lib/ext/max_record.c

   1 /*
   2  * Copyright (C) 2001-2012 Free Software Foundation, Inc.
   3  *
   4  * Author: Nikos Mavrogiannopoulos
   5  *
   6  * This file is part of GnuTLS.
   7  *
   8  * The GnuTLS is free software; you can redistribute it and/or
   9  * modify it under the terms of the GNU Lesser General Public License
  10  * as published by the Free Software Foundation; either version 3 of
  11  * the License, or (at your option) any later version.
  12  *
  13  * This library is distributed in the hope that it will be useful, but
  14  * WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  16  * Lesser General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU Lesser General Public License
  19  * along with this program.  If not, see <http://www.gnu.org/licenses/>
  20  *
  21  */
  22
  23 /* This file contains the code for the Max Record Size TLS extension.
  24  */
  25
  26 #include "gnutls_int.h"
  27 #include "gnutls_errors.h"
  28 #include "gnutls_num.h"
  29 #include <gnutls_extensions.h>
  30 #include <ext/max_record.h>
  31
  32 static int _gnutls_max_record_recv_params (gnutls_session_t session,
  33                                            const uint8_t * data,
  34                                            size_t data_size);
  35 static int _gnutls_max_record_send_params (gnutls_session_t session,
  36   gnutls_buffer_st* extdata);
  37
  38 static int _gnutls_max_record_unpack (gnutls_buffer_st * ps,
  39                                       extension_priv_data_t * _priv);
  40 static int _gnutls_max_record_pack (extension_priv_data_t _priv,
  41                                     gnutls_buffer_st * ps);
  42
  43 /* Maps record size to numbers according to the
  44  * extensions draft.
  45  */
  46 static int _gnutls_mre_num2record (int num);
  47 static int _gnutls_mre_record2num (uint16_t record_size);
  48
  49
  50 extension_entry_st ext_mod_max_record_size = {
  51   .name = "MAX RECORD SIZE",
  52   .type = GNUTLS_EXTENSION_MAX_RECORD_SIZE,
  53   .parse_type = GNUTLS_EXT_TLS,
  54
  55   .recv_func = _gnutls_max_record_recv_params,
  56   .send_func = _gnutls_max_record_send_params,
  57   .pack_func = _gnutls_max_record_pack,
  58   .unpack_func = _gnutls_max_record_unpack,
  59   .deinit_func = NULL
  60 };
  61
  62 /*
  63  * In case of a server: if a MAX_RECORD_SIZE extension type is received then it stores
  64  * into the session the new value. The server may use gnutls_get_max_record_size(),
  65  * in order to access it.
  66  *
  67  * In case of a client: If a different max record size (than the default) has
  68  * been specified then it sends the extension.
  69  *
  70  */
  71
  72 static int
  73 _gnutls_max_record_recv_params (gnutls_session_t session,
  74                                 const uint8_t * data, size_t _data_size)
  75 {
  76   ssize_t new_size;
  77   ssize_t data_size = _data_size;
  78   extension_priv_data_t epriv;
  79   int ret;
  80
  81   if (session->security_parameters.entity == GNUTLS_SERVER)
  82     {
  83       if (data_size > 0)
  84         {
  85           DECR_LEN (data_size, 1);
  86
  87           new_size = _gnutls_mre_num2record (data[0]);
  88
  89           if (new_size < 0)
  90             {
  91               gnutls_assert ();
  92               return new_size;
  93             }
  94
  95           session->security_parameters.max_record_send_size = new_size;
  96           session->security_parameters.max_record_recv_size = new_size;
  97         }
  98     }
  99   else
 100     {                           /* CLIENT SIDE - we must check if the sent record size is the right one
 101                                  */
 102       if (data_size > 0)
 103         {
 104           ret = _gnutls_ext_get_session_data (session,
 105                                               GNUTLS_EXTENSION_MAX_RECORD_SIZE,
 106                                               &epriv);
 107           if (ret < 0)
 108             {
 109               gnutls_assert ();
 110               return GNUTLS_E_INTERNAL_ERROR;
 111             }
 112
 113           if (data_size != 1)
 114             {
 115               gnutls_assert ();
 116               return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
 117             }
 118
 119           new_size = _gnutls_mre_num2record (data[0]);
 120
 121           if (new_size < 0 || new_size != (ssize_t)epriv.num)
 122             {
 123               gnutls_assert ();
 124               return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
 125             }
 126           else
 127             {
 128               session->security_parameters.max_record_recv_size = epriv.num;
 129             }
 130
 131         }
 132
 133
 134     }
 135
 136   return 0;
 137 }
 138
 139 /* returns data_size or a negative number on failure
 140  */
 141 static int
 142 _gnutls_max_record_send_params (gnutls_session_t session, gnutls_buffer_st* extdata)
 143 {
 144   uint8_t p;
 145   int ret;
 146
 147   /* this function sends the client extension data (dnsname) */
 148   if (session->security_parameters.entity == GNUTLS_CLIENT)
 149     {
 150       extension_priv_data_t epriv;
 151
 152       ret = _gnutls_ext_get_session_data (session,
 153                                           GNUTLS_EXTENSION_MAX_RECORD_SIZE,
 154                                           &epriv);
 155       if (ret < 0)              /* it is ok not to have it */
 156         {
 157           return 0;
 158         }
 159
 160       if (epriv.num != DEFAULT_MAX_RECORD_SIZE)
 161         {
 162           p = (uint8_t) _gnutls_mre_record2num (epriv.num);
 163           ret = _gnutls_buffer_append_data( extdata, &p, 1);
 164           if (ret < 0)
 165             return gnutls_assert_val(ret);
 166
 167           return 1;
 168         }
 169
 170     }
 171   else
 172     {                           /* server side */
 173
 174       if (session->security_parameters.max_record_recv_size !=
 175           DEFAULT_MAX_RECORD_SIZE)
 176         {
 177           p =
 178             (uint8_t)
 179             _gnutls_mre_record2num
 180             (session->security_parameters.max_record_recv_size);
 181
 182           ret = _gnutls_buffer_append_data( extdata, &p, 1);
 183           if (ret < 0)
 184             return gnutls_assert_val(ret);
 185
 186           return 1;
 187         }
 188     }
 189
 190   return 0;
 191 }
 192
 193
 194 static int
 195 _gnutls_max_record_pack (extension_priv_data_t epriv, gnutls_buffer_st * ps)
 196 {
 197   int ret;
 198
 199   BUFFER_APPEND_NUM (ps, epriv.num);
 200
 201   return 0;
 202
 203 }
 204
 205 static int
 206 _gnutls_max_record_unpack (gnutls_buffer_st * ps,
 207                            extension_priv_data_t * _priv)
 208 {
 209   extension_priv_data_t epriv;
 210   int ret;
 211
 212   BUFFER_POP_NUM (ps, epriv.num);
 213
 214   *_priv = epriv;
 215
 216   ret = 0;
 217 error:
 218   return ret;
 219 }
 220
 221
 222 /* Maps numbers to record sizes according to the
 223  * extensions draft.
 224  */
 225 static int
 226 _gnutls_mre_num2record (int num)
 227 {
 228   switch (num)
 229     {
 230     case 1:
 231       return 512;
 232     case 2:
 233       return 1024;
 234     case 3:
 235       return 2048;
 236     case 4:
 237       return 4096;
 238     default:
 239       return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
 240     }
 241 }
 242
 243 /* Maps record size to numbers according to the
 244  * extensions draft.
 245  */
 246 static int
 247 _gnutls_mre_record2num (uint16_t record_size)
 248 {
 249   switch (record_size)
 250     {
 251     case 512:
 252       return 1;
 253     case 1024:
 254       return 2;
 255     case 2048:
 256       return 3;
 257     case 4096:
 258       return 4;
 259     default:
 260       return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
 261     }
 262
 263 }
 264
 265 /**
 266  * gnutls_record_get_max_size:
 267  * @session: is a #gnutls_session_t structure.
 268  *
 269  * Get the record size.  The maximum record size is negotiated by the
 270  * client after the first handshake message.
 271  *
 272  * Returns: The maximum record packet size in this connection.
 273  **/
 274 size_t
 275 gnutls_record_get_max_size (gnutls_session_t session)
 276 {
 277   /* Recv will hold the negotiated max record size
 278    * always.
 279    */
 280   return session->security_parameters.max_record_recv_size;
 281 }
 282
 283
 284 /**
 285  * gnutls_record_set_max_size:
 286  * @session: is a #gnutls_session_t structure.
 287  * @size: is the new size
 288  *
 289  * This function sets the maximum record packet size in this
 290  * connection.  This property can only be set to clients.  The server
 291  * may choose not to accept the requested size.
 292  *
 293  * Acceptable values are 512(=2^9), 1024(=2^10), 2048(=2^11) and
 294  * 4096(=2^12).  The requested record size does get in effect
 295  * immediately only while sending data. The receive part will take
 296  * effect after a successful handshake.
 297  *
 298  * This function uses a TLS extension called 'max record size'.  Not
 299  * all TLS implementations use or even understand this extension.
 300  *
 301  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
 302  *   otherwise a negative error code is returned.
 303  **/
 304 ssize_t
 305 gnutls_record_set_max_size (gnutls_session_t session, size_t size)
 306 {
 307   ssize_t new_size;
 308   extension_priv_data_t epriv;
 309
 310   if (session->security_parameters.entity == GNUTLS_SERVER)
 311     return GNUTLS_E_INVALID_REQUEST;
 312
 313   new_size = _gnutls_mre_record2num (size);
 314
 315   if (new_size < 0)
 316     {
 317       gnutls_assert ();
 318       return new_size;
 319     }
 320
 321   session->security_parameters.max_record_send_size = size;
 322   epriv.num = size;
 323
 324   _gnutls_ext_set_session_data (session, GNUTLS_EXTENSION_MAX_RECORD_SIZE,
 325                                 epriv);
 326
 327   return 0;
 328 }