diff options
-rw-r--r-- | lib/ext/max_record.c | 8 | ||||
-rw-r--r-- | lib/ext/record_size_limit.c | 2 | ||||
-rw-r--r-- | lib/gnutls_int.h | 5 | ||||
-rw-r--r-- | lib/hello_ext.c | 4 |
4 files changed, 11 insertions, 8 deletions
diff --git a/lib/ext/max_record.c b/lib/ext/max_record.c index 2a7a9d3496..17c06e483f 100644 --- a/lib/ext/max_record.c +++ b/lib/ext/max_record.c @@ -153,16 +153,16 @@ _gnutls_max_record_send_params(gnutls_session_t session, } else { /* server side */ + if (session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_SENT) + return 0; + if (session->security_parameters.max_record_recv_size != DEFAULT_MAX_RECORD_SIZE) { ret = _gnutls_mre_record2num (session->security_parameters. max_record_recv_size); - - /* it's not an error, as long as we send the - * record_size_limit extension with that value */ if (ret < 0) - return 0; + return gnutls_assert_val(ret); p = (uint8_t) ret; ret = _gnutls_buffer_append_data(extdata, &p, 1); diff --git a/lib/ext/record_size_limit.c b/lib/ext/record_size_limit.c index c74ae81e4b..607ecdb76f 100644 --- a/lib/ext/record_size_limit.c +++ b/lib/ext/record_size_limit.c @@ -96,5 +96,7 @@ _gnutls_record_size_limit_send_params(gnutls_session_t session, if (ret < 0) return gnutls_assert_val(ret); + session->internals.hsk_flags |= HSK_RECORD_SIZE_LIMIT_SENT; + return 2; } diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 93ffd7cee9..f99e40a171 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -325,8 +325,7 @@ typedef enum recv_state_t { /* IDs are allocated in a way that all values fit in 64-bit integer as (1<<val) */ typedef enum extensions_t { GNUTLS_EXTENSION_INVALID = 0xffff, - GNUTLS_EXTENSION_MAX_RECORD_SIZE = 0, - GNUTLS_EXTENSION_STATUS_REQUEST, + GNUTLS_EXTENSION_STATUS_REQUEST = 0, GNUTLS_EXTENSION_CERT_TYPE, GNUTLS_EXTENSION_CLIENT_CERT_TYPE, GNUTLS_EXTENSION_SERVER_CERT_TYPE, @@ -349,6 +348,7 @@ typedef enum extensions_t { GNUTLS_EXTENSION_EARLY_DATA, GNUTLS_EXTENSION_PSK_KE_MODES, GNUTLS_EXTENSION_RECORD_SIZE_LIMIT, + GNUTLS_EXTENSION_MAX_RECORD_SIZE, /* * pre_shared_key and dumbfw must always be the last extensions, * in that order */ @@ -1357,6 +1357,7 @@ typedef struct { * server: intend to process early data */ #define HSK_RECORD_SIZE_LIMIT_NEGOTIATED (1<<24) +#define HSK_RECORD_SIZE_LIMIT_SENT (1<<25) /* record_size_limit extension was sent */ /* The hsk_flags are for use within the ongoing handshake; * they are reset to zero prior to handshake start by gnutls_handshake. */ diff --git a/lib/hello_ext.c b/lib/hello_ext.c index 5692a14d2d..2d7cd806f6 100644 --- a/lib/hello_ext.c +++ b/lib/hello_ext.c @@ -64,7 +64,6 @@ unset_ext_data(gnutls_session_t session, const struct hello_ext_entry_st *, unsi static void unset_resumed_ext_data(gnutls_session_t session, const struct hello_ext_entry_st *, unsigned idx); static hello_ext_entry_st const *extfunc[MAX_EXT_TYPES+1] = { - [GNUTLS_EXTENSION_MAX_RECORD_SIZE] = &ext_mod_max_record_size, [GNUTLS_EXTENSION_EXT_MASTER_SECRET] = &ext_mod_ext_master_secret, [GNUTLS_EXTENSION_SUPPORTED_VERSIONS] = &ext_mod_supported_versions, [GNUTLS_EXTENSION_POST_HANDSHAKE] = &ext_mod_post_handshake, @@ -95,9 +94,10 @@ static hello_ext_entry_st const *extfunc[MAX_EXT_TYPES+1] = { #ifdef ENABLE_ALPN [GNUTLS_EXTENSION_ALPN] = &ext_mod_alpn, #endif + [GNUTLS_EXTENSION_RECORD_SIZE_LIMIT] = &ext_mod_record_size_limit, + [GNUTLS_EXTENSION_MAX_RECORD_SIZE] = &ext_mod_max_record_size, [GNUTLS_EXTENSION_PSK_KE_MODES] = &ext_mod_psk_ke_modes, [GNUTLS_EXTENSION_PRE_SHARED_KEY] = &ext_mod_pre_shared_key, - [GNUTLS_EXTENSION_RECORD_SIZE_LIMIT] = &ext_mod_record_size_limit, /* This must be the last extension registered. */ [GNUTLS_EXTENSION_DUMBFW] = &ext_mod_dumbfw, |