diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/tls/tls_record.cpp | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/tls/tls_record.cpp b/src/tls/tls_record.cpp index a0ddfff5b..45e7fef42 100644 --- a/src/tls/tls_record.cpp +++ b/src/tls/tls_record.cpp @@ -285,6 +285,10 @@ size_t read_record(std::vector<byte>& readbuf, // Possible SSLv2 format client hello if((!cipherstate) && (readbuf[0] & 0x80) && (readbuf[2] == 1)) { + if(version.is_datagram_protocol()) + throw TLS_Exception(Alert::PROTOCOL_VERSION, + "Client sent SSLv2-style DTLS hello"); + if(readbuf[3] == 0 && readbuf[4] == 2) throw TLS_Exception(Alert::PROTOCOL_VERSION, "Client claims to only support SSLv2, rejecting"); |