Improve documentation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 85c2524..8a77df5 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -112,9 +112,9 @@
RECOMBINE_TRUNCATE_FIRST, /* param: offset of truncation (<=0 means from end) */
RECOMBINE_INSERT_EMPTY, /* param: offset (<0 means from end) */
RECOMBINE_INSERT_RECORD, /* param: record type */
- RECOMBINE_COALESCE, /* param: min number of records */
+ RECOMBINE_COALESCE, /* param: number of records (INT_MAX=all) */
RECOMBINE_COALESCE_SPLIT_ONCE, /* param: offset of split (<=0 means from end) */
- RECOMBINE_COALESCE_SPLIT_ENDS, /* the hairiest one? param: offset, must be >0 */
+ RECOMBINE_COALESCE_SPLIT_BOTH_ENDS, /* param: offset, must be >0 */
} recombine_records_instruction_t;
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
@@ -272,6 +272,10 @@
* DTLS is not supported.
* Encrypted or authenticated handshake records are not supported.
* Assume the buffer content is a valid sequence of records.
+ *
+ * Coalesce only the first max records, or all the records if there are
+ * fewer than max.
+ * Return the number of coalesced records, or -1 on error.
*/
static int recombine_coalesce_handshake_records(mbedtls_test_ssl_buffer *buf,
int max)
@@ -361,6 +365,9 @@
case RECOMBINE_COALESCE:
ret = recombine_coalesce_handshake_records(buf, param);
+ /* If param != INT_MAX, enforce that there were that many
+ * records to coalesce. In particular, 1 < param < INT_MAX
+ * ensures that library will see some coalesced records. */
if (param == INT_MAX) {
TEST_LE_S(1, ret);
} else {
@@ -378,7 +385,7 @@
TEST_LE_S(0, ret);
break;
- case RECOMBINE_COALESCE_SPLIT_ENDS:
+ case RECOMBINE_COALESCE_SPLIT_BOTH_ENDS:
ret = recombine_coalesce_handshake_records(buf, INT_MAX);
/* Accept a single record, which will be split at both ends */
TEST_LE_S(1, ret);
@@ -3143,6 +3150,12 @@
char *client_log, char *server_log,
int goal_state, int expected_ret)
{
+ /* Make sure we have a buffer that's large enough for the longest
+ * data that the library might ever send, plus a bit extra so that
+ * we can inject more content. The library won't ever send more than
+ * 2^14 bytes of handshake messages, so we round that up. In practice
+ * we could surely get away with a much smaller buffer. The main
+ * variable part is the server certificate. */
enum { BUFFSIZE = 17000 };
mbedtls_test_ssl_endpoint client;
memset(&client, 0, sizeof(client));
diff --git a/tests/suites/test_suite_ssl.records.data b/tests/suites/test_suite_ssl.records.data
index e94f554..edc2754 100644
--- a/tests/suites/test_suite_ssl.records.data
+++ b/tests/suites/test_suite_ssl.records.data
@@ -159,4 +159,4 @@
Recombine server flight 1: TLS 1.2, coalesce and split at both ends
depends_on:MBEDTLS_SSL_PROTO_TLS1_2
-recombine_server_first_flight:MBEDTLS_SSL_VERSION_TLS1_2:RECOMBINE_COALESCE_SPLIT_ENDS:5:"subsequent handshake fragment\: 5,":"<= handshake wrapup":MBEDTLS_SSL_HANDSHAKE_OVER:0
+recombine_server_first_flight:MBEDTLS_SSL_VERSION_TLS1_2:RECOMBINE_COALESCE_SPLIT_BOTH_ENDS:5:"subsequent handshake fragment\: 5,":"<= handshake wrapup":MBEDTLS_SSL_HANDSHAKE_OVER:0