mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 02:15:40 +01:00
ssl_read() stops returning non-application data
This commit is contained in:
parent
55e4ff2ace
commit
f26a1e8602
@ -10,6 +10,8 @@ Bugfix
|
|||||||
* Fix compile error in timing.c when POLARSSL_NET_C and POLARSSL_SELFTEST
|
* Fix compile error in timing.c when POLARSSL_NET_C and POLARSSL_SELFTEST
|
||||||
are defined but not POLARSSL_HAVE_TIME (found by Stephane Di Vito).
|
are defined but not POLARSSL_HAVE_TIME (found by Stephane Di Vito).
|
||||||
* Remove non-existent file from VS projects (found by Peter Vaskovic).
|
* Remove non-existent file from VS projects (found by Peter Vaskovic).
|
||||||
|
* ssl_read() could return non-application data records on server while
|
||||||
|
renegotation was pending, and on client when a HelloRequest was received.
|
||||||
|
|
||||||
Changes
|
Changes
|
||||||
* Ciphersuites using SHA-256 or SHA-384 now require TLS 1.x (there is no
|
* Ciphersuites using SHA-256 or SHA-384 now require TLS 1.x (there is no
|
||||||
@ -18,6 +20,8 @@ Changes
|
|||||||
ambiguous on how to encode some packets with SSL 3.0).
|
ambiguous on how to encode some packets with SSL 3.0).
|
||||||
* Made buffer size in pk_write_(pub)key_pem() more dynamic, eg smaller if
|
* Made buffer size in pk_write_(pub)key_pem() more dynamic, eg smaller if
|
||||||
RSA is disabled, larger if POLARSSL_MPI_MAX_SIZE is larger.
|
RSA is disabled, larger if POLARSSL_MPI_MAX_SIZE is larger.
|
||||||
|
* ssl_read() now returns POLARSSL_ERR_NET_WANT_READ rather than
|
||||||
|
POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE on harmless alerts.
|
||||||
|
|
||||||
= PolarSSL 1.3.8 released 2014-07-11
|
= PolarSSL 1.3.8 released 2014-07-11
|
||||||
Security
|
Security
|
||||||
|
@ -4357,9 +4357,10 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len )
|
|||||||
SSL_DEBUG_RET( 1, "ssl_start_renegotiation", ret );
|
SSL_DEBUG_RET( 1, "ssl_start_renegotiation", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
return( POLARSSL_ERR_NET_WANT_READ );
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Tell the user to call ssl_read() again */
|
||||||
|
return( POLARSSL_ERR_NET_WANT_READ );
|
||||||
}
|
}
|
||||||
else if( ssl->renegotiation == SSL_RENEGOTIATION_PENDING )
|
else if( ssl->renegotiation == SSL_RENEGOTIATION_PENDING )
|
||||||
{
|
{
|
||||||
@ -4373,7 +4374,15 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len )
|
|||||||
return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
|
return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else if( ssl->in_msgtype != SSL_MSG_APPLICATION_DATA )
|
|
||||||
|
/* Fatal and closure alerts handled by ssl_read_record() */
|
||||||
|
if( ssl->in_msgtype == SSL_MSG_ALERT )
|
||||||
|
{
|
||||||
|
SSL_DEBUG_MSG( 2, ( "ignoring non-fatal non-closure alert" ) );
|
||||||
|
return( POLARSSL_ERR_NET_WANT_READ );
|
||||||
|
}
|
||||||
|
|
||||||
|
if( ssl->in_msgtype != SSL_MSG_APPLICATION_DATA )
|
||||||
{
|
{
|
||||||
SSL_DEBUG_MSG( 1, ( "bad application data message" ) );
|
SSL_DEBUG_MSG( 1, ( "bad application data message" ) );
|
||||||
return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
|
return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
|
||||||
|
Loading…
Reference in New Issue
Block a user