From 51628afb7a6a9979bcd736af04fd0e01656ef26d Mon Sep 17 00:00:00 2001
From: Peter Dettman <peter.dettman@bouncycastle.org>
Date: Sat, 5 Nov 2022 21:43:59 +0700
Subject: Add TlsPeer.IgnoreCorruptDtlsRecords

- property controls behaviour when bad_record_mac thrown for DTLS record.
- defaults to 'false' (don't ignore i.e. fail the connection)
- see https://github.com/bcgit/bc-csharp/pull/279
---
 crypto/src/tls/DtlsServerProtocol.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'crypto/src/tls/DtlsServerProtocol.cs')

diff --git a/crypto/src/tls/DtlsServerProtocol.cs b/crypto/src/tls/DtlsServerProtocol.cs
index b42f97b64..5edd5595e 100644
--- a/crypto/src/tls/DtlsServerProtocol.cs
+++ b/crypto/src/tls/DtlsServerProtocol.cs
@@ -381,7 +381,7 @@ namespace Org.BouncyCastle.Tls
 
             recordLayer.InitHeartbeat(state.heartbeat, HeartbeatMode.peer_allowed_to_send == state.heartbeatPolicy);
 
-            return new DtlsTransport(recordLayer);
+            return new DtlsTransport(recordLayer, state.server.IgnoreCorruptDtlsRecords);
         }
 
         /// <exception cref="IOException"/>
-- 
cgit 1.4.1