Treat alerts as fatal errors regardless of level in TLS1.3

This commit is contained in:
Tobias Frauenschläger
2026-03-05 12:30:59 +01:00
parent 1c8d593af7
commit 11fc781d0d
3 changed files with 65 additions and 0 deletions
+15
View File
@@ -22036,6 +22036,12 @@ static int DoAlert(WOLFSSL* ssl, byte* input, word32* inOutIdx, int* type)
if (level == alert_fatal) {
ssl->options.isClosed = 1; /* Don't send close_notify */
}
/* RFC 8446 Section 6.2: In TLS 1.3, all error alerts are implicitly
* fatal regardless of the AlertLevel byte. */
if (IsAtLeastTLSv1_3(ssl->version) &&
code != close_notify && code != user_canceled) {
ssl->options.isClosed = 1;
}
}
if (++ssl->options.alertCount >= WOLFSSL_ALERT_COUNT_MAX) {
@@ -23510,6 +23516,15 @@ default:
if (type == decrypt_error)
return FATAL_ERROR;
/* RFC 8446 Section 6.2: In TLS 1.3, all error alerts MUST
* be treated as fatal regardless of the AlertLevel byte.
* Only close_notify (handled above) and user_canceled
* are exempt. */
if (IsAtLeastTLSv1_3(ssl->version) &&
type != user_canceled && type != invalid_alert) {
return FATAL_ERROR;
}
/* Reset error if we got an alert level in ret */
if (ret > 0)
ret = 0;