Commit 37b7c777 authored by Dmitriy Zhuravlev's avatar Dmitriy Zhuravlev Committed by Randeep

Fix DTLS backward compatibility

mbedTLS expects the close_notify message as warning alert,
but tinyDTLS sends fatal alert

Change-Id: I91046d4eb23f6b7537abe0a3a2a2e2c6c2893f14
Signed-off-by: default avatarDmitriy Zhuravlev <d.zhuravlev@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/13961Reviewed-by: default avatarKevin Kane <kkane@microsoft.com>
Reviewed-by: default avatarOleksii Beketov <ol.beketov@samsung.com>
Tested-by: default avatarjenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: default avatarJongsung Lee <js126.lee@samsung.com>
Reviewed-by: default avatarJongmin Choi <jminl.choi@samsung.com>
Reviewed-by: default avatarChul Lee <chuls.lee@samsung.com>
Reviewed-by: Randeep's avatarRandeep Singh <randeep.s@samsung.com>
parent 301e125f
......@@ -1708,7 +1708,11 @@ CAResult_t CAdecryptSsl(const CASecureEndpoint_t *sep, uint8_t *data, uint32_t d
ret = mbedtls_ssl_read(&peer->ssl, decryptBuffer, TLS_MSG_BUF_LEN);
} while (MBEDTLS_ERR_SSL_WANT_READ == ret);
if (MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY == ret)
if (MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY == ret ||
// TinyDTLS sends fatal close_notify alert
(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE == ret &&
MBEDTLS_SSL_ALERT_LEVEL_FATAL == peer->ssl.in_msg[0] &&
MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY == peer->ssl.in_msg[1]))
{
OIC_LOG(INFO, NET_SSL_TAG, "Connection was closed gracefully");
SSL_CLOSE_NOTIFY(peer, ret);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment