In the 1.0.2 stable branch, the following code in s3_srvr.c sets the return value twice (line# 380). Should the return value be SSL_TLSEXT_ERR_ALERT_FATAL, or -1?
if (ret != SSL_ERROR_NONE) { ssl3_send_alert(s, SSL3_AL_FATAL, al); /* * This is not really an error but the only means to for * a client to detect whether srp is supported. */ if (al != TLS1_AD_UNKNOWN_PSK_IDENTITY) SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_CLIENTHELLO_TLSEXT); ret = SSL_TLSEXT_ERR_ALERT_FATAL; ret = -1; goto end; } _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev