commit 0a9251870ac0b902bc8ece6c1111c2802855346e
author Paul Bakker <p.j.bakker@polarssl.org> Mon Apr 16 06:46:41 2012 +0000
committer Paul Bakker <p.j.bakker@polarssl.org> Mon Apr 16 06:46:41 2012 +0000
tree 07522b9b9a7802257669136d98f89d6cdb042084
parent 6f3578cfc836da34c54422504283eff4502a73c9

 - Report unexpected_message if unknown record type is received

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index e697f4e..98a2187 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1359,6 +1359,22 @@
         }
     }
 
+    if( ssl->in_msgtype != SSL_MSG_HANDSHAKE &&
+        ssl->in_msgtype != SSL_MSG_ALERT &&
+        ssl->in_msgtype != SSL_MSG_CHANGE_CIPHER_SPEC &&
+        ssl->in_msgtype != SSL_MSG_APPLICATION_DATA )
+    {
+        SSL_DEBUG_MSG( 1, ( "unknown record type" ) );
+
+        if( ( ret = ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL,
+              SSL_ALERT_MSG_UNEXPECTED_MESSAGE ) ) != 0 )
+        {
+            return( ret );
+        }
+
+        return( POLARSSL_ERR_SSL_INVALID_RECORD );
+    }
+
     if( ssl->in_msgtype == SSL_MSG_HANDSHAKE )
     {
         ssl->in_hslen  = 4;
@@ -1421,6 +1437,30 @@
     return( 0 );
 }
 
+int ssl_send_alert_message( ssl_context *ssl,
+                            unsigned char level,
+                            unsigned char message )
+{
+    int ret;
+
+    SSL_DEBUG_MSG( 2, ( "=> send alert message" ) );
+
+    ssl->out_msgtype = SSL_MSG_ALERT;
+    ssl->out_msglen = 2;
+    ssl->out_msg[0] = level;
+    ssl->out_msg[1] = message;
+
+    if( ( ret = ssl_write_record( ssl ) ) != 0 )
+    {
+        SSL_DEBUG_RET( 1, "ssl_write_record", ret );
+        return( ret );
+    }
+
+    SSL_DEBUG_MSG( 2, ( "<= send alert message" ) );
+
+    return( 0 );
+}
+
 /*
  * Handshake functions
  */