mirrors/ladybird
0
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-08-05 07:41:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

LibTLS: Treat a close_notify before agreeing on a cipher suite as a handshake failure

Browse source 
Some TLS implementations (namely, AWS CloudFront) do this instead of
sending handshake_failure for some reason.
This commit is contained in:
Luke 2020-10-25 21:09:10 +00:00 committed by Andreas Kling
commit 63a94deb43
Notes: sideshowbarker 2024-07-19 01:43:08 +09:00
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Libraries/LibTLS/Record.cpp
View file

@ -315,6 +315,12 @@ ssize_t TLSv12::handle_message(const ByteBuffer& buffer)
res += 2; res += 2;
alert(AlertLevel::Critical, AlertDescription::CloseNotify); alert(AlertLevel::Critical, AlertDescription::CloseNotify);
m_context.connection_finished = true; m_context.connection_finished = true;
if (!m_context.cipher_spec_set) {
// AWS CloudFront hits this.
dbg() << "Server sent a close notify and we haven't agreed on a cipher suite. Treating it as a handshake failure.";
m_context.critical_error = (u8)AlertDescription::HandshakeFailure;
try_disambiguate_error();
}
} }
m_context.error_code = (Error)code; m_context.error_code = (Error)code;
} }