diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-01-05 00:23:31 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-01-05 00:23:31 +0000 |
commit | 166dea6ac8495719983ab241170793584e3ece8c (patch) | |
tree | 27313bcfb95f4501acc961f57b9cba2647553c7a /ssl | |
parent | 52bef4d67724ee826512dd6cd22d0d82a3c83945 (diff) |
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Send fatal alert if heartbeat extension has an illegal value.
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/t1_lib.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 4734c37e0a..1a46d891c0 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -825,6 +825,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha *(ret++) = SSL_TLSEXT_HB_DONT_SEND_REQUESTS; else *(ret++) = SSL_TLSEXT_HB_ENABLED; + } #endif @@ -1282,6 +1283,8 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED; s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS; break; + default: *al = SSL_AD_ILLEGAL_PARAMETER; + return 0; } } #endif @@ -1553,6 +1556,8 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED; s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS; break; + default: *al = SSL_AD_ILLEGAL_PARAMETER; + return 0; } } #endif |