diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-11-05 21:43:59 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-11-05 21:43:59 +0700 |
| commit | 51628afb7a6a9979bcd736af04fd0e01656ef26d (patch) | |
| tree | a7ffc3e79721168954cc7bf13790a9e74a47d8e3 /crypto/src/tls/DtlsTransport.cs | |
| parent | Preprocessor symbol cleanup (diff) | |
| download | BouncyCastle.NET-ed25519-51628afb7a6a9979bcd736af04fd0e01656ef26d.tar.xz | |
Add TlsPeer.IgnoreCorruptDtlsRecords
- property controls behaviour when bad_record_mac thrown for DTLS record. - defaults to 'false' (don't ignore i.e. fail the connection) - see https://github.com/bcgit/bc-csharp/pull/279
Diffstat (limited to 'crypto/src/tls/DtlsTransport.cs')
| -rw-r--r-- | crypto/src/tls/DtlsTransport.cs | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/crypto/src/tls/DtlsTransport.cs b/crypto/src/tls/DtlsTransport.cs index 1a6ec131f..6d481702f 100644 --- a/crypto/src/tls/DtlsTransport.cs +++ b/crypto/src/tls/DtlsTransport.cs @@ -8,10 +8,12 @@ namespace Org.BouncyCastle.Tls : DatagramTransport { private readonly DtlsRecordLayer m_recordLayer; + private readonly bool m_ignoreCorruptRecords; - internal DtlsTransport(DtlsRecordLayer recordLayer) + internal DtlsTransport(DtlsRecordLayer recordLayer, bool ignoreCorruptRecords) { - this.m_recordLayer = recordLayer; + m_recordLayer = recordLayer; + m_ignoreCorruptRecords = ignoreCorruptRecords; } /// <exception cref="IOException"/> @@ -44,6 +46,9 @@ namespace Org.BouncyCastle.Tls } catch (TlsFatalAlert fatalAlert) { + if (m_ignoreCorruptRecords && AlertDescription.bad_record_mac == fatalAlert.AlertDescription) + return -1; + m_recordLayer.Fail(fatalAlert.AlertDescription); throw fatalAlert; } |