TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-05-09 03:04:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

ssl_msg.c: Improve handshake message fragmenting message

Browse Source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
2026-02-03 17:31:12 +01:00
parent b952ba09d6
commit 4f0741498c
2 changed files with 11 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
library/ssl_msg.c
View File

@@ -2326,7 +2326,8 @@ int mbedtls_ssl_flight_transmit(mbedtls_ssl_context *ssl)
max_hs_frag_len : rem_len;
if (frag_off == 0 && cur_hs_frag_len != hs_len) {
MBEDTLS_SSL_DEBUG_MSG(2, ("fragmenting handshake message (%u > %u)",
MBEDTLS_SSL_DEBUG_MSG(2, ("fragmenting %s handshake message (%u > %u)",
mbedtls_ssl_get_hs_msg_name(cur->p[0]),
(unsigned) cur_hs_frag_len,
(unsigned) max_hs_frag_len));
}

18
tests/ssl-opt.sh
View File

@@ -10662,12 +10662,12 @@ requires_gnutls
requires_max_content_len 2048
run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \
"$G_SRV -u" \
"$P_CLI dtls=1 debug_level=2 \
"$P_CLI dtls=1 debug_level=5 \
crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \
key_file=$DATA_FILES_PATH/server8.key \
mtu=512 force_version=dtls12" \
0 \
-c "fragmenting handshake message" \
-c "fragmenting Certificate handshake message" \
-C "error"
# We use --insecure for the GnuTLS client because it expects
@@ -10689,7 +10689,7 @@ run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \
mtu=512 force_version=dtls12" \
"$G_CLI -u --insecure 127.0.0.1" \
0 \
-s "fragmenting handshake message"
-s "fragmenting Certificate handshake message"
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC
@@ -10701,7 +10701,7 @@ run_test "DTLS fragmenting: openssl server, DTLS 1.2" \
key_file=$DATA_FILES_PATH/server8.key \
mtu=512 force_version=dtls12" \
0 \
-c "fragmenting handshake message" \
-c "fragmenting Certificate handshake message" \
-C "error"
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
@@ -10714,7 +10714,7 @@ run_test "DTLS fragmenting: openssl client, DTLS 1.2" \
mtu=512 force_version=dtls12" \
"$O_CLI -dtls1_2" \
0 \
-s "fragmenting handshake message"
-s "fragmenting Certificate handshake message"
# interop tests for DTLS fragmentating with unreliable connection
#
@@ -10733,7 +10733,7 @@ run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \
key_file=$DATA_FILES_PATH/server8.key \
hs_timeout=250-60000 mtu=512 force_version=dtls12" \
0 \
-c "fragmenting handshake message" \
-c "fragmenting Certificate handshake message" \
-C "error"
requires_gnutls_next
@@ -10749,7 +10749,7 @@ run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \
hs_timeout=250-60000 mtu=512 force_version=dtls12" \
"$G_NEXT_CLI -u --insecure 127.0.0.1" \
0 \
-s "fragmenting handshake message"
-s "fragmenting Certificate handshake message"
## The test below requires 1.1.1a or higher version of openssl, otherwise
## it might trigger a bug due to openssl server (https://github.com/openssl/openssl/issues/6902)
@@ -10766,7 +10766,7 @@ run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \
key_file=$DATA_FILES_PATH/server8.key \
hs_timeout=250-60000 mtu=512 force_version=dtls12" \
0 \
-c "fragmenting handshake message" \
-c "fragmenting Certificate handshake message" \
-C "error"
## the test below will time out with certain seed.
@@ -10784,7 +10784,7 @@ run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \
hs_timeout=250-60000 mtu=512 force_version=dtls12" \
"$O_CLI -dtls1_2" \
0 \
-s "fragmenting handshake message"
-s "fragmenting Certificate handshake message"
# Tests for DTLS-SRTP (RFC 5764)
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP