DTLS rx size check, ssn10

Allows for receiving datagrams larger than the MTU that are reassembled by the IP stack.
2013-05-17 10:29:34 -07:00 · 2013-05-17 10:29:34 -07:00 · b347df8d9a
commit b347df8d9a
parent fd5937b599
3 changed files with 19 additions and 4 deletions
--- a/cyassl/internal.h
+++ b/cyassl/internal.h
@ -561,7 +561,7 @@ enum Misc {
                                   digest sz + BLOC_SZ (iv) + pad byte (1) */
    MAX_COMP_EXTRA  = 1024,     /* max compression extra */
    MAX_MTU         = 1500,     /* max expected MTU */
-    MAX_UDP_SIZE    = MAX_MTU - 100,   /* don't exceed MTU w/ 100 byte header */
+    MAX_UDP_SIZE    = 8192 - 100, /* was MAX_MTU - 100 */
    MAX_DH_SZ       = 612,      /* 2240 p, pub, g + 2 byte size for each */
    MAX_STR_VERSION = 8,        /* string rep of protocol version */

@ -1693,6 +1693,7 @@ struct CYASSL {
    DtlsPool*       dtls_pool;
    DtlsMsg*        dtls_msg_list;
    void*           IOCB_CookieCtx;     /* gen cookie ctx */
+    word32          dtls_expected_rx;
 #endif
 #ifdef CYASSL_CALLBACKS
    HandShakeInfo   handShakeInfo;      /* info saved during handshake */
--- a/src/internal.c
+++ b/src/internal.c
@ -1286,6 +1286,7 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
    ssl->IOCB_WriteCtx = &ssl->wfd;  /* correctly set */
 #ifdef CYASSL_DTLS
    ssl->IOCB_CookieCtx = NULL;      /* we don't use for default cb */
+    ssl->dtls_expected_rx = MAX_MTU;
 #endif

 #ifndef NO_OLD_TLS
@ -4376,9 +4377,9 @@ static int GetInputData(CYASSL *ssl, word32 size)

 #ifdef CYASSL_DTLS
    if (ssl->options.dtls) {
-        if (size < MAX_MTU)
-            dtlsExtra = (int)(MAX_MTU - size);
-        inSz = MAX_MTU;       /* read ahead up to MTU */
+        if (size < ssl->dtls_expected_rx)
+            dtlsExtra = (int)(ssl->dtls_expected_rx - size);
+        inSz = ssl->dtls_expected_rx;  
    }
 #endif
    
--- a/src/ssl.c
+++ b/src/ssl.c
@ -88,6 +88,15 @@

 #endif /* min */

+#ifndef max
+
+    static INLINE word32 max(word32 a, word32 b)
+    {
+        return a > b ? a : b;
+    }
+
+#endif /* min */
+

 #ifndef CYASSL_LEANPSK
 char* mystrnstr(const char* s1, const char* s2, unsigned int n)
@ -440,6 +449,10 @@ static int CyaSSL_read_internal(CYASSL* ssl, void* data, int sz, int peek)
 #ifdef HAVE_ERRNO_H 
        errno = 0;
 #endif
+#ifdef CYASSL_DTLS
+    if (ssl->options.dtls)
+        ssl->dtls_expected_rx = max(sz + 100, MAX_MTU);
+#endif

    ret = ReceiveData(ssl, (byte*)data, min(sz, OUTPUT_RECORD_SIZE), peek);