From: Chul Lee Date: Fri, 13 Jan 2017 05:12:58 +0000 (+0900) Subject: Updated SSL_CHECK_FAIL macro to ignore bad client hello message. X-Git-Tag: 1.3.0~669 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=f46b12b20d6c4b015dd15ff983078315f113ed7a;p=platform%2Fupstream%2Fiotivity.git Updated SSL_CHECK_FAIL macro to ignore bad client hello message. Change-Id: I317e63d192af372844e672650c261578508e9331 Signed-off-by: Chul Lee Reviewed-on: https://gerrit.iotivity.org/gerrit/16367 Tested-by: jenkins-iotivity Reviewed-by: Jongsung Lee Reviewed-by: Randeep Singh (cherry picked from commit 7198d2fdd91adec7df769a78ef66d2b87d8d9e47) Reviewed-on: https://gerrit.iotivity.org/gerrit/17171 --- diff --git a/resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c b/resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c index b6a795e..a428e71 100644 --- a/resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c +++ b/resource/csdk/connectivity/src/adapter_util/ca_adapter_net_ssl.c @@ -245,12 +245,15 @@ if (0 != (ret) && MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY != (int) (ret) && { \ oc_mutex_unlock(g_sslContextMutex); \ } \ - SSL_RES((peer), CA_DTLS_AUTHENTICATION_FAILURE); \ + if ((int) MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO != (int)(ret)) \ + { \ + SSL_RES((peer), CA_DTLS_AUTHENTICATION_FAILURE); \ + } \ OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__); \ if (-1 != error) \ { \ return (error); \ - } \ + } \ } /**@def CONF_SSL(clientConf, serverConf, fn, ...) *