abc/lwip
1
0
Fork 0
mirror of https://git.savannah.nongnu.org/git/lwip.git synced 2025-08-07 15:04:39 +08:00
Code Issues Packages Projects Releases Wiki Activity

altcp_mbedtls_sndbuf: use mbedtls_ssl_get_record_expansion()

Browse Source
This commit is contained in:
goldsimon 2018-01-25 13:15:49 +01:00
parent 6606c4013f
commit de68c5bed6
1 changed files with 18 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/apps/altcp_tls/altcp_tls_mbedtls.c
View File

@ -92,21 +92,6 @@
#define ALTCP_MBEDTLS_ENTROPY_LEN 0 #define ALTCP_MBEDTLS_ENTROPY_LEN 0
#endif #endif
/** Define this to whatever overhead is suitable.
* Defaults to take care of record header, IV, AuthTag.
* The last '+16' is for alignment & security.
*/
#ifndef ALTCP_MBEDTLS_SNDBUF_OVERHEAD
#define ALTCP_MBEDTLS_SNDBUF_OVERHEAD (5 + 8 + 16 + (MEM_ALIGNMENT - 1) + 16)
#endif
/** When this is 1 and ALTCP_MBEDTLS_SNDBUF_OVERHEAD==1, the sndbuf
* is limited to the (negotiated) maximum fragment length.
*/
#ifndef ALTCP_MBEDTLS_SNDBUF_OVERHEAD_LIMIT_TO_MAX_FRAG_LEN
#define ALTCP_MBEDTLS_SNDBUF_OVERHEAD_LIMIT_TO_MAX_FRAG_LEN 1
#endif
/* Variable prototype, the actual declaration is at the end of this file /* Variable prototype, the actual declaration is at the end of this file
since it contains pointers to static functions declared here */ since it contains pointers to static functions declared here */
extern const struct altcp_functions altcp_mbedtls_functions; extern const struct altcp_functions altcp_mbedtls_functions;
@ -938,9 +923,6 @@ altcp_mbedtls_close(struct altcp_pcb *conn)
static u16_t static u16_t
altcp_mbedtls_sndbuf(struct altcp_pcb *conn) altcp_mbedtls_sndbuf(struct altcp_pcb *conn)
{ {
/* Take care of record header, IV, AuthTag */
#if ALTCP_MBEDTLS_SNDBUF_OVERHEAD
size_t ssl_added = ALTCP_MBEDTLS_SNDBUF_OVERHEAD;
if (conn) { if (conn) {
altcp_mbedtls_state_t *state; altcp_mbedtls_state_t *state;
@ -950,11 +932,15 @@ altcp_mbedtls_sndbuf(struct altcp_pcb *conn)
} }
if (conn->inner_conn) { if (conn->inner_conn) {
u16_t sndbuf = altcp_sndbuf(conn->inner_conn); u16_t sndbuf = altcp_sndbuf(conn->inner_conn);
/* Take care of record header, IV, AuthTag */
int ssl_expan = mbedtls_ssl_get_record_expansion(&state->ssl_context);
if (ssl_expan > 0) {
size_t ssl_added = (u16_t)LWIP_MIN(ssl_expan, 0xFFFF);
/* internal sndbuf smaller than our offset */ /* internal sndbuf smaller than our offset */
if (ssl_added < sndbuf) { if (ssl_added < sndbuf) {
size_t max_len = 0xFFFF; size_t max_len = 0xFFFF;
size_t ret; size_t ret;
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && ALTCP_MBEDTLS_SNDBUF_OVERHEAD_LIMIT_TO_MAX_FRAG_LEN #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
/* @todo: adjust ssl_added to real value related to negociated cipher */ /* @todo: adjust ssl_added to real value related to negociated cipher */
size_t max_frag_len = mbedtls_ssl_get_max_frag_len(&state->ssl_context); size_t max_frag_len = mbedtls_ssl_get_max_frag_len(&state->ssl_context);
max_len = LWIP_MIN(max_frag_len, max_len); max_len = LWIP_MIN(max_frag_len, max_len);
@ -966,10 +952,9 @@ altcp_mbedtls_sndbuf(struct altcp_pcb *conn)
} }
} }
} }
return 0; }
#else /* ALTCP_MBEDTLS_SNDBUF_OVERHEAD */ /* fallback: use sendbuf of the inner connection */
return altcp_default_sndbuf(conn); return altcp_default_sndbuf(conn);
#endif
} }
/** Write data to a TLS connection. Calls into mbedTLS, which in turn calls into /** Write data to a TLS connection. Calls into mbedTLS, which in turn calls into