Merge pull request #357 from tomato42/heartbeat-padding-collection

fixups to heartbeat support

Author: tomato42

tlslite/messages.py

@@ -2279,6 +2279,7 @@ def parse(self, p):
         """
         self.message_type = p.get(1)
         self.payload = p.getVarBytes(2)
+        self.padding = p.getFixBytes(p.getRemainingLength())
         return self
 
     def write(self):

tlslite/tlsrecordlayer.py

@@ -845,20 +845,24 @@ def _getMsg(self, expectedType, secondaryType=None, constructorType=None):
                                             "Received heartbeat_request to "
                                             "peer_not_allowed_to_send mode"):
                                         yield result
-                                else:
-                                    heartbeat_response = heartbeat_message.\
-                                        create_response()
+                                if len(heartbeat_message.padding) < 16:
+                                    # per RFC, silently ignore if the message
+                                    # is malformed
+                                    continue
+                                heartbeat_response = heartbeat_message.\
+                                    create_response()
                                 for result in self._sendMsg(
                                         heartbeat_response):
                                     yield result
                             # If we received heartbeat response, then we
                             # check, if its payload is same as payload of
                             # request we sent
                             elif heartbeat_message.message_type == \
-                                    HeartbeatMessageType.heartbeat_response:
+                                    HeartbeatMessageType.heartbeat_response \
+                                    and self.heartbeat_response_callback:
                                 self.heartbeat_response_callback(
                                     heartbeat_message)
-                        except socket.error:
+                        except (socket.error, SyntaxError):
                             pass
                         continue
 

unit_tests/test_tlslite_messages.py

@@ -3615,13 +3615,14 @@ def test_parse(self):
             b'\x01' +       # request
             b'\x00\x01' +   # payload length
             b'\x00' +       # payload
-            b'\x00'         # padding
+            b'\xff'         # padding
             ))
 
         heartbeat_msg = heartbeat_msg.parse(parser)
 
         self.assertEqual(heartbeat_msg.message_type, 1)
         self.assertEqual(heartbeat_msg.payload, b'\x00')
+        self.assertEqual(heartbeat_msg.padding, b'\xff')
 
     def test_parse_with_missing_data(self):
         heartbeat_msg = Heartbeat()