diff options
author | Tor Brede Vekterli <vekterli@oath.com> | 2018-09-03 14:35:41 +0000 |
---|---|---|
committer | Tor Brede Vekterli <vekterli@oath.com> | 2018-09-03 14:35:41 +0000 |
commit | 644ab717dead94f56f89d0fbf0d9a97efb56f6e4 (patch) | |
tree | e48e7284e6b858e742cb3eea4b33fb647c2e5ba8 /vespalib | |
parent | 179ae7f8965beb80b687c1d365b5fa54c7c27890 (diff) |
Use correct TLSv1.2 max frame size limits
Diffstat (limited to 'vespalib')
-rw-r--r-- | vespalib/src/vespa/vespalib/net/tls/impl/openssl_crypto_codec_impl.cpp | 2 | ||||
-rw-r--r-- | vespalib/src/vespa/vespalib/net/tls/impl/openssl_crypto_codec_impl.h | 22 |
2 files changed, 14 insertions, 10 deletions
diff --git a/vespalib/src/vespa/vespalib/net/tls/impl/openssl_crypto_codec_impl.cpp b/vespalib/src/vespa/vespalib/net/tls/impl/openssl_crypto_codec_impl.cpp index 214b61cc14c..53d21e398ba 100644 --- a/vespalib/src/vespa/vespalib/net/tls/impl/openssl_crypto_codec_impl.cpp +++ b/vespalib/src/vespa/vespalib/net/tls/impl/openssl_crypto_codec_impl.cpp @@ -290,7 +290,7 @@ EncodeResult OpenSslCryptoCodecImpl::encode(const char* plaintext, size_t plaint } size_t bytes_consumed = 0; if (plaintext_size != 0) { - int to_consume = static_cast<int>(std::min(plaintext_size, MaximumFramePayloadSize)); + int to_consume = static_cast<int>(std::min(plaintext_size, MaximumFramePlaintextSize)); // SSL_write encodes plaintext to ciphertext and writes to _output_bio int consumed = ::SSL_write(_ssl.get(), plaintext, to_consume); LOG(spam, "After SSL_write() -> %d, _input_bio pending=%d, _output_bio pending=%d", diff --git a/vespalib/src/vespa/vespalib/net/tls/impl/openssl_crypto_codec_impl.h b/vespalib/src/vespa/vespalib/net/tls/impl/openssl_crypto_codec_impl.h index ad9e8575b97..44ca8859596 100644 --- a/vespalib/src/vespa/vespalib/net/tls/impl/openssl_crypto_codec_impl.h +++ b/vespalib/src/vespa/vespalib/net/tls/impl/openssl_crypto_codec_impl.h @@ -27,20 +27,24 @@ class OpenSslCryptoCodecImpl : public CryptoCodec { public: OpenSslCryptoCodecImpl(::SSL_CTX& ctx, Mode mode); - // These assumptions are cheekily hoisted from gRPC. - // As is mentioned there, the max protocol overhead per frame is not available - // dynamically, so an educated guess is made. - static constexpr size_t MaximumTlsFrameSize = 16*1024; - static constexpr size_t MaximumTlsFrameProtocolOverhead = 100; - static constexpr size_t MaximumFramePayloadSize = MaximumTlsFrameSize - MaximumTlsFrameProtocolOverhead; + /* + * From RFC 8449 (Record Size Limit Extension for TLS), section 1: + * "TLS versions 1.2 [RFC5246] and earlier permit senders to + * generate records 16384 octets in size, plus any expansion + * from compression and protection up to 2048 octets (though + * typically this expansion is only 16 octets). TLS 1.3 reduces + * the allowance for expansion to 256 octets." + * + * We're on TLSv1.2, so make room for the worst case. + */ + static constexpr size_t MaximumTlsFrameSize = 16384 + 2048; + static constexpr size_t MaximumFramePlaintextSize = 16384; size_t min_encode_buffer_size() const noexcept override { return MaximumTlsFrameSize; } size_t min_decode_buffer_size() const noexcept override { - // Technically this would be MaximumFramePayloadSize, but we like power - // of two numbers for buffer sizes, yes we do. - return MaximumTlsFrameSize; + return MaximumFramePlaintextSize; } HandshakeResult handshake(const char* from_peer, size_t from_peer_buf_size, |