- Report unexpected_message if unknown record type is received
This commit is contained in:
Paul Bakker
parent
6f3578cfc8
commit
0a9251870a
2 changed files with 53 additions and 0 deletions
|
|
@ -695,6 +695,19 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len );
|
||||||
*/
|
*/
|
||||||
int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len );
|
int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len );
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Send an alert message
|
||||||
|
*
|
||||||
|
* \param ssl SSL context
|
||||||
|
* \param level The alert level of the message
|
||||||
|
* (SSL_ALERT_LEVEL_WARNING or SSL_ALERT_LEVEL_FATAL)
|
||||||
|
* \param message The alert message (SSL_ALERT_MSG_*)
|
||||||
|
*
|
||||||
|
* \return 1 if successful, or a specific SSL error code.
|
||||||
|
*/
|
||||||
|
int ssl_send_alert_message( ssl_context *ssl,
|
||||||
|
unsigned char level,
|
||||||
|
unsigned char message );
|
||||||
/**
|
/**
|
||||||
* \brief Notify the peer that the connection is being closed
|
* \brief Notify the peer that the connection is being closed
|
||||||
*
|
*
|
||||||
|
|
|
||||||
|
|
@ -1359,6 +1359,22 @@ int ssl_read_record( ssl_context *ssl )
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if( ssl->in_msgtype != SSL_MSG_HANDSHAKE &&
|
||||||
|
ssl->in_msgtype != SSL_MSG_ALERT &&
|
||||||
|
ssl->in_msgtype != SSL_MSG_CHANGE_CIPHER_SPEC &&
|
||||||
|
ssl->in_msgtype != SSL_MSG_APPLICATION_DATA )
|
||||||
|
{
|
||||||
|
SSL_DEBUG_MSG( 1, ( "unknown record type" ) );
|
||||||
|
|
||||||
|
if( ( ret = ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL,
|
||||||
|
SSL_ALERT_MSG_UNEXPECTED_MESSAGE ) ) != 0 )
|
||||||
|
{
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
|
||||||
|
return( POLARSSL_ERR_SSL_INVALID_RECORD );
|
||||||
|
}
|
||||||
|
|
||||||
if( ssl->in_msgtype == SSL_MSG_HANDSHAKE )
|
if( ssl->in_msgtype == SSL_MSG_HANDSHAKE )
|
||||||
{
|
{
|
||||||
ssl->in_hslen = 4;
|
ssl->in_hslen = 4;
|
||||||
|
|
@ -1421,6 +1437,30 @@ int ssl_read_record( ssl_context *ssl )
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int ssl_send_alert_message( ssl_context *ssl,
|
||||||
|
unsigned char level,
|
||||||
|
unsigned char message )
|
||||||
|
{
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
SSL_DEBUG_MSG( 2, ( "=> send alert message" ) );
|
||||||
|
|
||||||
|
ssl->out_msgtype = SSL_MSG_ALERT;
|
||||||
|
ssl->out_msglen = 2;
|
||||||
|
ssl->out_msg[0] = level;
|
||||||
|
ssl->out_msg[1] = message;
|
||||||
|
|
||||||
|
if( ( ret = ssl_write_record( ssl ) ) != 0 )
|
||||||
|
{
|
||||||
|
SSL_DEBUG_RET( 1, "ssl_write_record", ret );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
|
||||||
|
SSL_DEBUG_MSG( 2, ( "<= send alert message" ) );
|
||||||
|
|
||||||
|
return( 0 );
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Handshake functions
|
* Handshake functions
|
||||||
*/
|
*/
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue