mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-08-03 12:44:45 +02:00
Allow setting of MTU in DTLS
This commit is contained in:
Sean Parkinson
11
configure.ac
11
configure.ac
@@ -275,6 +275,17 @@ then
|
|||||||
AM_CFLAGS="-DWOLFSSL_DTLS $AM_CFLAGS"
|
AM_CFLAGS="-DWOLFSSL_DTLS $AM_CFLAGS"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# DTLS change MTU
|
||||||
|
AC_ARG_ENABLE([dtls-mtu],
|
||||||
|
[AS_HELP_STRING([--enable-dtls-mtu],[Enable setting the MTU size for wolfSSL DTLS (default: disabled)])],
|
||||||
|
[ ENABLED_DTLS_MTU=$enableval ],
|
||||||
|
[ ENABLED_DTLS_MTU=no ]
|
||||||
|
)
|
||||||
|
if test "$ENABLED_DTLS_MTU" = "yes"
|
||||||
|
then
|
||||||
|
AM_CFLAGS="-DWOLFSSL_DTLS_MTU $AM_CFLAGS"
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
# TLS v1.3 Draft 18
|
# TLS v1.3 Draft 18
|
||||||
AC_ARG_ENABLE([tls13-draft18],
|
AC_ARG_ENABLE([tls13-draft18],
|
||||||
|
|||||||
@@ -1740,8 +1740,12 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
|
|||||||
|
|
||||||
ctx->devId = INVALID_DEVID;
|
ctx->devId = INVALID_DEVID;
|
||||||
|
|
||||||
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SCTP)
|
#if defined(WOLFSSL_DTLS)
|
||||||
ctx->dtlsMtuSz = MAX_RECORD_SIZE;
|
#ifdef WOLFSSL_SCTP
|
||||||
|
ctx->dtlsMtuSz = MAX_RECORD_SIZE;
|
||||||
|
#elif defined(WOLFSSL_DTLS_MTU)
|
||||||
|
ctx->dtlsMtuSz = MAX_MTU;
|
||||||
|
#endif
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifndef NO_CERTS
|
#ifndef NO_CERTS
|
||||||
@@ -5649,6 +5653,8 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
|
|||||||
#ifdef WOLFSSL_DTLS
|
#ifdef WOLFSSL_DTLS
|
||||||
#ifdef WOLFSSL_SCTP
|
#ifdef WOLFSSL_SCTP
|
||||||
ssl->options.dtlsSctp = ctx->dtlsSctp;
|
ssl->options.dtlsSctp = ctx->dtlsSctp;
|
||||||
|
#endif
|
||||||
|
#if defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)
|
||||||
ssl->dtlsMtuSz = ctx->dtlsMtuSz;
|
ssl->dtlsMtuSz = ctx->dtlsMtuSz;
|
||||||
ssl->dtls_expected_rx = ssl->dtlsMtuSz;
|
ssl->dtls_expected_rx = ssl->dtlsMtuSz;
|
||||||
#else
|
#else
|
||||||
|
|||||||
@@ -1076,6 +1076,10 @@ int wolfSSL_dtls_set_sctp(WOLFSSL* ssl)
|
|||||||
return WOLFSSL_SUCCESS;
|
return WOLFSSL_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#endif /* WOLFSSL_DTLS && WOLFSSL_SCTP */
|
||||||
|
|
||||||
|
#if (defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)) && \
|
||||||
|
defined(WOLFSSL_DTLS)
|
||||||
|
|
||||||
int wolfSSL_CTX_dtls_set_mtu(WOLFSSL_CTX* ctx, word16 newMtu)
|
int wolfSSL_CTX_dtls_set_mtu(WOLFSSL_CTX* ctx, word16 newMtu)
|
||||||
{
|
{
|
||||||
@@ -1101,8 +1105,7 @@ int wolfSSL_dtls_set_mtu(WOLFSSL* ssl, word16 newMtu)
|
|||||||
return WOLFSSL_SUCCESS;
|
return WOLFSSL_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#endif /* WOLFSSL_DTLS && (WOLFSSL_SCTP || WOLFSSL_DTLS_MTU) */
|
||||||
#endif /* WOLFSSL_DTLS && WOLFSSL_SCTP */
|
|
||||||
|
|
||||||
|
|
||||||
#ifdef WOLFSSL_DTLS_DROP_STATS
|
#ifdef WOLFSSL_DTLS_DROP_STATS
|
||||||
@@ -2023,6 +2026,8 @@ static int wolfSSL_read_internal(WOLFSSL* ssl, void* data, int sz, int peek)
|
|||||||
ssl->dtls_expected_rx = max(sz + 100, MAX_MTU);
|
ssl->dtls_expected_rx = max(sz + 100, MAX_MTU);
|
||||||
#ifdef WOLFSSL_SCTP
|
#ifdef WOLFSSL_SCTP
|
||||||
if (ssl->options.dtlsSctp)
|
if (ssl->options.dtlsSctp)
|
||||||
|
#endif
|
||||||
|
#if defined(WOLLSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)
|
||||||
ssl->dtls_expected_rx = max(ssl->dtls_expected_rx, ssl->dtlsMtuSz);
|
ssl->dtls_expected_rx = max(ssl->dtls_expected_rx, ssl->dtlsMtuSz);
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|||||||
42
tests/api.c
42
tests/api.c
@@ -31296,6 +31296,47 @@ static void test_SetTmpEC_DHE_Sz(void)
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void test_wolfSSL_dtls_set_mtu(void)
|
||||||
|
{
|
||||||
|
#if (defined(WOLFSSL_DTLS_MTU) || defined(WOLFSSL_SCTP)) && \
|
||||||
|
defined(WOLFSSL_DTLS)
|
||||||
|
WOLFSSL_CTX* ctx = NULL;
|
||||||
|
WOLFSSL* ssl = NULL;
|
||||||
|
const char* testCertFile;
|
||||||
|
const char* testKeyFile;
|
||||||
|
|
||||||
|
AssertNotNull(ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method()));
|
||||||
|
#ifndef NO_RSA
|
||||||
|
testCertFile = svrCertFile;
|
||||||
|
testKeyFile = svrKeyFile;
|
||||||
|
#elif defined(HAVE_ECC)
|
||||||
|
testCertFile = eccCertFile;
|
||||||
|
testKeyFile = eccKeyFile;
|
||||||
|
#endif
|
||||||
|
if (testCertFile != NULL && testKeyFile != NULL) {
|
||||||
|
AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, testCertFile,
|
||||||
|
WOLFSSL_FILETYPE_PEM));
|
||||||
|
AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
|
||||||
|
WOLFSSL_FILETYPE_PEM));
|
||||||
|
}
|
||||||
|
AssertNotNull(ssl = wolfSSL_new(ctx));
|
||||||
|
|
||||||
|
AssertIntEQ(wolfSSL_CTX_dtls_set_mtu(NULL, 1488), BAD_FUNC_ARG);
|
||||||
|
AssertIntEQ(wolfSSL_dtls_set_mtu(NULL, 1488), BAD_FUNC_ARG);
|
||||||
|
AssertIntEQ(wolfSSL_CTX_dtls_set_mtu(ctx, 20000), BAD_FUNC_ARG);
|
||||||
|
AssertIntEQ(wolfSSL_dtls_set_mtu(ssl, 20000), WOLFSSL_FAILURE);
|
||||||
|
AssertIntEQ(wolfSSL_get_error(ssl, WOLFSSL_FAILURE), BAD_FUNC_ARG);
|
||||||
|
AssertIntEQ(wolfSSL_CTX_dtls_set_mtu(ctx, 1488), WOLFSSL_SUCCESS);
|
||||||
|
AssertIntEQ(wolfSSL_dtls_set_mtu(ssl, 1488), WOLFSSL_SUCCESS);
|
||||||
|
|
||||||
|
wolfSSL_free(ssl);
|
||||||
|
wolfSSL_CTX_free(ctx);
|
||||||
|
|
||||||
|
printf(testingFmt, "wolfSSL_dtls_set_mtu()");
|
||||||
|
printf(resultFmt, passed);
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
#if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \
|
#if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \
|
||||||
!defined(NO_CERTS)
|
!defined(NO_CERTS)
|
||||||
static int load_ca_into_cm(WOLFSSL_CERT_MANAGER* cm, char* certA)
|
static int load_ca_into_cm(WOLFSSL_CERT_MANAGER* cm, char* certA)
|
||||||
@@ -31598,6 +31639,7 @@ void ApiTest(void)
|
|||||||
test_wolfSSL_SetTmpDH_buffer();
|
test_wolfSSL_SetTmpDH_buffer();
|
||||||
test_wolfSSL_SetMinMaxDhKey_Sz();
|
test_wolfSSL_SetMinMaxDhKey_Sz();
|
||||||
test_SetTmpEC_DHE_Sz();
|
test_SetTmpEC_DHE_Sz();
|
||||||
|
test_wolfSSL_dtls_set_mtu();
|
||||||
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
|
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
|
||||||
defined(HAVE_IO_TESTS_DEPENDENCIES)
|
defined(HAVE_IO_TESTS_DEPENDENCIES)
|
||||||
test_wolfSSL_read_write();
|
test_wolfSSL_read_write();
|
||||||
|
|||||||
@@ -2684,6 +2684,9 @@ struct WOLFSSL_CTX {
|
|||||||
#endif
|
#endif
|
||||||
#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS)
|
#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS)
|
||||||
byte dtlsSctp; /* DTLS-over-SCTP mode */
|
byte dtlsSctp; /* DTLS-over-SCTP mode */
|
||||||
|
#endif
|
||||||
|
#if (defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)) && \
|
||||||
|
defined(WOLFSSL_DTLS)
|
||||||
word16 dtlsMtuSz; /* DTLS MTU size */
|
word16 dtlsMtuSz; /* DTLS MTU size */
|
||||||
#endif
|
#endif
|
||||||
#ifndef NO_DH
|
#ifndef NO_DH
|
||||||
@@ -4021,9 +4024,9 @@ struct WOLFSSL {
|
|||||||
#ifdef WOLFSSL_SESSION_EXPORT
|
#ifdef WOLFSSL_SESSION_EXPORT
|
||||||
wc_dtls_export dtls_export; /* export function for session */
|
wc_dtls_export dtls_export; /* export function for session */
|
||||||
#endif
|
#endif
|
||||||
#ifdef WOLFSSL_SCTP
|
#if defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)
|
||||||
word16 dtlsMtuSz;
|
word16 dtlsMtuSz;
|
||||||
#endif /* WOLFSSL_SCTP */
|
#endif /* WOLFSSL_SCTP || WOLFSSL_DTLS_MTU */
|
||||||
#ifdef WOLFSSL_MULTICAST
|
#ifdef WOLFSSL_MULTICAST
|
||||||
void* mcastHwCbCtx; /* Multicast highwater callback ctx */
|
void* mcastHwCbCtx; /* Multicast highwater callback ctx */
|
||||||
#endif /* WOLFSSL_MULTICAST */
|
#endif /* WOLFSSL_MULTICAST */
|
||||||
|
|||||||
Reference in New Issue
Block a user