Read max_fragment_length extension (server)

2013-07-17 10:25:37 +02:00 · 2013-07-17 10:25:37 +02:00 · 48f8d0dbbd
commit 48f8d0dbbd
parent 787b658bb3
2 changed files with 26 additions and 0 deletions
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@ -247,6 +247,8 @@
 #define TLS_EXT_SERVERNAME                   0
 #define TLS_EXT_SERVERNAME_HOSTNAME          0

+#define TLS_EXT_MAX_FRAGMENT_LENGTH          1
+
 #define TLS_EXT_SUPPORTED_ELLIPTIC_CURVES   10
 #define TLS_EXT_SUPPORTED_POINT_FORMATS     11

--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@ -291,6 +291,22 @@ static int ssl_parse_supported_point_formats( ssl_context *ssl,
 }
 #endif /* POLARSSL_ECP_C */

+static int ssl_parse_max_fragment_length_ext( ssl_context *ssl,
+                                              const unsigned char *buf,
+                                              size_t len )
+{
+    int ret;
+
+    if( len != 1 ||
+        ( ret = ssl_set_max_frag_len( ssl, buf[0] ) ) != 0 )
+    {
+        SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    return( 0 );
+}
+
 #if defined(POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
 static int ssl_parse_client_hello_v2( ssl_context *ssl )
 {
@ -825,6 +841,14 @@ static int ssl_parse_client_hello( ssl_context *ssl )
            break;
 #endif /* POLARSSL_ECP_C */

+        case TLS_EXT_MAX_FRAGMENT_LENGTH:
+            SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) );
+
+            ret = ssl_parse_max_fragment_length_ext( ssl, ext + 4, ext_size );
+            if( ret != 0 )
+                return( ret );
+            break;
+
        default:
            SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)",
                           ext_id ) );