yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-12 00:35:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Don't send an alert when receiving a record of unknown ContentType

Browse source 
We don't send alerts on other instances of ill-formed records,
so why should we do it here? If we want to keep it, the alerts
should rather be sent ssl_get_next_record().
This commit is contained in:
Hanno Becker 2019-07-10 16:53:30 +01:00 committed by Manuel Pégourié-Gonnard
parent dc4d62748c
commit a61925fa51
1 changed files with 0 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
library/ssl_tls.c
View file

@ -4772,17 +4772,6 @@ static int ssl_parse_record_header( mbedtls_ssl_context *ssl )
if( ssl_check_record_type( ssl->in_msgtype ) ) if( ssl_check_record_type( ssl->in_msgtype ) )
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) );
#if defined(MBEDTLS_SSL_PROTO_TLS)
/* Silently ignore invalid DTLS records as recommended by RFC 6347
* Section 4.1.2.7, that is, send alert only with TLS */
if( MBEDTLS_SSL_TRANSPORT_IS_TLS( ssl->conf->transport ) )
{
mbedtls_ssl_pend_fatal_alert( ssl,
MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
}
#endif /* MBEDTLS_SSL_PROTO_TLS */
return( MBEDTLS_ERR_SSL_INVALID_RECORD ); return( MBEDTLS_ERR_SSL_INVALID_RECORD );
} }