Recognizing TLS Extension "HeartBeat" as Valid TLS Packet

Motivation:

The widely used SSL Implementation, OpenSSL, already supports Heartbeat Extension; both sending and responding to Heartbeat Messages. But, since Netty is not recognizing that extension as valid packet, peers won't be able to use this extension.

Modification:

Update SslUtils.java to recognize Heartbeat Extension as valid tls packet.

Result:

With this change, softwares using Netty + OpenSSL will be able to respond for TLS Heartbeat requests (actually taken care by OpenSSL - no need of any extra implementation from Clients)
This commit is contained in:
R Kaja Mohideen 2017-03-09 21:24:57 +05:30 committed by Norman Maurer
parent 6036b3f6ea
commit 13cd69c5ec

View File

@ -48,6 +48,11 @@ final class SslUtils {
*/ */
static final int SSL_CONTENT_TYPE_APPLICATION_DATA = 23; static final int SSL_CONTENT_TYPE_APPLICATION_DATA = 23;
/**
* HeartBeat Extension
*/
static final int SSL_CONTENT_TYPE_EXTENSION_HEARTBEAT = 24;
/** /**
* the length of the ssl record header (in bytes) * the length of the ssl record header (in bytes)
*/ */
@ -90,6 +95,7 @@ final class SslUtils {
case SSL_CONTENT_TYPE_ALERT: case SSL_CONTENT_TYPE_ALERT:
case SSL_CONTENT_TYPE_HANDSHAKE: case SSL_CONTENT_TYPE_HANDSHAKE:
case SSL_CONTENT_TYPE_APPLICATION_DATA: case SSL_CONTENT_TYPE_APPLICATION_DATA:
case SSL_CONTENT_TYPE_EXTENSION_HEARTBEAT:
tls = true; tls = true;
break; break;
default: default:
@ -176,6 +182,7 @@ final class SslUtils {
case SSL_CONTENT_TYPE_ALERT: case SSL_CONTENT_TYPE_ALERT:
case SSL_CONTENT_TYPE_HANDSHAKE: case SSL_CONTENT_TYPE_HANDSHAKE:
case SSL_CONTENT_TYPE_APPLICATION_DATA: case SSL_CONTENT_TYPE_APPLICATION_DATA:
case SSL_CONTENT_TYPE_EXTENSION_HEARTBEAT:
tls = true; tls = true;
break; break;
default: default: