diff options
| author | Enji Cooper <ngie@FreeBSD.org> | 2025-07-11 00:18:38 +0000 |
|---|---|---|
| committer | Enji Cooper <ngie@FreeBSD.org> | 2025-07-11 00:18:38 +0000 |
| commit | ecf8229ffeb17a05c78fab6b973b0cccb84e25c5 (patch) | |
| tree | da8cf5ccc84d9bc3fbadcf674c7d501f9ca7ab5d /ssl/s3_lib.c | |
| parent | 1c34280346af8284acdc0eae39496811d37df25d (diff) | |
Diffstat (limited to 'ssl/s3_lib.c')
| -rw-r--r-- | ssl/s3_lib.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index bcfe57b46f08..7c76ae13db76 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * Copyright 2005 Nokia. All rights reserved. * @@ -4820,7 +4820,10 @@ int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret) } if (EVP_PKEY_derive(pctx, pms, &pmslen) <= 0) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); + /* + * the public key was probably a weak key + */ + SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_KEY_SHARE); goto err; } @@ -4923,7 +4926,7 @@ int ssl_encapsulate(SSL *s, EVP_PKEY *pubkey, } if (EVP_PKEY_encapsulate(pctx, ct, &ctlen, pms, &pmslen) <= 0) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); + SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_KEY_SHARE); goto err; } |