From ab953f5913b78479a83d72c660c23ab3d7a2c1b9 Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Sun, 20 Jan 2019 09:18:21 +0100 Subject: ext/max_record: server shouldn't send it with record_size_limit Otherwise, the connection will be disconnected by the client, as suggested in RFC: A client MUST treat receipt of both "max_fragment_length" and "record_size_limit" as a fatal error, and it SHOULD generate an "illegal_parameter" alert. Signed-off-by: Daiki Ueno --- lib/ext/max_record.c | 8 ++++---- lib/ext/record_size_limit.c | 2 ++ lib/gnutls_int.h | 5 +++-- lib/hello_ext.c | 4 ++-- 4 files changed, 11 insertions(+), 8 deletions(-) diff --git a/lib/ext/max_record.c b/lib/ext/max_record.c index 2a7a9d3496..17c06e483f 100644 --- a/lib/ext/max_record.c +++ b/lib/ext/max_record.c @@ -153,16 +153,16 @@ _gnutls_max_record_send_params(gnutls_session_t session, } else { /* server side */ + if (session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_SENT) + return 0; + if (session->security_parameters.max_record_recv_size != DEFAULT_MAX_RECORD_SIZE) { ret = _gnutls_mre_record2num (session->security_parameters. max_record_recv_size); - - /* it's not an error, as long as we send the - * record_size_limit extension with that value */ if (ret < 0) - return 0; + return gnutls_assert_val(ret); p = (uint8_t) ret; ret = _gnutls_buffer_append_data(extdata, &p, 1); diff --git a/lib/ext/record_size_limit.c b/lib/ext/record_size_limit.c index c74ae81e4b..607ecdb76f 100644 --- a/lib/ext/record_size_limit.c +++ b/lib/ext/record_size_limit.c @@ -96,5 +96,7 @@ _gnutls_record_size_limit_send_params(gnutls_session_t session, if (ret < 0) return gnutls_assert_val(ret); + session->internals.hsk_flags |= HSK_RECORD_SIZE_LIMIT_SENT; + return 2; } diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 93ffd7cee9..f99e40a171 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -325,8 +325,7 @@ typedef enum recv_state_t { /* IDs are allocated in a way that all values fit in 64-bit integer as (1<