diff options
-rw-r--r-- | lib/alert.c | 1 | ||||
-rw-r--r-- | lib/tls-sig.c | 4 | ||||
-rw-r--r-- | tests/server_ecdsa_key.c | 2 |
3 files changed, 4 insertions, 3 deletions
diff --git a/lib/alert.c b/lib/alert.c index d3d58888fc..0aa3a69aa8 100644 --- a/lib/alert.c +++ b/lib/alert.c @@ -250,6 +250,7 @@ int gnutls_error_to_alert(int err, int *level) case GNUTLS_E_SAFE_RENEGOTIATION_FAILED: case GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL: case GNUTLS_E_UNKNOWN_PK_ALGORITHM: + case GNUTLS_E_UNWANTED_ALGORITHM: ret = GNUTLS_A_HANDSHAKE_FAILURE; _level = GNUTLS_AL_FATAL; break; diff --git a/lib/tls-sig.c b/lib/tls-sig.c index 6425c508c7..378ed3e1a3 100644 --- a/lib/tls-sig.c +++ b/lib/tls-sig.c @@ -178,7 +178,7 @@ _gnutls_handshake_sign_data(gnutls_session_t session, *sign_algo = _gnutls_session_get_sign_algo(session, cert, 0); if (*sign_algo == GNUTLS_SIGN_UNKNOWN) { gnutls_assert(); - return GNUTLS_E_UNKNOWN_PK_ALGORITHM; + return GNUTLS_E_UNWANTED_ALGORITHM; } gnutls_sign_algorithm_set_server(session, *sign_algo); @@ -552,7 +552,7 @@ _gnutls_handshake_sign_crt_vrfy12(gnutls_session_t session, sign_algo = _gnutls_session_get_sign_algo(session, cert, 1); if (sign_algo == GNUTLS_SIGN_UNKNOWN) { gnutls_assert(); - return GNUTLS_E_UNKNOWN_PK_ALGORITHM; + return GNUTLS_E_UNWANTED_ALGORITHM; } } diff --git a/tests/server_ecdsa_key.c b/tests/server_ecdsa_key.c index 3a8848f90c..d2c400208f 100644 --- a/tests/server_ecdsa_key.c +++ b/tests/server_ecdsa_key.c @@ -89,7 +89,7 @@ void doit(void) } test_cli_serv_expect(serv_cred, cli_cred, "NORMAL", "NORMAL:-SIGN-ALL", NULL, GNUTLS_E_AGAIN, GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM); - test_cli_serv_expect(serv_cred, cli_cred, "NORMAL", "NORMAL:-SIGN-ECDSA-SHA224:-SIGN-ECDSA-SHA1:-SIGN-ECDSA-SHA256:-SIGN-ECDSA-SHA384:-SIGN-ECDSA-SHA512", NULL, GNUTLS_E_UNKNOWN_PK_ALGORITHM, GNUTLS_E_AGAIN); + test_cli_serv_expect(serv_cred, cli_cred, "NORMAL", "NORMAL:-SIGN-ECDSA-SHA224:-SIGN-ECDSA-SHA1:-SIGN-ECDSA-SHA256:-SIGN-ECDSA-SHA384:-SIGN-ECDSA-SHA512", NULL, GNUTLS_E_UNWANTED_ALGORITHM, GNUTLS_E_AGAIN); gnutls_certificate_free_credentials(serv_cred); gnutls_certificate_free_credentials(cli_cred); |