From 0d60206666fb7858771dd072f581da074bd51554 Mon Sep 17 00:00:00 2001 From: tb Date: Tue, 8 Jun 2021 17:22:00 +0000 Subject: [PATCH] Adjust alert for ECPF without uncompressed point format According to RFC 8422, we must send an illegal_parameter alert on receiving an ECPF extension that doesn't include the uncompressed format, not a decode_error. Reported via GitHub issue #675. ok jsing --- lib/libssl/ssl_tlsext.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/libssl/ssl_tlsext.c b/lib/libssl/ssl_tlsext.c index 2bf7d5a051a..bd707333628 100644 --- a/lib/libssl/ssl_tlsext.c +++ b/lib/libssl/ssl_tlsext.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_tlsext.c,v 1.92 2021/05/16 14:10:43 jsing Exp $ */ +/* $OpenBSD: ssl_tlsext.c,v 1.93 2021/06/08 17:22:00 tb Exp $ */ /* * Copyright (c) 2016, 2017, 2019 Joel Sing * Copyright (c) 2017 Doug Hogan @@ -359,10 +359,11 @@ tlsext_ecpf_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) if (CBS_len(cbs) != 0) goto err; - /* Must contain uncompressed (0) */ + /* Must contain uncompressed (0) - RFC 8422, section 5.1.2. */ if (!CBS_contains_zero_byte(&ecpf)) { SSLerror(s, SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST); - goto err; + *alert = SSL3_AD_ILLEGAL_PARAMETER; + return 0; } if (!s->internal->hit) { -- 2.20.1