From f59374b274ec1fbedb67200677b20c46f222e402 Mon Sep 17 00:00:00 2001
From: gstarovo <gstarovo@redhat.com>
Date: Wed, 27 Nov 2024 16:55:43 +0100
Subject: [PATCH] fix: moved control of uncompressed point ext from server key
 exchange to check of client hello by server; that way the server will abort
 the connection after bad client hello, not after server key exchange

---
 tlslite/keyexchange.py   |  7 -------
 tlslite/tlsconnection.py | 15 +++++++++++++++
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/tlslite/keyexchange.py b/tlslite/keyexchange.py
index 05dc464f..5bade6fd 100644
--- a/tlslite/keyexchange.py
+++ b/tlslite/keyexchange.py
@@ -712,13 +712,6 @@ def makeServerKeyExchange(self, sigHash=None):
         ext_negotiated = ECPointFormat.uncompressed
         ext_c = self.clientHello.getExtension(ExtensionType.ec_point_formats)
         ext_s = self.serverHello.getExtension(ExtensionType.ec_point_formats)
-        if ext_c:
-            if ext_c.formats == []:
-                raise TLSDecodeError("Point formats extension is empty.")
-            elif ECPointFormat.uncompressed not in ext_c.formats:
-                raise TLSIllegalParameterException(
-                    "The client does not advertise "
-                    "the uncompressed point format extension.")
         if ext_c and ext_s:
             try:
                 ext_negotiated = next((i for i in ext_c.formats \
diff --git a/tlslite/tlsconnection.py b/tlslite/tlsconnection.py
index f0b673c8..cd29a3cf 100644
--- a/tlslite/tlsconnection.py
+++ b/tlslite/tlsconnection.py
@@ -3435,6 +3435,21 @@ def _serverGetClientHello(self, settings, private_key, cert_chain,
                     "Master Secret extension"):
                 yield result
 
+        # sanity check the ec point formats extension
+        ecExt = clientHello.getExtension(ExtensionType.ec_point_formats)
+        if ecExt:
+            if ecExt.formats == []:
+                for result in self._sendError(
+                        AlertDescription.decode_error,
+                        "Empty ec_point_formats extension"):
+                    yield result
+            if ECPointFormat.uncompressed not in ecExt.formats:
+                for result in self._sendError(
+                        AlertDescription.illegal_parameter,
+                        "Client sent ec_point_formats extension "
+                        "without uncompressed format"):
+                    yield result
+
         # sanity check the TLS 1.3 extensions
         ver_ext = clientHello.getExtension(ExtensionType.supported_versions)
         if ver_ext and (3, 4) in ver_ext.versions: