diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 0a7048120..0c770f6d9 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -59,8 +59,15 @@ #define DFL_AUTH_MODE SSL_VERIFY_OPTIONAL #define DFL_MFL_CODE SSL_MAX_FRAG_LEN_NONE -/* Uncomment to test sending long paquets */ -#define LONG_HEADER // "User-agent: blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-END\r\n" +/* Uncomment to test sending longer paquets (for fragmentation purposes) */ +#define LONG_HEADER // "User-agent: blah-blah-blah-blah-blah-blah-blah-" \ + "-01--blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-" \ + "-02--blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-" \ + "-03--blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-" \ + "-04--blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-" \ + "-05--blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-" \ + "-06--blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-" \ + "-07--blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-END\r\n" #define GET_REQUEST "GET %s HTTP/1.0\r\n" LONG_HEADER "\r\n" @@ -204,7 +211,7 @@ int main( int argc, char *argv[] ) #else int main( int argc, char *argv[] ) { - int ret = 0, len, server_fd, i, written; + int ret = 0, len, server_fd, i, written, frags; unsigned char buf[1024]; #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) unsigned char psk[256]; @@ -705,7 +712,7 @@ int main( int argc, char *argv[] ) len = sprintf( (char *) buf, GET_REQUEST, opt.request_page ); - for( written = 0; written < len; written += ret ) + for( written = 0, frags = 0; written < len; written += ret, frags++ ) { while( ( ret = ssl_write( &ssl, buf + written, len - written ) ) <= 0 ) { @@ -718,7 +725,7 @@ int main( int argc, char *argv[] ) } buf[written] = '\0'; - printf( " %d bytes written\n\n%s\n", written, (char *) buf ); + printf( " %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf ); /* * 7. Read the HTTP response diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index ab2a87f7a..d5ebb812b 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -68,11 +68,15 @@ #define DFL_MIN_VERSION -1 #define DFL_MAX_VERSION -1 #define DFL_AUTH_MODE SSL_VERIFY_OPTIONAL +#define DFL_MFL_CODE SSL_MAX_FRAG_LEN_NONE -#define LONG_RESPONSE "
01-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "03-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "04-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah
\r\n" +#define LONG_RESPONSE "01-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "03-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "04-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "05-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "06-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "07-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah
\r\n" /* Uncomment LONG_RESPONSE at the end of HTTP_RESPONSE to test sending longer * packets (for fragmentation purposes) */ @@ -100,6 +104,7 @@ struct options int min_version; /* minimum protocol version accepted */ int max_version; /* maximum protocol version accepted */ int auth_mode; /* verify mode for connection */ + unsigned char mfl_code; /* code for maximum fragment length */ } opt; static void my_debug( void *ctx, int level, const char *str ) @@ -154,6 +159,8 @@ static void my_debug( void *ctx, int level, const char *str ) " options: ssl3, tls1, tls1_1, tls1_2\n" \ " auth_mode=%%s default: \"optional\"\n" \ " options: none, optional, required\n" \ + " max_frag_len=%%d default: 16384 (tls default)" \ + " options: 512, 1024, 2048, 4096" \ USAGE_PSK \ "\n" \ " force_ciphersuite=