[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-devel] [bug #52836] altcp_write error because of invalid sndbuf av

From: David GIRAULT
Subject: [lwip-devel] [bug #52836] altcp_write error because of invalid sndbuf available returned
Date: Mon, 15 Jan 2018 10:46:32 -0500 (EST)
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36

Follow-up Comment #4, bug #52836 (project lwip):

Sorry, have no time to reply before.

No problem for your editing, I try to push bugs I found in an early state so
it can be discussed. Patch I gave are subject to change (and this one wasn't
rebase to latest master of lwip du to lack of time)...

For your questions, the ssl_added variable include
- the SSL record header which is 5 bytes,
- the 8 bytes IV use to encrypt the record,
- the 16 bytes TAG use to authenticate the record,
- 3 additional bytes to keep a size aligned (may not be necessary),
- 16 additional bytes for security because the IV and TAG size may change and
if TAG is 32 bytes (SHA512 for example), you loose because calculated sndbuf
will be to big.

Since I don't known how I can gather the size of IV and TAG negotiated by SSL
during handshake, I put some conservative value here.

If you know some mbedTLS functions that can do this job, it will be great to
use them.

Sorry I don't understand you question in comment #2, but what I see in
`mbedtls_ssl_write` is that it always fail if provided buffer size is >
negociated fragment/record size and previous fragment is always flushed
before, so it always start with a new fragment. It result `sndbuf` MUST be <=


Reply to this item at:


  Message sent via/by Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]