feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

adds record_overflow alert used by max_fragment_length tls extension.

Browse Source
This commit is contained in:
Moisés Guimarães
2014-09-18 21:21:26 -03:00
parent 63a90d9cb6
commit d61af5d9ae
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cyassl/ssl.h
View File

@@ -159,6 +159,7 @@ enum AlertDescription {
close_notify = 0, close_notify = 0,
unexpected_message = 10, unexpected_message = 10,
bad_record_mac = 20, bad_record_mac = 20,
record_overflow = 22,
decompression_failure = 30, decompression_failure = 30,
handshake_failure = 40, handshake_failure = 40,
no_certificate = 41, no_certificate = 41,

8
src/internal.c
View File

@@ -3021,8 +3021,10 @@ static int GetRecordHeader(CYASSL* ssl, const byte* input, word32* inOutIdx,
/* record layer length check */ /* record layer length check */
#ifdef HAVE_MAX_FRAGMENT #ifdef HAVE_MAX_FRAGMENT
if (*size > (ssl->max_fragment + MAX_COMP_EXTRA + MAX_MSG_EXTRA)) if (*size > (ssl->max_fragment + MAX_COMP_EXTRA + MAX_MSG_EXTRA)) {
SendAlert(ssl, alert_fatal, record_overflow);
return LENGTH_ERROR; return LENGTH_ERROR;
}
#else #else
if (*size > (MAX_RECORD_SIZE + MAX_COMP_EXTRA + MAX_MSG_EXTRA)) if (*size > (MAX_RECORD_SIZE + MAX_COMP_EXTRA + MAX_MSG_EXTRA))
return LENGTH_ERROR; return LENGTH_ERROR;
@@ -3933,8 +3935,10 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx,
*inOutIdx += OPAQUE24_LEN; *inOutIdx += OPAQUE24_LEN;
#ifdef HAVE_MAX_FRAGMENT #ifdef HAVE_MAX_FRAGMENT
if (listSz > ssl->max_fragment) if (listSz > ssl->max_fragment) {
SendAlert(ssl, alert_fatal, record_overflow);
return BUFFER_E; return BUFFER_E;
}
#else #else
if (listSz > MAX_RECORD_SIZE) if (listSz > MAX_RECORD_SIZE)
return BUFFER_E; return BUFFER_E;