Sniffer Fix

Drop a handshake message if it is split across TLS records. The likely
messages dropped are certificate and certificate request, which are
ignored by the sniffer.

src/sniffer.c

@@ -245,7 +245,8 @@ static const char* const msgTable[] =
 
     /* 81 */
     "Bad Decrypt Size",
-    "Extended Master Secret Hash Error"
+    "Extended Master Secret Hash Error",
+    "Handshake Message Split Across TLS Records"
 };
 
 
@@ -2060,8 +2061,9 @@ static int DoHandShake(const byte* input, int* sslBytes,
     startBytes = *sslBytes;
 
     if (*sslBytes < size) {
-        SetError(HANDSHAKE_INPUT_STR, error, session, FATAL_ERROR_STATE);
-        return -1;
+        Trace(SPLIT_HANDSHAKE_MSG_STR);
+        *sslBytes = 0;
+        return ret;
     }
 
     /* A session's arrays are released when the handshake is completed. */

wolfssl/sniffer_error.h

@@ -118,6 +118,7 @@
 
 #define BAD_DECRYPT_SIZE 81
 #define EXTENDED_MASTER_HASH_STR 82
+#define SPLIT_HANDSHAKE_MSG_STR 83
 /* !!!! also add to msgTable in sniffer.c and .rc file !!!! */
 
 

wolfssl/sniffer_error.rc

@@ -99,5 +99,6 @@ STRINGTABLE
 
     81, "Bad Decrypt Size"
     82, "Extended Master Secret Hash Error"
+    83, "Handshake Message Split Across TLS Records"
 }