diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2007-11-24 18:51:13 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2007-11-24 18:51:13 +0200 |
commit | 4a19fd59da474b3de977a925fd91578db7e3d4a1 (patch) | |
tree | ab37976ce2676ec449eed379aad9a86ae9f6fada /lib/gnutls_record.c | |
parent | 00b764c86c20adfec59f2c8a60b021a4b57b59e9 (diff) | |
download | gnutls-4a19fd59da474b3de977a925fd91578db7e3d4a1.tar.gz |
We now ignore received packets with unknown content types
to follow the TLS spec.
Diffstat (limited to 'lib/gnutls_record.c')
-rw-r--r-- | lib/gnutls_record.c | 36 |
1 files changed, 8 insertions, 28 deletions
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c index d4ff531078..edc4dd1409 100644 --- a/lib/gnutls_record.c +++ b/lib/gnutls_record.c @@ -489,25 +489,6 @@ _gnutls_send_change_cipher_spec (gnutls_session_t session, int again) } } -inline static int -check_recv_type (content_type_t recv_type) -{ - switch (recv_type) - { - case GNUTLS_CHANGE_CIPHER_SPEC: - case GNUTLS_ALERT: - case GNUTLS_HANDSHAKE: - case GNUTLS_APPLICATION_DATA: - case GNUTLS_INNER_APPLICATION: - return 0; - default: - gnutls_assert (); - return GNUTLS_E_UNSUPPORTED_VERSION_PACKET; - } - -} - - /* Checks if there are pending data in the record buffers. If there are * then it copies the data. */ @@ -766,13 +747,14 @@ record_check_type (gnutls_session_t session, return GNUTLS_E_UNEXPECTED_PACKET; break; default: - + /* an unknown content type was received. Just ignore it. */ _gnutls_record_log ("REC[%x]: Received Unknown packet %d expecting %d\n", session, recv_type, type); gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; + /* call again to receive actual data */ + return GNUTLS_E_AGAIN; } } @@ -916,14 +898,10 @@ begin: return ret; } -/* Here we check if the Type of the received packet is - * ok. +/* Here we no longer check if the Type of the received packet is + * ok. According to TLS 1.0 we should just ignore unknown content types. + * So we proceed as normal. */ - if ((ret = check_recv_type (recv_type)) < 0) - { - gnutls_assert (); - return ret; - } /* Here we check if the advertized version is the one we * negotiated in the handshake. @@ -1035,6 +1013,8 @@ begin: return GNUTLS_E_RECORD_LIMIT_REACHED; } + /* Check if the received type is the one we expect. + */ ret = record_check_type (session, recv_type, type, htype, tmp.data, decrypted_length); |