alert: GNUTLS_E_NO_CERTIFICATE_FOUND maps to GNUTLS_A_DECODE_ERROR

This is the closest to use alert when no certificate is found; at least it is closer according to tlsfuzzer and rfc5246 text on insuficient_security alert. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-03-06 14:21:45 +0100
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2017-03-07 22:06:46 +0100
commit: f15ff24e91f9ec91479dd0cb5257278f7ccff227 (patch)
tree: 05068fc09959dbd6ec74ded833e68854e50d7db0
parent: c53052c5edbdc0828f08b77d5e9a76b82486a0c5 (diff)
download: gnutls-f15ff24e91f9ec91479dd0cb5257278f7ccff227.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/alert.c b/lib/alert.c
index 8b262b7b43..c22b84bd36 100644
--- a/lib/alert.c
+++ b/lib/alert.c
@@ -203,6 +203,7 @@ int gnutls_error_to_alert(int err, int *level)
 		break;
 	case GNUTLS_E_UNEXPECTED_PACKET_LENGTH:
 	case GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH:
+	case GNUTLS_E_NO_CERTIFICATE_FOUND:
 		ret = GNUTLS_A_DECODE_ERROR;
 		_level = GNUTLS_AL_FATAL;
 		break;
@@ -294,7 +295,6 @@ int gnutls_error_to_alert(int err, int *level)
 		_level = GNUTLS_AL_FATAL;
 		break;
 	case GNUTLS_E_DH_PRIME_UNACCEPTABLE:
-	case GNUTLS_E_NO_CERTIFICATE_FOUND:
 	case GNUTLS_E_SESSION_USER_ID_CHANGED:
 		ret = GNUTLS_A_INSUFFICIENT_SECURITY;
 		_level = GNUTLS_AL_FATAL;
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-03-06 14:21:45 +0100
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2017-03-07 22:06:46 +0100
commit	f15ff24e91f9ec91479dd0cb5257278f7ccff227 (patch)
tree	05068fc09959dbd6ec74ded833e68854e50d7db0
parent	c53052c5edbdc0828f08b77d5e9a76b82486a0c5 (diff)
download	gnutls-f15ff24e91f9ec91479dd0cb5257278f7ccff227.tar.gz