Use the right alert for bad CA lists. Bug: 245 Change-Id: I6bfaf2dbe4996219773742a88c401d6cfffe3a3d Reviewed-on: https://boringssl-review.googlesource.com/28284 Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Steven Valdez <svaldez@google.com> Reviewed-by: Steven Valdez <svaldez@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: 418cdc4df42b0ba60ae2cf4a124204c1d67676a4 [log] [tgz]
author: David Benjamin <davidben@google.com> Wed May 09 13:56:09 2018 -0400
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Wed May 09 18:04:38 2018 +0000
tree: a59b08e8bb3c43b3a9693a029454341c27285b32
parent: 3babc86d0f0135e155bd0a4acb435de5dae3103b [diff]
diff --git a/ssl/ssl_cert.cc b/ssl/ssl_cert.cc
index 730280c..8b56955 100644
--- a/ssl/ssl_cert.cc
+++ b/ssl/ssl_cert.cc

@@ -663,7 +663,7 @@
   }
 
   if (!ssl->ctx->x509_method->check_client_CA_list(ret.get())) {
-    *out_alert = SSL_AD_INTERNAL_ERROR;
+    *out_alert = SSL_AD_DECODE_ERROR;
     OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
     return nullptr;
   }
commit	418cdc4df42b0ba60ae2cf4a124204c1d67676a4	[log] [tgz]
author	David Benjamin <davidben@google.com>	Wed May 09 13:56:09 2018 -0400
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Wed May 09 18:04:38 2018 +0000
tree	a59b08e8bb3c43b3a9693a029454341c27285b32
parent	3babc86d0f0135e155bd0a4acb435de5dae3103b [diff]