yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-08 10:55:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Dont send alert on invalid DTLS record type

Browse source 
Do not send fatal alerts when receiving a record with an invalid header
while running DTLS as this is not compliant behaviour.
This commit is contained in:
Andres Amaya Garcia 2017-07-05 13:26:34 +01:00 committed by Simon Butcher
parent 1fe5e8ab44
commit 1042d8637c
1 changed files with 7 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
library/ssl_tls.c
View file

@ -3458,7 +3458,6 @@ static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl )
*/
static int ssl_parse_record_header( mbedtls_ssl_context *ssl )
{
int ret;
int major_ver, minor_ver;
MBEDTLS_SSL_DEBUG_BUF( 4, "input record header", ssl->in_hdr, mbedtls_ssl_hdr_len( ssl ) );
@ -3480,12 +3479,13 @@ static int ssl_parse_record_header( mbedtls_ssl_context *ssl )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) );
if( ( ret = mbedtls_ssl_send_alert_message( ssl,
MBEDTLS_SSL_ALERT_LEVEL_FATAL,
MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ) ) != 0 )
{
return( ret );
}
#if defined(MBEDTLS_SSL_PROTO_DTLS)
/* Silently ignore invalid DTLS records as recommended by RFC 6347
* Section 4.1.2.7 */
if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM )
#endif /* MBEDTLS_SSL_PROTO_DTLS */
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
}