Merge pull request #7455 from KloolK/record-size-limit/comply-with-limit
Comply with the received Record Size Limit extension
This commit is contained in:
commit
3a6059beca
11 changed files with 293 additions and 57 deletions
|
@ -1188,6 +1188,11 @@ struct mbedtls_ssl_session {
|
|||
unsigned char MBEDTLS_PRIVATE(mfl_code); /*!< MaxFragmentLength negotiated by peer */
|
||||
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
|
||||
|
||||
/*!< RecordSizeLimit received from the peer */
|
||||
#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
|
||||
uint16_t MBEDTLS_PRIVATE(record_size_limit);
|
||||
#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
|
||||
|
||||
unsigned char MBEDTLS_PRIVATE(exported);
|
||||
|
||||
/** TLS version negotiated in the session. Used if and when renegotiating
|
||||
|
|
|
@ -439,6 +439,19 @@ size_t mbedtls_ssl_get_output_max_frag_len(const mbedtls_ssl_context *ssl);
|
|||
size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl);
|
||||
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
|
||||
|
||||
#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
|
||||
/**
|
||||
* \brief Get the size limit in bytes for the protected outgoing records
|
||||
* as defined in RFC 8449
|
||||
*
|
||||
* \param ssl SSL context
|
||||
*
|
||||
* \return The size limit in bytes for the protected outgoing
|
||||
* records as defined in RFC 8449.
|
||||
*/
|
||||
size_t mbedtls_ssl_get_output_record_size_limit(const mbedtls_ssl_context *ssl);
|
||||
#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
|
||||
|
||||
#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
|
||||
static inline size_t mbedtls_ssl_get_output_buflen(const mbedtls_ssl_context *ctx)
|
||||
{
|
||||
|
|
|
@ -2455,6 +2455,7 @@ mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite(
|
|||
* uint8 ticket_flags;
|
||||
* opaque resumption_key<0..255>;
|
||||
* uint32 max_early_data_size;
|
||||
* uint16 record_size_limit;
|
||||
* select ( endpoint ) {
|
||||
* case client: ClientOnlyData;
|
||||
* case server: uint64 ticket_creation_time;
|
||||
|
@ -2490,6 +2491,9 @@ static int ssl_tls13_session_save(const mbedtls_ssl_session *session,
|
|||
#if defined(MBEDTLS_SSL_EARLY_DATA)
|
||||
needed += 4; /* max_early_data_size */
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
|
||||
needed += 2; /* record_size_limit */
|
||||
#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
|
||||
|
||||
#if defined(MBEDTLS_HAVE_TIME)
|
||||
needed += 8; /* ticket_creation_time or ticket_reception_time */
|
||||
|
@ -2534,6 +2538,10 @@ static int ssl_tls13_session_save(const mbedtls_ssl_session *session,
|
|||
MBEDTLS_PUT_UINT32_BE(session->max_early_data_size, p, 0);
|
||||
p += 4;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
|
||||
MBEDTLS_PUT_UINT16_BE(session->record_size_limit, p, 0);
|
||||
p += 2;
|
||||
#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
|
||||
|
||||
#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C)
|
||||
if (session->endpoint == MBEDTLS_SSL_IS_SERVER) {
|
||||
|
@ -2610,6 +2618,13 @@ static int ssl_tls13_session_load(mbedtls_ssl_session *session,
|
|||
session->max_early_data_size = MBEDTLS_GET_UINT32_BE(p, 0);
|
||||
p += 4;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
|
||||
if (end - p < 2) {
|
||||
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
|
||||
}
|
||||
session->record_size_limit = MBEDTLS_GET_UINT16_BE(p, 0);
|
||||
p += 2;
|
||||
#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
|
||||
|
||||
#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C)
|
||||
if (session->endpoint == MBEDTLS_SSL_IS_SERVER) {
|
||||
|
@ -3372,6 +3387,31 @@ const char *mbedtls_ssl_get_version(const mbedtls_ssl_context *ssl)
|
|||
}
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
|
||||
|
||||
size_t mbedtls_ssl_get_output_record_size_limit(const mbedtls_ssl_context *ssl)
|
||||
{
|
||||
const size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN;
|
||||
size_t record_size_limit = max_len;
|
||||
|
||||
if (ssl->session != NULL &&
|
||||
ssl->session->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN &&
|
||||
ssl->session->record_size_limit < max_len) {
|
||||
record_size_limit = ssl->session->record_size_limit;
|
||||
}
|
||||
|
||||
// TODO: this is currently untested
|
||||
/* During a handshake, use the value being negotiated */
|
||||
if (ssl->session_negotiate != NULL &&
|
||||
ssl->session_negotiate->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN &&
|
||||
ssl->session_negotiate->record_size_limit < max_len) {
|
||||
record_size_limit = ssl->session_negotiate->record_size_limit;
|
||||
}
|
||||
|
||||
return record_size_limit;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
|
||||
|
||||
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
|
||||
size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl)
|
||||
{
|
||||
|
@ -3458,6 +3498,7 @@ int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl)
|
|||
size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN;
|
||||
|
||||
#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \
|
||||
!defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) && \
|
||||
!defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
(void) ssl;
|
||||
#endif
|
||||
|
@ -3470,6 +3511,30 @@ int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl)
|
|||
}
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
|
||||
const size_t record_size_limit = mbedtls_ssl_get_output_record_size_limit(ssl);
|
||||
|
||||
if (max_len > record_size_limit) {
|
||||
max_len = record_size_limit;
|
||||
}
|
||||
#endif
|
||||
|
||||
if (ssl->transform_out != NULL &&
|
||||
ssl->transform_out->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) {
|
||||
/* RFC 8449, section 4:
|
||||
*
|
||||
* This value [record_size_limit] is the length of the plaintext
|
||||
* of a protected record.
|
||||
* The value includes the content type and padding added in TLS 1.3
|
||||
* (that is, the complete length of TLSInnerPlaintext).
|
||||
*
|
||||
* Thus, round down to a multiple of MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY
|
||||
* and subtract 1 (for the content type that will be added later)
|
||||
*/
|
||||
max_len = ((max_len / MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) *
|
||||
MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) - 1;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
if (mbedtls_ssl_get_current_mtu(ssl) != 0) {
|
||||
const size_t mtu = mbedtls_ssl_get_current_mtu(ssl);
|
||||
|
@ -3492,7 +3557,8 @@ int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl)
|
|||
#endif /* MBEDTLS_SSL_PROTO_DTLS */
|
||||
|
||||
#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \
|
||||
!defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
!defined(MBEDTLS_SSL_PROTO_DTLS) && \
|
||||
!defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
|
||||
((void) ssl);
|
||||
#endif
|
||||
|
||||
|
|
|
@ -2113,12 +2113,11 @@ static int ssl_tls13_parse_encrypted_extensions(mbedtls_ssl_context *ssl,
|
|||
|
||||
ret = mbedtls_ssl_tls13_parse_record_size_limit_ext(
|
||||
ssl, p, p + extension_data_len);
|
||||
|
||||
/* TODO: Return unconditionally here until we handle the record
|
||||
* size limit correctly. Once handled correctly, only return in
|
||||
* case of errors. */
|
||||
if (ret != 0) {
|
||||
MBEDTLS_SSL_DEBUG_RET(
|
||||
1, ("mbedtls_ssl_tls13_parse_record_size_limit_ext"), ret);
|
||||
return ret;
|
||||
|
||||
}
|
||||
break;
|
||||
#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
|
||||
|
||||
|
@ -2132,6 +2131,17 @@ static int ssl_tls13_parse_encrypted_extensions(mbedtls_ssl_context *ssl,
|
|||
p += extension_data_len;
|
||||
}
|
||||
|
||||
if ((handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(RECORD_SIZE_LIMIT)) &&
|
||||
(handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(MAX_FRAGMENT_LENGTH))) {
|
||||
MBEDTLS_SSL_DEBUG_MSG(3,
|
||||
(
|
||||
"Record size limit extension cannot be used with max fragment length extension"));
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
|
||||
MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER);
|
||||
return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_PRINT_EXTS(3, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
|
||||
handshake->received_extensions);
|
||||
|
||||
|
|
|
@ -1731,7 +1731,7 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl,
|
|||
|
||||
MBEDTLS_SSL_DEBUG_MSG(2, ("RecordSizeLimit: %u Bytes", record_size_limit));
|
||||
|
||||
/* RFC 8449, section 4
|
||||
/* RFC 8449, section 4:
|
||||
*
|
||||
* Endpoints MUST NOT send a "record_size_limit" extension with a value
|
||||
* smaller than 64. An endpoint MUST treat receipt of a smaller value
|
||||
|
@ -1744,14 +1744,11 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl,
|
|||
return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
2, ("record_size_limit extension is still in development. Aborting handshake."));
|
||||
ssl->session_negotiate->record_size_limit = record_size_limit;
|
||||
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT,
|
||||
MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION);
|
||||
return MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION;
|
||||
return 0;
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
|
||||
|
||||
#endif /* MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
|
|
|
@ -1699,14 +1699,11 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,
|
|||
|
||||
ret = mbedtls_ssl_tls13_parse_record_size_limit_ext(
|
||||
ssl, p, extension_data_end);
|
||||
|
||||
/*
|
||||
* TODO: Return unconditionally here until we handle the record
|
||||
* size limit correctly.
|
||||
* Once handled correctly, only return in case of errors.
|
||||
*/
|
||||
if (ret != 0) {
|
||||
MBEDTLS_SSL_DEBUG_RET(
|
||||
1, ("mbedtls_ssl_tls13_parse_record_size_limit_ext"), ret);
|
||||
return ret;
|
||||
|
||||
}
|
||||
break;
|
||||
#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
|
||||
|
||||
|
|
|
@ -3521,7 +3521,7 @@ handshake:
|
|||
mbedtls_printf(" [ Record expansion is unknown ]\n");
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
|
||||
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) || defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
|
||||
mbedtls_printf(" [ Maximum incoming record payload length is %u ]\n",
|
||||
(unsigned int) mbedtls_ssl_get_max_in_record_payload(&ssl));
|
||||
mbedtls_printf(" [ Maximum outgoing record payload length is %u ]\n",
|
||||
|
|
|
@ -5815,11 +5815,8 @@ component_test_tls13_only_record_size_limit () {
|
|||
msg "test_suite_ssl: TLS 1.3 only, record size limit extension enabled"
|
||||
cd tests; ./test_suite_ssl; cd ..
|
||||
|
||||
msg "ssl-opt.sh: (TLS 1.3 only, record size limit extension tests only)"
|
||||
# Both the server and the client will currently abort the handshake when they encounter the
|
||||
# record size limit extension. There is no way to prevent gnutls-cli from sending the extension
|
||||
# which makes all G_NEXT_CLI + P_SRV tests fail. Thus, run only the tests for the this extension.
|
||||
tests/ssl-opt.sh -f "Record Size Limit"
|
||||
msg "ssl-opt.sh: (TLS 1.3 only, record size limit extension enabled)"
|
||||
tests/ssl-opt.sh
|
||||
}
|
||||
|
||||
component_build_mingw () {
|
||||
|
|
|
@ -1776,6 +1776,10 @@ int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session,
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_CLI_C */
|
||||
|
||||
#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
|
||||
session->record_size_limit = 2048;
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
|
|
201
tests/ssl-opt.sh
201
tests/ssl-opt.sh
|
@ -4481,7 +4481,7 @@ run_test "Session resume using cache, DTLS: openssl server" \
|
|||
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "Max fragment length: enabled, default" \
|
||||
"$P_SRV debug_level=3" \
|
||||
"$P_SRV debug_level=3 force_version=tls12" \
|
||||
"$P_CLI debug_level=3" \
|
||||
0 \
|
||||
-c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
|
||||
|
@ -4496,7 +4496,7 @@ run_test "Max fragment length: enabled, default" \
|
|||
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "Max fragment length: enabled, default, larger message" \
|
||||
"$P_SRV debug_level=3" \
|
||||
"$P_SRV debug_level=3 force_version=tls12" \
|
||||
"$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \
|
||||
0 \
|
||||
-c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
|
||||
|
@ -4534,7 +4534,7 @@ run_test "Max fragment length, DTLS: enabled, default, larger message" \
|
|||
requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "Max fragment length: disabled, larger message" \
|
||||
"$P_SRV debug_level=3" \
|
||||
"$P_SRV debug_level=3 force_version=tls12" \
|
||||
"$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \
|
||||
0 \
|
||||
-C "Maximum incoming record payload length is 16384" \
|
||||
|
@ -4548,7 +4548,7 @@ run_test "Max fragment length: disabled, larger message" \
|
|||
requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "Max fragment length, DTLS: disabled, larger message" \
|
||||
"$P_SRV debug_level=3 dtls=1" \
|
||||
"$P_SRV debug_level=3 dtls=1 force_version=tls12" \
|
||||
"$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
|
||||
1 \
|
||||
-C "Maximum incoming record payload length is 16384" \
|
||||
|
@ -4837,34 +4837,177 @@ run_test "Max fragment length: DTLS client, larger message" \
|
|||
requires_gnutls_tls1_3
|
||||
requires_gnutls_record_size_limit
|
||||
requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
|
||||
run_test "Record Size Limit: TLS 1.3: Server-side parsing, debug output and fatal alert" \
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
run_test "Record Size Limit: TLS 1.3: Server-side parsing and debug output" \
|
||||
"$P_SRV debug_level=3 force_version=tls13" \
|
||||
"$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4" \
|
||||
1 \
|
||||
-c "Preparing extension (Record Size Limit/28) for 'client hello'" \
|
||||
-c "Sending extension Record Size Limit/28 (2 bytes)" \
|
||||
-s "ClientHello: record_size_limit(28) extension received."\
|
||||
-s "found record_size_limit extension" \
|
||||
0 \
|
||||
-s "RecordSizeLimit: 16385 Bytes" \
|
||||
-c "Received alert \[110]: An unsupported extension was sent"
|
||||
-s "ClientHello: record_size_limit(28) extension exists." \
|
||||
-s "Maximum outgoing record payload length is 16383" \
|
||||
-s "bytes written in 1 fragments"
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_gnutls_record_size_limit
|
||||
requires_gnutls_next_disable_tls13_compat
|
||||
requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
|
||||
run_test "Record Size Limit: TLS 1.3: Client-side parsing, debug output and fatal alert" \
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
run_test "Record Size Limit: TLS 1.3: Client-side parsing and debug output" \
|
||||
"$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert -d 4" \
|
||||
"$P_CLI debug_level=4 force_version=tls13" \
|
||||
0 \
|
||||
-s "Preparing extension (Record Size Limit/28) for 'encrypted extensions'"
|
||||
# The P_CLI can not yet send the Record Size Limit extension. Thus, the G_NEXT_SRV does not send
|
||||
# a response in its EncryptedExtensions record.
|
||||
# -s "Parsing extension 'Record Size Limit/28 (2 bytes)" \
|
||||
# -s "Sending extension Record Size Limit/28 (2 bytes)" \
|
||||
# -c "EncryptedExtensions: record_size_limit(28) extension received."\
|
||||
# -c "found record_size_limit extension" \
|
||||
# -c "RecordSizeLimit: 16385 Bytes" \
|
||||
# -s "Received alert \[110]: An unsupported extension was sent"
|
||||
# -c "RecordSizeLimit: 16385 Bytes"
|
||||
|
||||
# In the following (9) tests, --recordsize is the value used by the G_NEXT_CLI (3.7.2) to configure the
|
||||
# maximum record size using "https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-size".
|
||||
# There is currently a lower limit of 512, caused by this function not respecting the
|
||||
# "%ALLOW_SMALL_RECORDS" priority string and not using the more recent function
|
||||
# https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-recv-size.
|
||||
# There is currently an upper limit of 4096, caused by the cli arg parser:
|
||||
# https://gitlab.com/gnutls/gnutls/-/blob/3.7.2/src/cli-args.def#L395.
|
||||
# Thus, these tests are currently limit to that value range.
|
||||
# Moreover, the value sent in the extension is expected to be larger by one compared
|
||||
# to the value passed on the cli:
|
||||
# https://gitlab.com/gnutls/gnutls/-/blob/3.7.2/lib/ext/record_size_limit.c#L142
|
||||
|
||||
# Currently test certificates being used do not fit in 513 record size limit
|
||||
# so for 513 record size limit tests we use preshared key to avoid sending
|
||||
# the certificate.
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_gnutls_record_size_limit
|
||||
requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 1 fragment" \
|
||||
"$P_SRV debug_level=3 force_version=tls13 tls13_kex_modes=psk \
|
||||
psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70 \
|
||||
response_size=256" \
|
||||
"$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \
|
||||
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \
|
||||
0 \
|
||||
-s "RecordSizeLimit: 513 Bytes" \
|
||||
-s "Maximum outgoing record payload length is 511" \
|
||||
-s "256 bytes written in 1 fragments"
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_gnutls_record_size_limit
|
||||
requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 2 fragments" \
|
||||
"$P_SRV debug_level=3 force_version=tls13 tls13_kex_modes=psk \
|
||||
psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70 \
|
||||
response_size=768" \
|
||||
"$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \
|
||||
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \
|
||||
0 \
|
||||
-s "RecordSizeLimit: 513 Bytes" \
|
||||
-s "Maximum outgoing record payload length is 511" \
|
||||
-s "768 bytes written in 2 fragments"
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_gnutls_record_size_limit
|
||||
requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 3 fragments" \
|
||||
"$P_SRV debug_level=3 force_version=tls13 tls13_kex_modes=psk \
|
||||
psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70 \
|
||||
response_size=1280" \
|
||||
"$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \
|
||||
--pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \
|
||||
0 \
|
||||
-s "RecordSizeLimit: 513 Bytes" \
|
||||
-s "Maximum outgoing record payload length is 511" \
|
||||
-s "1280 bytes written in 3 fragments"
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_gnutls_record_size_limit
|
||||
requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 1 fragment" \
|
||||
"$P_SRV debug_level=3 force_version=tls13 response_size=512" \
|
||||
"$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \
|
||||
0 \
|
||||
-s "RecordSizeLimit: 1024 Bytes" \
|
||||
-s "ClientHello: record_size_limit(28) extension exists." \
|
||||
-s "Maximum outgoing record payload length is 1023" \
|
||||
-s "512 bytes written in 1 fragments"
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_gnutls_record_size_limit
|
||||
requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 2 fragments" \
|
||||
"$P_SRV debug_level=3 force_version=tls13 response_size=1536" \
|
||||
"$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \
|
||||
0 \
|
||||
-s "RecordSizeLimit: 1024 Bytes" \
|
||||
-s "ClientHello: record_size_limit(28) extension exists." \
|
||||
-s "Maximum outgoing record payload length is 1023" \
|
||||
-s "1536 bytes written in 2 fragments"
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_gnutls_record_size_limit
|
||||
requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 3 fragments" \
|
||||
"$P_SRV debug_level=3 force_version=tls13 response_size=2560" \
|
||||
"$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \
|
||||
0 \
|
||||
-s "RecordSizeLimit: 1024 Bytes" \
|
||||
-s "ClientHello: record_size_limit(28) extension exists." \
|
||||
-s "Maximum outgoing record payload length is 1023" \
|
||||
-s "2560 bytes written in 3 fragments"
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_gnutls_record_size_limit
|
||||
requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 1 fragment" \
|
||||
"$P_SRV debug_level=3 force_version=tls13 response_size=2048" \
|
||||
"$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \
|
||||
0 \
|
||||
-s "RecordSizeLimit: 4096 Bytes" \
|
||||
-s "ClientHello: record_size_limit(28) extension exists." \
|
||||
-s "Maximum outgoing record payload length is 4095" \
|
||||
-s "2048 bytes written in 1 fragments"
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_gnutls_record_size_limit
|
||||
requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 2 fragments" \
|
||||
"$P_SRV debug_level=3 force_version=tls13 response_size=6144" \
|
||||
"$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \
|
||||
0 \
|
||||
-s "RecordSizeLimit: 4096 Bytes" \
|
||||
-s "ClientHello: record_size_limit(28) extension exists." \
|
||||
-s "Maximum outgoing record payload length is 4095" \
|
||||
-s "6144 bytes written in 2 fragments"
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_gnutls_record_size_limit
|
||||
requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 3 fragments" \
|
||||
"$P_SRV debug_level=3 force_version=tls13 response_size=10240" \
|
||||
"$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \
|
||||
0 \
|
||||
-s "RecordSizeLimit: 4096 Bytes" \
|
||||
-s "ClientHello: record_size_limit(28) extension exists." \
|
||||
-s "Maximum outgoing record payload length is 4095" \
|
||||
-s "10240 bytes written in 3 fragments"
|
||||
|
||||
# Tests for renegotiation
|
||||
|
||||
|
@ -8263,7 +8406,7 @@ run_test "mbedtls_ssl_get_bytes_avail: extra data (*2)" \
|
|||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "mbedtls_ssl_get_bytes_avail: extra data (max)" \
|
||||
"$P_SRV buffer_size=100" \
|
||||
"$P_SRV buffer_size=100 force_version=tls12" \
|
||||
"$P_CLI request_size=$MAX_CONTENT_LEN" \
|
||||
0 \
|
||||
-s "Read from client: $MAX_CONTENT_LEN bytes read (100 + $((MAX_CONTENT_LEN - 100)))"
|
||||
|
@ -8452,20 +8595,20 @@ run_test "Large client packet TLS 1.2 AEAD shorter tag" \
|
|||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
run_test "Large client packet TLS 1.3 AEAD" \
|
||||
"$P_SRV" \
|
||||
"$P_CLI request_size=16384 \
|
||||
"$P_CLI request_size=16383 \
|
||||
force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
|
||||
0 \
|
||||
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||
-c "16383 bytes written in $(fragments_for_write 16383) fragments" \
|
||||
-s "Read from client: 16383 bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
run_test "Large client packet TLS 1.3 AEAD shorter tag" \
|
||||
"$P_SRV" \
|
||||
"$P_CLI request_size=16384 \
|
||||
"$P_CLI request_size=16383 \
|
||||
force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
|
||||
0 \
|
||||
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||
-c "16383 bytes written in $(fragments_for_write 16383) fragments" \
|
||||
-s "Read from client: 16383 bytes read"
|
||||
|
||||
# The tests below fail when the server's OUT_CONTENT_LEN is less than 16384.
|
||||
run_test "Large server packet TLS 1.2 BlockCipher" \
|
||||
|
@ -8508,17 +8651,17 @@ run_test "Large server packet TLS 1.2 AEAD shorter tag" \
|
|||
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
run_test "Large server packet TLS 1.3 AEAD" \
|
||||
"$P_SRV response_size=16384" \
|
||||
"$P_SRV response_size=16383" \
|
||||
"$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
|
||||
0 \
|
||||
-c "Read from server: 16384 bytes read"
|
||||
-c "Read from server: 16383 bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
run_test "Large server packet TLS 1.3 AEAD shorter tag" \
|
||||
"$P_SRV response_size=16384" \
|
||||
"$P_SRV response_size=16383" \
|
||||
"$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
|
||||
0 \
|
||||
-c "Read from server: 16384 bytes read"
|
||||
-c "Read from server: 16383 bytes read"
|
||||
|
||||
# Tests for restartable ECC
|
||||
|
||||
|
|
|
@ -2096,6 +2096,10 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file,
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
|
||||
#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
|
||||
TEST_ASSERT(original.record_size_limit == restored.record_size_limit);
|
||||
#endif
|
||||
|
||||
exit:
|
||||
mbedtls_ssl_session_free(&original);
|
||||
mbedtls_ssl_session_free(&restored);
|
||||
|
|
Loading…
Reference in a new issue