Check SRP parameters early.

Check SRP parameters when they are received so we can send back an appropriate alert. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-08-03 21:25:22 +01:00
parent 4a23b12a03
commit 0989790b87
6 changed files with 54 additions and 13 deletions
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -2853,6 +2853,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_BAD_SRP_B_LENGTH				 348
 #define SSL_R_BAD_SRP_G_LENGTH				 349
 #define SSL_R_BAD_SRP_N_LENGTH				 350
+#define SSL_R_BAD_SRP_PARAMETERS			 371
 #define SSL_R_BAD_SRP_S_LENGTH				 351
 #define SSL_R_BAD_SRTP_MKI_VALUE			 352
 #define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST		 353
@@ -2914,7 +2915,6 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_ILLEGAL_PADDING				 283
 #define SSL_R_ILLEGAL_SUITEB_DIGEST			 380
 #define SSL_R_INCONSISTENT_COMPRESSION			 340
-#define SSL_R_INVALID_AUDIT_PROOF			 371
 #define SSL_R_INVALID_CHALLENGE_LENGTH			 158
 #define SSL_R_INVALID_COMMAND				 280
 #define SSL_R_INVALID_COMPRESSION_ALGORITHM		 341