mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 13:20:52 +02:00
Send illegal_parameter alert rather than handshake_failure when the server tries to use a cipher suite that the client does not support. Fixes #9639.
This commit is contained in:
+2
-2
@@ -5497,8 +5497,8 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
suite[1] = ssl->options.cipherSuite;
|
||||
if (!FindSuiteSSL(ssl, suite)) {
|
||||
WOLFSSL_MSG("Cipher suite not supported on client");
|
||||
WOLFSSL_ERROR_VERBOSE(MATCH_SUITE_ERROR);
|
||||
return MATCH_SUITE_ERROR;
|
||||
WOLFSSL_ERROR_VERBOSE(INVALID_PARAMETER);
|
||||
return INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECH)
|
||||
|
||||
Reference in New Issue
Block a user