From 40069ebd6c370109a29b7e2f8ff685d4bc4d038f Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Wed, 22 Mar 2017 23:33:37 +1030 Subject: Records with ContentType.heartbeat should give 'unexpected_message' - Heartbeat support currently incomplete (never negotiated) --- crypto/src/crypto/tls/RecordStream.cs | 2 +- crypto/src/crypto/tls/TlsProtocol.cs | 28 ++++++++++++---------------- 2 files changed, 13 insertions(+), 17 deletions(-) diff --git a/crypto/src/crypto/tls/RecordStream.cs b/crypto/src/crypto/tls/RecordStream.cs index b1060fd6d..dc66d0df7 100644 --- a/crypto/src/crypto/tls/RecordStream.cs +++ b/crypto/src/crypto/tls/RecordStream.cs @@ -359,7 +359,7 @@ namespace Org.BouncyCastle.Crypto.Tls case ContentType.alert: case ContentType.change_cipher_spec: case ContentType.handshake: - case ContentType.heartbeat: + //case ContentType.heartbeat: break; default: throw new TlsFatalAlert(alertDescription); diff --git a/crypto/src/crypto/tls/TlsProtocol.cs b/crypto/src/crypto/tls/TlsProtocol.cs index f259812f8..05f06f5ea 100644 --- a/crypto/src/crypto/tls/TlsProtocol.cs +++ b/crypto/src/crypto/tls/TlsProtocol.cs @@ -261,23 +261,19 @@ namespace Org.BouncyCastle.Crypto.Tls ProcessHandshake(); break; } - case ContentType.heartbeat: - { - if (!mAppDataReady) - throw new TlsFatalAlert(AlertDescription.unexpected_message); - - // TODO[RFC 6520] - // mHeartbeatQueue.AddData(buf, offset, len); - // ProcessHeartbeat(); - break; - } + //case ContentType.heartbeat: + //{ + // if (!mAppDataReady) + // throw new TlsFatalAlert(AlertDescription.unexpected_message); + + // // TODO[RFC 6520] + // //mHeartbeatQueue.AddData(buf, offset, len); + // //ProcessHeartbeat(); + // break; + //} default: - /* - * Uh, we don't know this protocol. - * - * RFC2246 defines on page 13, that we should ignore this. - */ - break; + // Record type should already have been checked + throw new TlsFatalAlert(AlertDescription.internal_error); } } -- cgit 1.4.1