[ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
3.4 The TLS Alert Protocol
The Alert protocol is there to allow signals to be sent between peers.
These signals are mostly used to inform the peer about the cause of a
protocol failure. Some of these signals are used internally by the
protocol and the application protocol does not have to cope with them
(see GNUTLS_A_CLOSE_NOTIFY
), and others refer to the
application protocol solely (see GNUTLS_A_USER_CANCELLED
). An
alert signal includes a level indication which may be either fatal or
warning. Fatal alerts always terminate the current connection, and
prevent future renegotiations using the current session ID.
The alert messages are protected by the record protocol, thus the information that is included does not leak. You must take extreme care for the alert information not to leak to a possible attacker, via public log files etc.
- gnutls_alert_send:
To send an alert signal.
- gnutls_error_to_alert:
To map a gnutls error number to an alert signal.
- gnutls_alert_get:
Returns the last received alert.
- gnutls_alert_get_name:
Returns the name, in a character array, of the given alert.