diff options
| author | Daiki Ueno <dueno@redhat.com> | 2019-06-19 14:36:31 +0200 |
|---|---|---|
| committer | Daiki Ueno <dueno@redhat.com> | 2019-06-19 15:08:30 +0200 |
| commit | 1c5a1c865b12654798dd53af54357daca93f7dcf (patch) | |
| tree | 0f25e81806adc4c8eb39fba74217cf93253f7229 | |
| parent | abd4a54801fdc9e6497cb947ce92c5a82476d83b (diff) | |
| download | gnutls-1c5a1c865b12654798dd53af54357daca93f7dcf.tar.gz | |
gnutls-serv: add --recordsize option
This adds a means to set maximum record size to receive. If the size
is less than our default (< 512), --priority with %ALLOW_SMALL_RECORDS
also needs to be specified.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
| -rw-r--r-- | src/serv-args.def | 8 | ||||
| -rw-r--r-- | src/serv.c | 14 |
2 files changed, 22 insertions, 0 deletions
diff --git a/src/serv-args.def b/src/serv-args.def index 4be3d9f298..1e770a5f51 100644 --- a/src/serv-args.def +++ b/src/serv-args.def @@ -332,6 +332,14 @@ flag = { doc = ""; }; +flag = { + name = recordsize; + arg-type = number; + arg-range = "0->16384"; + descrip = "The maximum record size to advertise"; + doc = ""; +}; + doc-section = { ds-type = 'SEE ALSO'; // or anything else ds-format = 'texi'; // or texi or mdoc format diff --git a/src/serv.c b/src/serv.c index 6043fed7fe..ced393822f 100644 --- a/src/serv.c +++ b/src/serv.c @@ -88,6 +88,7 @@ unsigned alpn_protos_size = 0; gnutls_datum_t session_ticket_key; gnutls_anti_replay_t anti_replay; +int record_max_size; static void tcp_server(const char *name, int port); /* end of globals */ @@ -477,6 +478,17 @@ gnutls_session_t initialize_session(int dtls) GNUTLS_CERT_REQUEST); } + /* use the record size limit extension */ + if (record_max_size > 0) { + if (gnutls_record_set_max_recv_size(session, record_max_size) < + 0) { + fprintf(stderr, + "Cannot set the maximum record receive size to %d.\n", + record_max_size); + exit(1); + } + } + if (HAVE_OPT(HEARTBEAT)) gnutls_heartbeat_enable(session, GNUTLS_HB_PEER_ALLOWED_TO_SEND); @@ -1723,6 +1735,8 @@ static void cmd_parser(int argc, char **argv) else http = 1; + record_max_size = OPT_VALUE_RECORDSIZE; + if (HAVE_OPT(X509FMTDER)) x509ctype = GNUTLS_X509_FMT_DER; else |