ext/record_size_limit: new extension

This implements the record_size_limit extension as defined in RFC 8449.

Although it obsoletes the max_record_size extension, for compatibility
reasons GnuTLS still sends it on certain occasions.  For example, when
the new size is representable as the codepoint defined for
max_record_size.

Signed-off-by: Daiki Ueno <dueno@redhat.com>

4 files changed, 169 insertions, 25 deletions

diff --git a/lib/ext/Makefile.am b/lib/ext/Makefile.am
index cbd68c8588..b7f204f1d9 100644
--- a/lib/ext/Makefile.am
+++ b/lib/ext/Makefile.am
@@ -47,7 +47,8 @@ libgnutls_ext_la_SOURCES = max_record.c \
 	psk_ke_modes.c psk_ke_modes.h pre_shared_key.c pre_shared_key.h \
 	supported_groups.c supported_groups.h \
 	ec_point_formats.c ec_point_formats.h \
-	early_data.c early_data.h
+	early_data.c early_data.h \
+	record_size_limit.c record_size_limit.h
 
 if ENABLE_ALPN
 libgnutls_ext_la_SOURCES += alpn.c alpn.h
diff --git a/lib/ext/max_record.c b/lib/ext/max_record.c
index 8edf5a2183..2a7a9d3496 100644
--- a/lib/ext/max_record.c
+++ b/lib/ext/max_record.c
@@ -70,6 +70,9 @@ _gnutls_max_record_recv_params(gnutls_session_t session,
 	ssize_t new_size;
 	ssize_t data_size = _data_size;
 
+	if (session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_NEGOTIATED)
+		return 0;
+
 	if (session->security_parameters.entity == GNUTLS_SERVER) {
 		if (data_size > 0) {
 			DECR_LEN(data_size, 1);
@@ -96,8 +99,12 @@ _gnutls_max_record_recv_params(gnutls_session_t session,
 
 			new_size = _gnutls_mre_num2record(data[0]);
 
-			if (new_size < 0 ||
-			    new_size != session->security_parameters.
+			if (new_size < 0) {
+				gnutls_assert();
+				return new_size;
+			}
+
+			if (new_size != session->security_parameters.
 			    max_record_send_size) {
 				gnutls_assert();
 				return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
@@ -127,11 +134,16 @@ _gnutls_max_record_send_params(gnutls_session_t session,
 	if (session->security_parameters.entity == GNUTLS_CLIENT) {
 		if (session->security_parameters.max_record_send_size !=
 		    DEFAULT_MAX_RECORD_SIZE) {
-			p = (uint8_t)
-			    _gnutls_mre_record2num
-			    (session->security_parameters.
-			     max_record_send_size);
+			ret = _gnutls_mre_record2num
+			      (session->security_parameters.
+			       max_record_send_size);
+
+			/* it's not an error, as long as we send the
+			 * record_size_limit extension with that value */
+			if (ret < 0)
+				return 0;
 
+			p = (uint8_t) ret;
 			ret = _gnutls_buffer_append_data(extdata, &p, 1);
 			if (ret < 0)
 				return gnutls_assert_val(ret);
@@ -143,11 +155,16 @@ _gnutls_max_record_send_params(gnutls_session_t session,
 
 		if (session->security_parameters.max_record_recv_size !=
 		    DEFAULT_MAX_RECORD_SIZE) {
-			p = (uint8_t)
-			    _gnutls_mre_record2num
-			    (session->security_parameters.
-			     max_record_recv_size);
+			ret = _gnutls_mre_record2num
+			      (session->security_parameters.
+			       max_record_recv_size);
 
+			/* it's not an error, as long as we send the
+			 * record_size_limit extension with that value */
+			if (ret < 0)
+				return 0;
+
+			p = (uint8_t) ret;
 			ret = _gnutls_buffer_append_data(extdata, &p, 1);
 			if (ret < 0)
 				return gnutls_assert_val(ret);
@@ -226,30 +243,28 @@ size_t gnutls_record_get_max_size(gnutls_session_t session)
  * connection.  This property can only be set to clients.  The server
  * may choose not to accept the requested size.
  *
- * Acceptable values are 512(=2^9), 1024(=2^10), 2048(=2^11) and
- * 4096(=2^12).  The requested record size does get in effect
- * immediately only while sending data. The receive part will take
- * effect after a successful handshake.
+ * The requested record size does get in effect immediately only while
+ * sending data. The receive part will take effect after a successful
+ * handshake.
  *
- * This function uses a TLS extension called 'max record size'.  Not
- * all TLS implementations use or even understand this extension.
+ * Prior to 3.6.4, this function was implemented using a TLS extension
+ * called 'max record size', which limits the acceptable values to
+ * 512(=2^9), 1024(=2^10), 2048(=2^11) and 4096(=2^12). Since 3.6.4,
+ * it uses another TLS extension called 'record size limit', which
+ * doesn't have the limitation, as long as the value ranges between
+ * 512 and 16384.  Note that not all TLS implementations use or even
+ * understand those extension.
  *
  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
  *   otherwise a negative error code is returned.
  **/
 ssize_t gnutls_record_set_max_size(gnutls_session_t session, size_t size)
 {
-	ssize_t new_size;
-
 	if (session->security_parameters.entity == GNUTLS_SERVER)
 		return GNUTLS_E_INVALID_REQUEST;
 
-	new_size = _gnutls_mre_record2num(size);
-
-	if (new_size < 0) {
-		gnutls_assert();
-		return new_size;
-	}
+	if (size < MIN_RECORD_SIZE || size > DEFAULT_MAX_RECORD_SIZE)
+		return GNUTLS_E_INVALID_REQUEST;
 
 	session->security_parameters.max_record_send_size = size;
 
diff --git a/lib/ext/record_size_limit.c b/lib/ext/record_size_limit.c
new file mode 100644
index 0000000000..bb8d0c4d97
--- /dev/null
+++ b/lib/ext/record_size_limit.c
@@ -0,0 +1,98 @@
+/*
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the code for the Record Size Limit TLS extension.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "num.h"
+#include <hello_ext.h>
+#include <ext/record_size_limit.h>
+
+static int _gnutls_record_size_limit_recv_params(gnutls_session_t session,
+						 const uint8_t * data,
+						 size_t data_size);
+static int _gnutls_record_size_limit_send_params(gnutls_session_t session,
+						 gnutls_buffer_st * extdata);
+
+const hello_ext_entry_st ext_mod_record_size_limit = {
+	.name = "Record Size Limit",
+	.tls_id = 28,
+	.gid = GNUTLS_EXTENSION_RECORD_SIZE_LIMIT,
+	.parse_type = GNUTLS_EXT_TLS,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO |
+		    GNUTLS_EXT_FLAG_EE,
+	.recv_func = _gnutls_record_size_limit_recv_params,
+	.send_func = _gnutls_record_size_limit_send_params
+};
+
+static int
+_gnutls_record_size_limit_recv_params(gnutls_session_t session,
+				      const uint8_t * data, size_t _data_size)
+{
+	ssize_t new_size;
+	ssize_t data_size = _data_size;
+
+	DECR_LEN(data_size, 2);
+	new_size = _gnutls_read_uint16(data);
+
+	/* protocol error */
+	if (new_size < 64)
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	/* we do not want to accept sizes less than our minimum */
+	if (new_size < MIN_RECORD_SIZE)
+		return 0;
+
+	session->internals.hsk_flags |= HSK_RECORD_SIZE_LIMIT_NEGOTIATED;
+
+	/* if a larger record size limit than the protocol limit is
+	 * provided by the peer, ignore it and stick to the default */
+	if (unlikely(new_size > DEFAULT_MAX_RECORD_SIZE))
+		return gnutls_assert_val(0);
+
+	session->security_parameters.max_record_send_size = new_size;
+	session->security_parameters.max_record_recv_size = new_size;
+
+	return 0;
+}
+
+/* returns data_size or a negative number on failure
+ */
+static int
+_gnutls_record_size_limit_send_params(gnutls_session_t session,
+				      gnutls_buffer_st * extdata)
+{
+	int ret;
+
+	assert(session->security_parameters.max_record_send_size >= 64 &&
+	       session->security_parameters.max_record_send_size <=
+	       DEFAULT_MAX_RECORD_SIZE);
+
+	ret = _gnutls_buffer_append_prefix(extdata, 16,
+					   session->security_parameters.max_record_send_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 2;
+}
diff --git a/lib/ext/record_size_limit.h b/lib/ext/record_size_limit.h
new file mode 100644
index 0000000000..16e027c6c9
--- /dev/null
+++ b/lib/ext/record_size_limit.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef EXT_RECORD_SIZE_LIMIT_H
+#define EXT_RECORD_SIZE_LIMIT_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_record_size_limit;
+
+#endif