Don't send an alert when receiving a record of unknown ContentType
We don't send alerts on other instances of ill-formed records, so why should we do it here? If we want to keep it, the alerts should rather be sent ssl_get_next_record().
This commit is contained in:
parent
a8814794e9
commit
d5c0f826e6
1 changed files with 0 additions and 9 deletions
|
@ -4941,15 +4941,6 @@ static int ssl_parse_record_header( mbedtls_ssl_context *ssl )
|
|||
if( ssl_check_record_type( ssl->in_msgtype ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) );
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
/* Silently ignore invalid DTLS records as recommended by RFC 6347
|
||||
* Section 4.1.2.7 */
|
||||
if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM )
|
||||
#endif /* MBEDTLS_SSL_PROTO_DTLS */
|
||||
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
|
||||
MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
|
||||
|
||||
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue