source-git / mingw-gnutls

Clone
Source Code
GIT

Files

  1.   f6533347d87caea1b0e7da73f23a9ef464150ce5
  2.   lib
  3.   ext
  4.   max_record.c
Blob Blame History Raw 
/*
 * Copyright (C) 2001-2012 Free Software Foundation, Inc.
 *
 * Author: Nikos Mavrogiannopoulos
 *
 * This file is part of GnuTLS.
 *
 * The GnuTLS is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public License
 * as published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>
 *
 */

/* This file contains the code for the Max Record Size TLS extension.
 */

#include "gnutls_int.h"
#include "errors.h"
#include "num.h"
#include <extensions.h>
#include <ext/max_record.h>

static int _gnutls_max_record_recv_params(gnutls_session_t session,
					  const uint8_t * data,
					  size_t data_size);
static int _gnutls_max_record_send_params(gnutls_session_t session,
					  gnutls_buffer_st * extdata);

static int _gnutls_max_record_unpack(gnutls_buffer_st * ps,
				     gnutls_ext_priv_data_t * _priv);
static int _gnutls_max_record_pack(gnutls_ext_priv_data_t _priv,
				   gnutls_buffer_st * ps);

/* Maps record size to numbers according to the
 * extensions draft.
 */
static int _gnutls_mre_num2record(int num);
static int _gnutls_mre_record2num(uint16_t record_size);


const extension_entry_st ext_mod_max_record_size = {
	.name = "Maximum Record Size",
	.type = GNUTLS_EXTENSION_MAX_RECORD_SIZE,
	.parse_type = GNUTLS_EXT_TLS,

	.recv_func = _gnutls_max_record_recv_params,
	.send_func = _gnutls_max_record_send_params,
	.pack_func = _gnutls_max_record_pack,
	.unpack_func = _gnutls_max_record_unpack,
	.deinit_func = NULL,
	.cannot_be_overriden = 0
};

/* 
 * In case of a server: if a MAX_RECORD_SIZE extension type is received then it stores
 * into the session the new value. The server may use gnutls_get_max_record_size(),
 * in order to access it.
 *
 * In case of a client: If a different max record size (than the default) has
 * been specified then it sends the extension.
 *
 */

static int
_gnutls_max_record_recv_params(gnutls_session_t session,
			       const uint8_t * data, size_t _data_size)
{
	ssize_t new_size;
	ssize_t data_size = _data_size;
	gnutls_ext_priv_data_t epriv;
	int ret;

	if (session->security_parameters.entity == GNUTLS_SERVER) {
		if (data_size > 0) {
			DECR_LEN(data_size, 1);

			new_size = _gnutls_mre_num2record(data[0]);

			if (new_size < 0) {
				gnutls_assert();
				return new_size;
			}

			session->security_parameters.max_record_send_size =
			    new_size;
			session->security_parameters.max_record_recv_size =
			    new_size;
		}
	} else {		/* CLIENT SIDE - we must check if the sent record size is the right one 
				 */
		if (data_size > 0) {
			ret = _gnutls_ext_get_session_data(session,
							   GNUTLS_EXTENSION_MAX_RECORD_SIZE,
							   &epriv);
			if (ret < 0) {
				gnutls_assert();
				return GNUTLS_E_INTERNAL_ERROR;
			}

			if (data_size != 1) {
				gnutls_assert();
				return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
			}

			new_size = _gnutls_mre_num2record(data[0]);

			if (new_size < 0
			    || new_size != (intptr_t) epriv) {
				gnutls_assert();
				return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
			} else {
				session->security_parameters.
				    max_record_recv_size = (intptr_t)epriv;
			}

		}


	}

	return 0;
}

/* returns data_size or a negative number on failure
 */
static int
_gnutls_max_record_send_params(gnutls_session_t session,
			       gnutls_buffer_st * extdata)
{
	uint8_t p;
	int ret;

	/* this function sends the client extension data (dnsname) */
	if (session->security_parameters.entity == GNUTLS_CLIENT) {
		gnutls_ext_priv_data_t epriv;

		ret = _gnutls_ext_get_session_data(session,
						   GNUTLS_EXTENSION_MAX_RECORD_SIZE,
						   &epriv);
		if (ret < 0) {	/* it is ok not to have it */
			return 0;
		}

		if ((intptr_t)epriv != DEFAULT_MAX_RECORD_SIZE) {
			p = (uint8_t) _gnutls_mre_record2num((intptr_t)epriv);
			ret = _gnutls_buffer_append_data(extdata, &p, 1);
			if (ret < 0)
				return gnutls_assert_val(ret);

			return 1;
		}

	} else {		/* server side */

		if (session->security_parameters.max_record_recv_size !=
		    DEFAULT_MAX_RECORD_SIZE) {
			p = (uint8_t)
			    _gnutls_mre_record2num
			    (session->security_parameters.
			     max_record_recv_size);

			ret = _gnutls_buffer_append_data(extdata, &p, 1);
			if (ret < 0)
				return gnutls_assert_val(ret);

			return 1;
		}
	}

	return 0;
}


static int
_gnutls_max_record_pack(gnutls_ext_priv_data_t epriv, gnutls_buffer_st * ps)
{
	int ret;

	BUFFER_APPEND_NUM(ps, (intptr_t)epriv);

	return 0;

}

static int
_gnutls_max_record_unpack(gnutls_buffer_st * ps,
			  gnutls_ext_priv_data_t * _priv)
{
	gnutls_ext_priv_data_t epriv;
	int ret;

	BUFFER_POP_CAST_NUM(ps, epriv);

	*_priv = epriv;

	ret = 0;
      error:
	return ret;
}


/* Maps numbers to record sizes according to the
 * extensions draft.
 */
static int _gnutls_mre_num2record(int num)
{
	switch (num) {
	case 1:
		return 512;
	case 2:
		return 1024;
	case 3:
		return 2048;
	case 4:
		return 4096;
	default:
		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
	}
}

/* Maps record size to numbers according to the
 * extensions draft.
 */
static int _gnutls_mre_record2num(uint16_t record_size)
{
	switch (record_size) {
	case 512:
		return 1;
	case 1024:
		return 2;
	case 2048:
		return 3;
	case 4096:
		return 4;
	default:
		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
	}

}

/**
 * gnutls_record_get_max_size:
 * @session: is a #gnutls_session_t type.
 *
 * Get the record size.  The maximum record size is negotiated by the
 * client after the first handshake message.
 *
 * Returns: The maximum record packet size in this connection.
 **/
size_t gnutls_record_get_max_size(gnutls_session_t session)
{
	/* Recv will hold the negotiated max record size
	 * always.
	 */
	return session->security_parameters.max_record_recv_size;
}


/**
 * gnutls_record_set_max_size:
 * @session: is a #gnutls_session_t type.
 * @size: is the new size
 *
 * This function sets the maximum record packet size in this
 * connection.  This property can only be set to clients.  The server
 * may choose not to accept the requested size.
 *
 * Acceptable values are 512(=2^9), 1024(=2^10), 2048(=2^11) and
 * 4096(=2^12).  The requested record size does get in effect
 * immediately only while sending data. The receive part will take
 * effect after a successful handshake.
 *
 * This function uses a TLS extension called 'max record size'.  Not
 * all TLS implementations use or even understand this extension.
 *
 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
 *   otherwise a negative error code is returned.
 **/
ssize_t gnutls_record_set_max_size(gnutls_session_t session, size_t size)
{
	ssize_t new_size;
	gnutls_ext_priv_data_t epriv;

	if (session->security_parameters.entity == GNUTLS_SERVER)
		return GNUTLS_E_INVALID_REQUEST;

	new_size = _gnutls_mre_record2num(size);

	if (new_size < 0) {
		gnutls_assert();
		return new_size;
	}

	session->security_parameters.max_record_send_size = size;
	epriv = (void *)(intptr_t)size;

	_gnutls_ext_set_session_data(session,
				     GNUTLS_EXTENSION_MAX_RECORD_SIZE,
				     epriv);

	return 0;
}

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation