mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-29 03:32:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add max_early_data_size option for ssl_sever2

Browse Source 
- to set max_early_data_set

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-11-05 23:14:47 +08:00
parent cc4e007ff6
commit 7854a4e019
1 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
programs/ssl/ssl_server2.c
View File

@ -129,6 +129,7 @@ int main( void )
#define DFL_SNI NULL #define DFL_SNI NULL
#define DFL_ALPN_STRING NULL #define DFL_ALPN_STRING NULL
#define DFL_CURVES NULL #define DFL_CURVES NULL
#define DFL_MAX_EARLY_DATA_SIZE 0
#define DFL_SIG_ALGS NULL #define DFL_SIG_ALGS NULL
#define DFL_DHM_FILE NULL #define DFL_DHM_FILE NULL
#define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM #define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM
@ -424,6 +425,16 @@ int main( void )
#define USAGE_ECJPAKE "" #define USAGE_ECJPAKE ""
#endif #endif
#if defined(MBEDTLS_SSL_EARLY_DATA)
#define USAGE_EARLY_DATA \
" max_early_data_size=%%d default: 0 (disabled)\n" \
" options: 0 (disabled), " \
" -1 (enabled, builtin max size), " \
" n > 0 (enabled, max amount data for 0-RTT )\n"
#else
#define USAGE_EARLY_DATA ""
#endif /* MBEDTLS_SSL_EARLY_DATA */
#if defined(MBEDTLS_ECP_C) #if defined(MBEDTLS_ECP_C)
#define USAGE_CURVES \ #define USAGE_CURVES \
" curves=a,b,c,d default: \"default\" (library default)\n" \ " curves=a,b,c,d default: \"default\" (library default)\n" \
@ -680,6 +691,7 @@ struct options
const char *cid_val_renego; /* the CID to use for incoming messages const char *cid_val_renego; /* the CID to use for incoming messages
* after renegotiation */ * after renegotiation */
int reproducible; /* make communication reproducible */ int reproducible; /* make communication reproducible */
uint32_t max_early_data_size; /* max amount early data */
int query_config_mode; /* whether to read config */ int query_config_mode; /* whether to read config */
int use_srtp; /* Support SRTP */ int use_srtp; /* Support SRTP */
int force_srtp_profile; /* SRTP protection profile to use or all */ int force_srtp_profile; /* SRTP protection profile to use or all */
@ -1695,6 +1707,7 @@ int main( int argc, char *argv[] )
opt.sni = DFL_SNI; opt.sni = DFL_SNI;
opt.alpn_string = DFL_ALPN_STRING; opt.alpn_string = DFL_ALPN_STRING;
opt.curves = DFL_CURVES; opt.curves = DFL_CURVES;
opt.max_early_data_size = DFL_MAX_EARLY_DATA_SIZE;
opt.sig_algs = DFL_SIG_ALGS; opt.sig_algs = DFL_SIG_ALGS;
opt.dhm_file = DFL_DHM_FILE; opt.dhm_file = DFL_DHM_FILE;
opt.transport = DFL_TRANSPORT; opt.transport = DFL_TRANSPORT;
@ -1891,6 +1904,12 @@ int main( int argc, char *argv[] )
else if( strcmp( p, "sig_algs" ) == 0 ) else if( strcmp( p, "sig_algs" ) == 0 )
opt.sig_algs = q; opt.sig_algs = q;
#endif #endif
#if defined(MBEDTLS_SSL_EARLY_DATA)
else if( strcmp( p, "max_early_data_size" ) == 0 )
{
opt.max_early_data_size = atoi( q );
}
#endif /* MBEDTLS_SSL_EARLY_DATA */
else if( strcmp( p, "renegotiation" ) == 0 ) else if( strcmp( p, "renegotiation" ) == 0 )
{ {
opt.renegotiation = (atoi( q )) ? opt.renegotiation = (atoi( q )) ?
@ -2886,6 +2905,10 @@ int main( int argc, char *argv[] )
if( opt.cert_req_ca_list != DFL_CERT_REQ_CA_LIST ) if( opt.cert_req_ca_list != DFL_CERT_REQ_CA_LIST )
mbedtls_ssl_conf_cert_req_ca_list( &conf, opt.cert_req_ca_list ); mbedtls_ssl_conf_cert_req_ca_list( &conf, opt.cert_req_ca_list );
#if defined(MBEDTLS_SSL_EARLY_DATA)
mbedtls_ssl_tls13_conf_max_early_data_size( &conf, opt.max_early_data_size );
#endif /* MBEDTLS_SSL_EARLY_DATA */
#if defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
/* exercise setting DN hints for server certificate request /* exercise setting DN hints for server certificate request
* (Intended for use where the client cert expected has been signed by * (Intended for use where the client cert expected has been signed by