Include the extension in the error in ssl_parse_extensions This mirrors the callback-based system. If we get an unsolicited extension, it's nice to say which it was. Also fix one of the existing ones to remove what seems to have been a stray colon. Change-Id: I2a796ea008823fc749eebc3d2d22b94562329b6b Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/75427 Auto-Submit: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com>
diff --git a/ssl/extensions.cc b/ssl/extensions.cc index df914c8..eb15914 100644 --- a/ssl/extensions.cc +++ b/ssl/extensions.cc
@@ -3667,7 +3667,7 @@ if (!(hs->extensions.sent & (1u << ext_index))) { // If the extension was never sent then it is illegal. OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION); - ERR_add_error_dataf("extension :%u", (unsigned)type); + ERR_add_error_dataf("extension %u", (unsigned)type); *out_alert = SSL_AD_UNSUPPORTED_EXTENSION; return false; }
diff --git a/ssl/handshake.cc b/ssl/handshake.cc index 84df6f0..18e9c3c 100644 --- a/ssl/handshake.cc +++ b/ssl/handshake.cc
@@ -198,6 +198,7 @@ continue; } OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION); + ERR_add_error_dataf("extension %u", unsigned{type}); *out_alert = SSL_AD_UNSUPPORTED_EXTENSION; return false; }