diff options
author | Martin Willi <martin@revosec.ch> | 2010-08-25 18:24:27 +0200 |
---|---|---|
committer | Martin Willi <martin@revosec.ch> | 2010-08-25 18:24:27 +0200 |
commit | a596006e3f5ed37cc9d5fee773d9fd02471c295d (patch) | |
tree | 4288d1ce0bc9c805586351e5e033ccc7aefc42e8 /src/libtls/tls_server.c | |
parent | ee88ddd6aaef6708c1a02b3860b7c01ee39ee63a (diff) | |
download | strongswan-a596006e3f5ed37cc9d5fee773d9fd02471c295d.tar.bz2 strongswan-a596006e3f5ed37cc9d5fee773d9fd02471c295d.tar.xz |
Send TLS alerts for errors in TLS handshake building
Diffstat (limited to 'src/libtls/tls_server.c')
-rw-r--r-- | src/libtls/tls_server.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c index 0914afad3..47e12a854 100644 --- a/src/libtls/tls_server.c +++ b/src/libtls/tls_server.c @@ -414,6 +414,7 @@ static status_t send_server_hello(private_tls_server_t *this, if (!rng) { DBG1(DBG_TLS, "no suitable RNG found to generate server random"); + this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR); return FAILED; } rng->get_bytes(rng, sizeof(this->server_random) - 4, this->server_random + 4); @@ -456,6 +457,7 @@ static status_t send_certificate(private_tls_server_t *this, if (!this->private) { DBG1(DBG_TLS, "no TLS server certificate found for '%Y'", this->server); + this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR); return FAILED; } @@ -563,6 +565,7 @@ static status_t send_finished(private_tls_server_t *this, if (!this->crypto->calculate_finished(this->crypto, "server finished", buf)) { DBG1(DBG_TLS, "calculating server finished data failed"); + this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR); return FAILED; } |