RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 12:17:44 +00:00
Code Issues Activity Actions

LibTLS: Split large application data packets into chunks

Browse source 
Each TLS record has a limited max size, we should respect that and split
the packets.
Fixes RecordOverflow errors when a packet larger than 18432 bytes is
sent over.
This commit is contained in:
Ali Mohammad Pur 2021-10-01 22:41:44 +03:30 committed by Ali Mohammad Pur
parent c3b14588ec
commit ab46864674
2 changed files with 32 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

19
Userland/Libraries/LibTLS/Record.cpp
View file

@ -37,13 +37,9 @@ void TLSv12::alert(AlertLevel level, AlertDescription code)
void TLSv12::write_packet(ByteBuffer& packet) void TLSv12::write_packet(ByteBuffer& packet)
{ {
auto ok = m_context.tls_buffer.try_append(packet.data(), packet.size()); auto schedule_or_perform_flush = [&](bool immediate) {
if (!ok) {
// Toooooo bad, drop the record on the ground.
return;
}
if (m_context.connection_status > ConnectionStatus::Disconnected) { if (m_context.connection_status > ConnectionStatus::Disconnected) {
if (!m_has_scheduled_write_flush) { if (!m_has_scheduled_write_flush && !immediate) {
dbgln_if(TLS_DEBUG, "Scheduling write of {}", m_context.tls_buffer.size()); dbgln_if(TLS_DEBUG, "Scheduling write of {}", m_context.tls_buffer.size());
deferred_invoke([this] { write_into_socket(); }); deferred_invoke([this] { write_into_socket(); });
m_has_scheduled_write_flush = true; m_has_scheduled_write_flush = true;
@ -55,6 +51,17 @@ void TLSv12::write_packet(ByteBuffer& packet)
m_has_scheduled_write_flush = true; m_has_scheduled_write_flush = true;
} }
} }
};
// Record size limit is 18432 bytes, leave some headroom and flush at 16K.
if (m_context.tls_buffer.size() + packet.size() > 16 * KiB)
schedule_or_perform_flush(true);
auto ok = m_context.tls_buffer.try_append(packet.data(), packet.size());
if (!ok) {
// Toooooo bad, drop the record on the ground.
return;
}
schedule_or_perform_flush(false);
} }
void TLSv12::update_packet(ByteBuffer& packet) void TLSv12::update_packet(ByteBuffer& packet)

11
Userland/Libraries/LibTLS/Socket.cpp
View file

@ -10,6 +10,11 @@
#include <LibCrypto/PK/Code/EMSA_PSS.h> #include <LibCrypto/PK/Code/EMSA_PSS.h>
#include <LibTLS/TLSv12.h> #include <LibTLS/TLSv12.h>
// Each record can hold at most 18432 bytes, leaving some headroom and rounding down to
// a nice number gives us a maximum of 16 KiB for user-supplied application data,
// which will be sent as a single record containing a single ApplicationData message.
constexpr static size_t MaximumApplicationDataChunkSize = 16 * KiB;
namespace TLS { namespace TLS {
Optional<ByteBuffer> TLSv12::read() Optional<ByteBuffer> TLSv12::read()
@ -67,12 +72,14 @@ bool TLSv12::write(ReadonlyBytes buffer)
return false; return false;
} }
PacketBuilder builder { MessageType::ApplicationData, m_context.options.version, buffer.size() }; for (size_t offset = 0; offset < buffer.size(); offset += MaximumApplicationDataChunkSize) {
builder.append(buffer); PacketBuilder builder { MessageType::ApplicationData, m_context.options.version, buffer.size() - offset };
builder.append(buffer.slice(offset, min(buffer.size() - offset, MaximumApplicationDataChunkSize)));
auto packet = builder.build(); auto packet = builder.build();
update_packet(packet); update_packet(packet);
write_packet(packet); write_packet(packet);
}
return true; return true;
} }