Fix some TLSv1.3 alert issues Ensure that the certificate required alert actually gets sent (and doesn't get translated into handshake failure in TLSv1.3). Ensure that proper reason codes are given for the new TLSv1.3 alerts. Remove an out of date macro for TLS13_AD_END_OF_EARLY_DATA. This is a left over from an earlier TLSv1.3 draft that is no longer used. Fixes #6804 Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6809)

commit: 43a0f2733a943799060ea275516fcce00d89eb38 [log] [tgz]
author: Matt Caswell <matt@openssl.org> Mon Jul 30 09:13:14 2018 +0100
committer: Matt Caswell <matt@openssl.org> Tue Jul 31 09:31:50 2018 +0100
tree: f306c49491086a35ac38767945b1a026006191ce
parent: 50db81633ece00593b245afed0ed9480d7ffb334 [diff] [blame]
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index d3e8056..11331ce 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c

@@ -1137,6 +1137,10 @@
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL_SESSION_VERSION_MISMATCH),
     "ssl session version mismatch"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_STILL_IN_INIT), "still in init"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED),
+    "tlsv13 alert certificate required"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV13_ALERT_MISSING_EXTENSION),
+    "tlsv13 alert missing extension"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_ACCESS_DENIED),
     "tlsv1 alert access denied"},
     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_DECODE_ERROR),
commit	43a0f2733a943799060ea275516fcce00d89eb38	[log] [tgz]
author	Matt Caswell <matt@openssl.org>	Mon Jul 30 09:13:14 2018 +0100
committer	Matt Caswell <matt@openssl.org>	Tue Jul 31 09:31:50 2018 +0100
tree	f306c49491086a35ac38767945b1a026006191ce
parent	50db81633ece00593b245afed0ed9480d7ffb334 [diff] [blame]