mirror of https://github.com/wolfSSL/wolfssl.git
implement set_tlsext_max_fragment_length
Hideki Miyazaki
parent
26cf17e602
commit
8808e6a3ac
33
src/ssl.c
33
src/ssl.c
|
|
@ -28011,6 +28011,39 @@ WOLFSSL_API long wolfSSL_set_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char *
|
|||
}
|
||||
#endif /* HAVE_OCSP */
|
||||
|
||||
#ifdef HAVE_MAX_FRAGMENT
|
||||
#ifndef NO_WOLFSSL_CLIENT
|
||||
/**
|
||||
* Set max fragment tls extension
|
||||
* @param c a pointer to WOLFSSL_CTX object
|
||||
* @param mode maximum fragment length mode
|
||||
* @return 1 on success, otherwise 0 or negative error code
|
||||
*/
|
||||
WOLFSSL_API int wolfSSL_CTX_set_tlsext_max_fragment_length(WOLFSSL_CTX *c,
|
||||
unsigned char mode)
|
||||
{
|
||||
if (c == NULL || (mode < WOLFSSL_MFL_2_9 || mode > WOLFSSL_MFL_2_12 ))
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
return wolfSSL_CTX_UseMaxFragment(c, mode);
|
||||
}
|
||||
/**
|
||||
* Set max fragment tls extension
|
||||
* @param c a pointer to WOLFSSL object
|
||||
* @param mode maximum fragment length mode
|
||||
* @return 1 on success, otherwise 0 or negative error code
|
||||
*/
|
||||
WOLFSSL_API int wolfSSL_set_tlsext_max_fragment_length(WOLFSSL *s,
|
||||
unsigned char mode)
|
||||
{
|
||||
if (s == NULL || (mode < WOLFSSL_MFL_2_9 || mode > WOLFSSL_MFL_2_12 ))
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
return wolfSSL_UseMaxFragment(s, mode);
|
||||
}
|
||||
#endif /* NO_WOLFSSL_CLIENT */
|
||||
#endif /* HAVE_MAX_FRAGMENT */
|
||||
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
|
|
|
|||
67
tests/api.c
67
tests/api.c
|
|
@ -5892,30 +5892,61 @@ static void test_wolfSSL_UseMaxFragment(void)
|
|||
#endif
|
||||
WOLFSSL *ssl = wolfSSL_new(ctx);
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
int (*UseMaxFragment)(SSL *s, uint8_t mode);
|
||||
int (*CTX_UseMaxFragment)(SSL_CTX *c, uint8_t mode);
|
||||
|
||||
CTX_UseMaxFragment = SSL_CTX_set_tlsext_max_fragment_length;
|
||||
UseMaxFragment = SSL_set_tlsext_max_fragment_length;
|
||||
#else
|
||||
int (*UseMaxFragment)(WOLFSSL *s, unsigned char mode);
|
||||
int (*CTX_UseMaxFragment)(WOLFSSL_CTX *c, unsigned char mode);
|
||||
|
||||
UseMaxFragment = wolfSSL_UseMaxFragment;
|
||||
CTX_UseMaxFragment = wolfSSL_CTX_UseMaxFragment;
|
||||
#endif
|
||||
|
||||
|
||||
AssertNotNull(ctx);
|
||||
AssertNotNull(ssl);
|
||||
|
||||
/* error cases */
|
||||
AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(NULL, WOLFSSL_MFL_2_9));
|
||||
AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment( NULL, WOLFSSL_MFL_2_9));
|
||||
AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, WOLFSSL_MFL_MIN-1));
|
||||
AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, WOLFSSL_MFL_MAX+1));
|
||||
AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment(ssl, WOLFSSL_MFL_MIN-1));
|
||||
AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment(ssl, WOLFSSL_MFL_MAX+1));
|
||||
AssertIntNE(WOLFSSL_SUCCESS, CTX_UseMaxFragment(NULL, WOLFSSL_MFL_2_9));
|
||||
AssertIntNE(WOLFSSL_SUCCESS, UseMaxFragment( NULL, WOLFSSL_MFL_2_9));
|
||||
AssertIntNE(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_MIN-1));
|
||||
AssertIntNE(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_MAX+1));
|
||||
AssertIntNE(WOLFSSL_SUCCESS, UseMaxFragment(ssl, WOLFSSL_MFL_MIN-1));
|
||||
AssertIntNE(WOLFSSL_SUCCESS, UseMaxFragment(ssl, WOLFSSL_MFL_MAX+1));
|
||||
|
||||
/* success case */
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_8));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_9));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_10));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_11));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_12));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_13));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment( ssl, WOLFSSL_MFL_2_8));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment( ssl, WOLFSSL_MFL_2_9));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment( ssl, WOLFSSL_MFL_2_10));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment( ssl, WOLFSSL_MFL_2_11));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment( ssl, WOLFSSL_MFL_2_12));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment( ssl, WOLFSSL_MFL_2_13));
|
||||
#ifdef OPENSSL_EXTRA
|
||||
AssertIntEQ(BAD_FUNC_ARG, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_8));
|
||||
#else
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_8));
|
||||
#endif
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_9));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_10));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_11));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_12));
|
||||
#ifdef OPENSSL_EXTRA
|
||||
AssertIntEQ(BAD_FUNC_ARG, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_13));
|
||||
|
||||
AssertIntEQ(BAD_FUNC_ARG, UseMaxFragment( ssl, WOLFSSL_MFL_2_8));
|
||||
#else
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_13));
|
||||
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_8));
|
||||
#endif
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_9));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_10));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_11));
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_12));
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
AssertIntEQ(BAD_FUNC_ARG, UseMaxFragment( ssl, WOLFSSL_MFL_2_13));
|
||||
#else
|
||||
AssertIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_13));
|
||||
#endif
|
||||
|
||||
wolfSSL_free(ssl);
|
||||
wolfSSL_CTX_free(ctx);
|
||||
|
|
|
|||
|
|
@ -1110,6 +1110,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
|
||||
#define TLSEXT_STATUSTYPE_ocsp 1
|
||||
|
||||
#define TLSEXT_max_fragment_length_512 WOLFSSL_MFL_2_9
|
||||
#define TLSEXT_max_fragment_length_1024 WOLFSSL_MFL_2_10
|
||||
#define TLSEXT_max_fragment_length_2048 WOLFSSL_MFL_2_11
|
||||
#define TLSEXT_max_fragment_length_4096 WOLFSSL_MFL_2_12
|
||||
|
||||
#define SSL_set_options wolfSSL_set_options
|
||||
#define SSL_get_options wolfSSL_get_options
|
||||
#define SSL_clear_options wolfSSL_clear_options
|
||||
|
|
@ -1130,6 +1135,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
#define SSL_set_tlsext_status_ocsp_res wolfSSL_set_tlsext_status_ocsp_resp
|
||||
#define SSL_set_tlsext_status_ocsp_resp wolfSSL_set_tlsext_status_ocsp_resp
|
||||
#define SSL_get_tlsext_status_ocsp_resp wolfSSL_get_tlsext_status_ocsp_resp
|
||||
#define SSL_set_tlsext_max_fragment_length wolfSSL_set_tlsext_max_fragment_length
|
||||
|
||||
#define SSL_CTX_add_extra_chain_cert wolfSSL_CTX_add_extra_chain_cert
|
||||
#define SSL_CTX_get_read_ahead wolfSSL_CTX_get_read_ahead
|
||||
|
|
@ -1137,6 +1143,8 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||
#define SSL_CTX_set_tlsext_status_arg wolfSSL_CTX_set_tlsext_status_arg
|
||||
#define SSL_CTX_set_tlsext_opaque_prf_input_callback_arg \
|
||||
wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg
|
||||
#define SSL_CTX_set_tlsext_max_fragment_length \
|
||||
wolfSSL_CTX_set_tlsext_max_fragment_length
|
||||
#define SSL_get_server_random wolfSSL_get_server_random
|
||||
#define SSL_get_server_tmp_key wolfSSL_get_server_tmp_key
|
||||
|
||||
|
|
|
|||
|
|
@ -1942,7 +1942,10 @@ WOLFSSL_API long wolfSSL_get_tlsext_status_ids(WOLFSSL *s, void *arg);
|
|||
WOLFSSL_API long wolfSSL_set_tlsext_status_ids(WOLFSSL *s, void *arg);
|
||||
WOLFSSL_API long wolfSSL_get_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char **resp);
|
||||
WOLFSSL_API long wolfSSL_set_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char *resp, int len);
|
||||
|
||||
WOLFSSL_API int wolfSSL_set_tlsext_max_fragment_length
|
||||
(WOLFSSL *s, unsigned char mode);
|
||||
WOLFSSL_API int wolfSSL_CTX_set_tlsext_max_fragment_length
|
||||
(WOLFSSL_CTX *c, unsigned char mode);
|
||||
WOLFSSL_API void wolfSSL_CONF_modules_unload(int all);
|
||||
WOLFSSL_API char* wolfSSL_CONF_get1_default_config_file(void);
|
||||
WOLFSSL_API long wolfSSL_get_tlsext_status_exts(WOLFSSL *s, void *arg);
|
||||
|
|
|
|||
Loading…
Reference in New Issue