Google Git
Sign in
boringssl/boringssl.git/c68e5b99a75561fb3fd7e1d4e3f1c82e5f5f170a^!/./ssl/t1_lib.c
commit
c68e5b99a75561fb3fd7e1d4e3f1c82e5f5f170a
[log]
author
Adam Langley <agl@google.com>
Wed Feb 08 13:33:15 2017 -0800
committer
Adam Langley <agl@google.com>
Thu Feb 09 18:07:30 2017 +0000
tree
6e5738343f0aa4c65d1f0f577ea9f739e56063cb
parent
644539191bcdbe8e2758ccddf2cd54a4303e2ac1 [diff] [blame]
Establish that the default value of an out-arg for alerts is SSL_AD_DECODE_ERROR.

We already have some cases where the default is DECODE_ERROR and, rather
than have two defaults, just harmonise on that. (INTERNAL_ERROR might
make more sense in some cases, but we don't want to have to remember
what the default is in each case and nobody really cares what the actual
value is anyway.)

Change-Id: I28007898e8d6e7415219145eb9f43ea875028ab2
Reviewed-on: https://boringssl-review.googlesource.com/13720
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index d66a2e6..cf46742 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c

@@ -2962,7 +2962,7 @@
 int ssl_parse_clienthello_tlsext(SSL_HANDSHAKE *hs,
                                  const SSL_CLIENT_HELLO *client_hello) {
   SSL *const ssl = hs->ssl;
-  int alert = -1;
+  int alert = SSL_AD_DECODE_ERROR;
   if (ssl_scan_clienthello_tlsext(hs, client_hello, &alert) <= 0) {
     ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
     return 0;
@@ -3085,7 +3085,7 @@
 
 int ssl_parse_serverhello_tlsext(SSL_HANDSHAKE *hs, CBS *cbs) {
   SSL *const ssl = hs->ssl;
-  int alert = -1;
+  int alert = SSL_AD_DECODE_ERROR;
   if (ssl_scan_serverhello_tlsext(hs, cbs, &alert) <= 0) {
     ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
     return 0;