commit 581e6b6d6cbdc2f913876fd4c0cfb1531da87e66
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu Jul 18 12:32:27 2013 +0200
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu Jul 18 12:32:27 2013 +0200
tree c7784144dcacbcb4900330990b6e31c6b5de369e
parent 8e714d7acad8b68e4be7aa6fde88c75b75b44c36

Prepare migrating max fragment length to session

Remove max_frag_len member so that reseting session by memset()ing it to zero
does the right thing.

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index d6be987..0374ee8 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -59,6 +59,23 @@
 #define strcasecmp _stricmp
 #endif
 
+/*
+ * Convert max_fragment_length codes to length.
+ * RFC 6066 says:
+ *    enum{
+ *        2^9(1), 2^10(2), 2^11(3), 2^12(4), (255)
+ *    } MaxFragmentLength;
+ * and we add 0 -> extension unused
+ */
+static unsigned int mfl_code_to_length[] =
+{
+    SSL_MAX_CONTENT_LEN,    /* SSL_MAX_FRAG_LEN_NONE */
+    512,                    /* SSL_MAX_FRAG_LEN_512  */
+    1024,                   /* SSL_MAX_FRAG_LEN_1024 */
+    2048,                   /* SSL_MAX_FRAG_LEN_2048 */
+    4096,                   /* SSL_MAX_FRAG_LEN_4096 */
+};
+
 #if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
 int (*ssl_hw_record_init)(ssl_context *ssl,
                        const unsigned char *key_enc, const unsigned char *key_dec,
@@ -2827,7 +2844,6 @@
     memset( ssl->out_ctr, 0, SSL_BUFFER_LEN );
 
     ssl->mfl_code = SSL_MAX_FRAG_LEN_NONE;
-    ssl->max_frag_len = SSL_MAX_CONTENT_LEN;
 
     ssl->hostname = NULL;
     ssl->hostname_len = 0;
@@ -2871,7 +2887,6 @@
     ssl->out_left = 0;
 
     ssl->mfl_code = SSL_MAX_FRAG_LEN_NONE;
-    ssl->max_frag_len = SSL_MAX_CONTENT_LEN;
 
     ssl->transform_in = NULL;
     ssl->transform_out = NULL;
@@ -3119,35 +3134,13 @@
 
 int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code )
 {
-    uint16_t max_frag_len;
-
-    switch( mfl_code )
+    if( mfl_code >= sizeof( mfl_code_to_length ) ||
+        mfl_code_to_length[mfl_code] > SSL_MAX_CONTENT_LEN )
     {
-        case SSL_MAX_FRAG_LEN_512:
-            max_frag_len = 512;
-            break;
-
-        case SSL_MAX_FRAG_LEN_1024:
-            max_frag_len = 1024;
-            break;
-
-        case SSL_MAX_FRAG_LEN_2048:
-            max_frag_len = 2048;
-            break;
-
-        case SSL_MAX_FRAG_LEN_4096:
-            max_frag_len = 4096;
-            break;
-
-        default:
-            return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
+        return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
     }
 
-    if( max_frag_len > SSL_MAX_CONTENT_LEN )
-        return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
-
     ssl->mfl_code = mfl_code;
-    ssl->max_frag_len = max_frag_len;
 
     return( 0 );
 }
@@ -3413,6 +3406,7 @@
 {
     int ret;
     size_t n;
+    unsigned int max_len;
 
     SSL_DEBUG_MSG( 2, ( "=> write" ) );
 
@@ -3425,8 +3419,12 @@
         }
     }
 
-    n = ( len < ssl->max_frag_len )
-        ? len : ssl->max_frag_len;
+    /*
+     * Assume mfl_code is correct since it was checked when set
+     */
+    max_len = mfl_code_to_length[ssl->mfl_code];
+
+    n = ( len < max_len) ? len : max_len;
 
     if( ssl->out_left != 0 )
     {