mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 16:50:48 +02:00
Merge pull request #10332 from jackctj117/SNI
tls.c: send missing_extension alert on TLS 1.3 SNI absence
This commit is contained in:
@@ -2593,7 +2593,10 @@ static int TLSX_SNI_VerifyParse(WOLFSSL* ssl, byte isRequest)
|
||||
continue;
|
||||
}
|
||||
|
||||
SendAlert(ssl, alert_fatal, handshake_failure);
|
||||
SendAlert(ssl, alert_fatal,
|
||||
IsAtLeastTLSv1_3(ssl->version)
|
||||
? missing_extension
|
||||
: handshake_failure);
|
||||
WOLFSSL_ERROR_VERBOSE(SNI_ABSENT_ERROR);
|
||||
return SNI_ABSENT_ERROR;
|
||||
}
|
||||
@@ -2604,7 +2607,10 @@ static int TLSX_SNI_VerifyParse(WOLFSSL* ssl, byte isRequest)
|
||||
if (ssl_sni->status != WOLFSSL_SNI_NO_MATCH)
|
||||
continue;
|
||||
|
||||
SendAlert(ssl, alert_fatal, handshake_failure);
|
||||
SendAlert(ssl, alert_fatal,
|
||||
IsAtLeastTLSv1_3(ssl->version)
|
||||
? missing_extension
|
||||
: handshake_failure);
|
||||
WOLFSSL_ERROR_VERBOSE(SNI_ABSENT_ERROR);
|
||||
return SNI_ABSENT_ERROR;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user