mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-01 04:20:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add API to query maximum plaintext size of incoming records

Browse Source 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
This commit is contained in:
Hanno Becker 2021-04-21 06:19:50 +01:00
parent be746949c4
commit 2d8e99b097
2 changed files with 44 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
include/mbedtls/ssl.h
View File

@ -3671,6 +3671,32 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl );
*/ */
int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ); int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl );
/**
* \brief Return the current maximum incoming record payload in bytes.
* This takes into account various factors, such as the
* config.h setting \c MBEDTLS_SSL_IN_CONTENT_LEN, extensions
* such as the max fragment length extension or record size limit
* extension if used, and the current record expansion.
*
* \note With DTLS, \c mbedtls_ssl_read() will return an error if
* called with a larger length value.
* With TLS, \c mbedtls_ssl_write() will fragment the input if
* necessary and return the number of bytes written; it is up
* to the caller to call \c mbedtls_ssl_write() again in
* order to send the remaining bytes if any.
*
* \sa mbedtls_ssl_set_mtu()
* \sa mbedtls_ssl_get_output_max_frag_len()
* \sa mbedtls_ssl_get_input_max_frag_len()
* \sa mbedtls_ssl_get_record_expansion()
*
* \param ssl SSL context
*
* \return Current maximum payload for an outgoing record,
* or a negative error code.
*/
int mbedtls_ssl_get_max_in_record_payload( const mbedtls_ssl_context *ssl );
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
/** /**
* \brief Return the peer certificate from the current connection. * \brief Return the peer certificate from the current connection.

18
library/ssl_tls.c
View File

@ -4767,6 +4767,24 @@ int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl )
return( (int) max_len ); return( (int) max_len );
} }
int mbedtls_ssl_get_max_in_record_payload( const mbedtls_ssl_context *ssl )
{
size_t max_len = MBEDTLS_SSL_IN_CONTENT_LEN;
#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
(void) ssl;
#endif
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
const size_t mfl = mbedtls_ssl_get_input_max_frag_len( ssl );
if( max_len > mfl )
max_len = mfl;
#endif
return( (int) max_len );
}
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl ) const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl )
{ {