diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-11-02 06:32:38 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-11-02 06:32:38 +0000 |
| commit | a701817616bdf263d4dcb688bd0cb4705e7a37c8 (patch) | |
| tree | 94824c75785ba36f9036bdfd05d1ba63c074ca0b | |
| parent | d5005f2262664bfed7c5c4095ef2aefe40b69fe3 (diff) | |
| parent | ba4c0ced0159c1fc871c5c61a24b7e6927bbe9b1 (diff) | |
| download | gnutls-a701817616bdf263d4dcb688bd0cb4705e7a37c8.tar.gz | |
Merge branch 'tmp-fix-record-size-limit-tls12' into 'master'
ext/record_size_limit: handle the extension in TLS 1.2 ServerHello
Closes #599
See merge request gnutls/gnutls!791
| -rw-r--r-- | lib/ext/record_size_limit.c | 2 | ||||
| -rw-r--r-- | tests/tls-record-size-limit.c | 26 |
2 files changed, 19 insertions, 9 deletions
diff --git a/lib/ext/record_size_limit.c b/lib/ext/record_size_limit.c index bb8d0c4d97..811e2ea93f 100644 --- a/lib/ext/record_size_limit.c +++ b/lib/ext/record_size_limit.c @@ -41,7 +41,7 @@ const hello_ext_entry_st ext_mod_record_size_limit = { .gid = GNUTLS_EXTENSION_RECORD_SIZE_LIMIT, .parse_type = GNUTLS_EXT_TLS, .validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO | - GNUTLS_EXT_FLAG_EE, + GNUTLS_EXT_FLAG_EE | GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO, .recv_func = _gnutls_record_size_limit_recv_params, .send_func = _gnutls_record_size_limit_send_params }; diff --git a/tests/tls-record-size-limit.c b/tests/tls-record-size-limit.c index 7a56c0ec64..8c9729719f 100644 --- a/tests/tls-record-size-limit.c +++ b/tests/tls-record-size-limit.c @@ -116,8 +116,19 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, ret = gnutls_ext_raw_parse(&client_handshake_cb_data, ext_callback, msg, 0); assert(ret >= 0); break; + case GNUTLS_HANDSHAKE_SERVER_HELLO: + assert(msg->size >= HANDSHAKE_SESSION_ID_POS); + pos = HANDSHAKE_SESSION_ID_POS; + SKIP8(pos, msg->size); + pos += 3; + + mmsg.data = &msg->data[pos]; + mmsg.size = msg->size - pos; + ret = gnutls_ext_raw_parse(&client_handshake_cb_data, ext_callback, &mmsg, 0); + assert(ret >= 0); + break; default: - abort(); + break; } return 0; } @@ -201,7 +212,6 @@ static void start(const struct test_st *test) /* Init client */ - ret = gnutls_certificate_allocate_credentials(&clientx509cred); if (ret < 0) exit(1); @@ -239,7 +249,7 @@ static void start(const struct test_st *test) client_handshake_cb_data.session = client; gnutls_handshake_set_hook_function(client, - GNUTLS_HANDSHAKE_ENCRYPTED_EXTENSIONS, + GNUTLS_HANDSHAKE_ANY, GNUTLS_HOOK_POST, handshake_callback); @@ -294,7 +304,7 @@ static const struct test_st tests[] = { }, .expect_client_ext = { .max_record_size = 0, - .record_size_limit = 0 + .record_size_limit = 1 } }, { @@ -308,7 +318,7 @@ static const struct test_st tests[] = { }, .expect_client_ext = { .max_record_size = 0, - .record_size_limit = 0 + .record_size_limit = 1 } }, { @@ -322,7 +332,7 @@ static const struct test_st tests[] = { }, .expect_client_ext = { .max_record_size = 0, - .record_size_limit = 0 + .record_size_limit = 1 } }, { @@ -336,7 +346,7 @@ static const struct test_st tests[] = { }, .expect_client_ext = { .max_record_size = 0, - .record_size_limit = 0 + .record_size_limit = 1 } }, { @@ -350,7 +360,7 @@ static const struct test_st tests[] = { }, .expect_client_ext = { .max_record_size = 0, - .record_size_limit = 0 + .record_size_limit = 1 } }, |