Commit 4041f9cd authored by Oleksii Beketov's avatar Oleksii Beketov

Bad hello on TLS closure

Prevent treating reciprocal close_notify alert
as an error after TSL connection closure.

Change-Id: I22bc91a2f3c3e9bc13438588ca17b5944fcdc48f
Signed-off-by: default avatarOleksii Beketov <ol.beketov@samsung.com>
parent e8df8550
......@@ -1185,6 +1185,16 @@ static bool checkSslOperation(SslEndPoint_t* peer,
(MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME != ret) &&
(MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY != ret) &&
(MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL != ret))
{
if (MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO == ret)
{
unsigned char *buf = peer->ssl.in_hdr;
if (buf[0] == 0x15)
{
OIC_LOG_V(INFO, NET_SSL_TAG, "encrypted alert message received");
}
}
else
{
size_t bufSize = 1024;
char *bufMsg = (char*)OICCalloc(1, bufSize);
......@@ -1198,6 +1208,7 @@ static bool checkSslOperation(SslEndPoint_t* peer,
{
OIC_LOG_V(ERROR, NET_SSL_TAG, "%s: -0x%x", (str), -ret);
}
}
// Make a copy of the endpoint, because the callback might
// free the peer object, during notifySubscriber() below.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment