diff options
author | Rich Salz <rsalz@akamai.com> | 2016-01-25 13:30:37 -0500 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2016-02-11 12:57:26 -0500 |
commit | 22e3dcb7808bb06cd18c3231e34a5930e796cc48 (patch) | |
tree | f4143956f14f3eb5bd225021b8f09ad66554e025 /ssl/record | |
parent | f3f1cf8444f439c0be9de04bf3821a20d00fd956 (diff) |
Remove TLS heartbeat, disable DTLS heartbeat
To enable heartbeats for DTLS, configure with enable-heartbeats.
Heartbeats for TLS have been completely removed.
This addresses RT 3647
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl/record')
-rw-r--r-- | ssl/record/rec_layer_d1.c | 2 | ||||
-rw-r--r-- | ssl/record/rec_layer_s3.c | 16 |
2 files changed, 1 insertions, 17 deletions
diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index c53ef9a1ac..49e8f462f4 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -628,7 +628,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, dest_len = &s->rlayer.d->alert_fragment_len; } #ifndef OPENSSL_NO_HEARTBEATS - else if (SSL3_RECORD_get_type(rr) == TLS1_RT_HEARTBEAT) { + else if (SSL3_RECORD_get_type(rr) == DTLS1_RT_HEARTBEAT) { /* We allow a 0 return */ if (dtls1_process_heartbeat(s, SSL3_RECORD_get_data(rr), SSL3_RECORD_get_length(rr)) < 0) { diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index d0f17bb0c7..6a4f92f9ba 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -1176,22 +1176,6 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, dest = s->rlayer.alert_fragment; dest_len = &s->rlayer.alert_fragment_len; } -#ifndef OPENSSL_NO_HEARTBEATS - else if (SSL3_RECORD_get_type(rr)== TLS1_RT_HEARTBEAT) { - /* We can ignore 0 return values */ - if (tls1_process_heartbeat(s, SSL3_RECORD_get_data(rr), - SSL3_RECORD_get_length(rr)) < 0) { - return -1; - } - - /* Exit and notify application to read again */ - SSL3_RECORD_set_length(rr, 0); - s->rwstate = SSL_READING; - BIO_clear_retry_flags(SSL_get_rbio(s)); - BIO_set_retry_read(SSL_get_rbio(s)); - return (-1); - } -#endif if (dest_maxlen > 0) { n = dest_maxlen - *dest_len; /* available space in 'dest' */ |