRA_ALERTS
+                    if (ssl->error == NO_PEER_KEY ||
+                        ssl->error == PSK_KEY_ERROR) {
+                        SendAlert(ssl, alert_fatal, handshake_failure);
+                    }
+#endif
                    WOLFSSL_ERROR(ssl->error);
                    return WOLFSSL_FATAL_ERROR;
                }