Split the maximum fragment length into two - an input and output MFL Since the server might want to have a different maximum fragment length for the outgoing messages than the negotiated one - introduce a new way of computing it. This commit also adds additional ssl-opt.sh tests ensuring that the maximum fragment lengths are set as expected. mbedtls_ssl_get_max_frag_len() is now a deprecated function, being an alias to mbedtls_ssl_get_output_max_frag_len(). The behaviour of this function is the same as before. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

commit: 90c6e84a9c3e1823af6430d948e1e3e80521b01d [log] [tgz]
author: Andrzej Kurek <andrzej.kurek@arm.com> Fri Apr 03 05:25:29 2020 -0400
committer: Andrzej Kurek <andrzej.kurek@arm.com> Thu Apr 09 04:30:34 2020 -0400
tree: ba005ade783358fd92750f0a3611b3d209db05c5
parent: d4a720f5418896886ceac01e17793ea1494bca09 [diff] [blame]
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index f1b5c37..845881f 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c

@@ -3633,8 +3633,10 @@
         mbedtls_printf( "    [ Record expansion is unknown (compression) ]\n" );
 
 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    mbedtls_printf( "    [ Maximum fragment length is %u ]\n",
-                    (unsigned int) mbedtls_ssl_get_max_frag_len( &ssl ) );
+    mbedtls_printf( "    [ Maximum input fragment length is %u ]\n",
+                    (unsigned int) mbedtls_ssl_get_input_max_frag_len( &ssl ) );
+    mbedtls_printf( "    [ Maximum output fragment length is %u ]\n",
+                    (unsigned int) mbedtls_ssl_get_output_max_frag_len( &ssl ) );
 #endif
 
 #if defined(MBEDTLS_SSL_ALPN)
commit	90c6e84a9c3e1823af6430d948e1e3e80521b01d	[log] [tgz]
author	Andrzej Kurek <andrzej.kurek@arm.com>	Fri Apr 03 05:25:29 2020 -0400
committer	Andrzej Kurek <andrzej.kurek@arm.com>	Thu Apr 09 04:30:34 2020 -0400
tree	ba005ade783358fd92750f0a3611b3d209db05c5
parent	d4a720f5418896886ceac01e17793ea1494bca09 [diff] [blame]