aboutsummaryrefslogtreecommitdiffstats
path: root/src/libtls/tls_server.c
diff options
context:
space:
mode:
authorMartin Willi <martin@revosec.ch>2010-08-25 18:24:27 +0200
committerMartin Willi <martin@revosec.ch>2010-08-25 18:24:27 +0200
commita596006e3f5ed37cc9d5fee773d9fd02471c295d (patch)
tree4288d1ce0bc9c805586351e5e033ccc7aefc42e8 /src/libtls/tls_server.c
parentee88ddd6aaef6708c1a02b3860b7c01ee39ee63a (diff)
downloadstrongswan-a596006e3f5ed37cc9d5fee773d9fd02471c295d.tar.bz2
strongswan-a596006e3f5ed37cc9d5fee773d9fd02471c295d.tar.xz
Send TLS alerts for errors in TLS handshake building
Diffstat (limited to 'src/libtls/tls_server.c')
-rw-r--r--src/libtls/tls_server.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c
index 0914afad3..47e12a854 100644
--- a/src/libtls/tls_server.c
+++ b/src/libtls/tls_server.c
@@ -414,6 +414,7 @@ static status_t send_server_hello(private_tls_server_t *this,
if (!rng)
{
DBG1(DBG_TLS, "no suitable RNG found to generate server random");
+ this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
return FAILED;
}
rng->get_bytes(rng, sizeof(this->server_random) - 4, this->server_random + 4);
@@ -456,6 +457,7 @@ static status_t send_certificate(private_tls_server_t *this,
if (!this->private)
{
DBG1(DBG_TLS, "no TLS server certificate found for '%Y'", this->server);
+ this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
return FAILED;
}
@@ -563,6 +565,7 @@ static status_t send_finished(private_tls_server_t *this,
if (!this->crypto->calculate_finished(this->crypto, "server finished", buf))
{
DBG1(DBG_TLS, "calculating server finished data failed");
+ this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
return FAILED;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-25 19:01:21 +0000