diff options
Diffstat (limited to 'lib/record.c')
-rw-r--r-- | lib/record.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/lib/record.c b/lib/record.c index 4589765524..96bf5736a9 100644 --- a/lib/record.c +++ b/lib/record.c @@ -1190,8 +1190,15 @@ static int recv_headers(gnutls_session_t session, (session, "Received packet with illegal length: %u\n", (unsigned int) record->length); - if (record->length == 0) + if (record->length == 0) { + /* Empty, unencrypted records are always unexpected. */ + if (record_params->cipher->id == GNUTLS_CIPHER_NULL) + return + gnutls_assert_val + (GNUTLS_E_UNEXPECTED_PACKET); + return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED); + } return gnutls_assert_val(GNUTLS_E_RECORD_OVERFLOW); } |