mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2024-09-20 09:49:15 +03:00
LibTLS: Split large application data packets into chunks
Each TLS record has a limited max size, we should respect that and split the packets. Fixes RecordOverflow errors when a packet larger than 18432 bytes is sent over.
This commit is contained in:
parent
c3b14588ec
commit
ab46864674
Notes:
sideshowbarker
2024-07-18 03:10:19 +09:00
Author: https://github.com/alimpfard Commit: https://github.com/SerenityOS/serenity/commit/ab46864674f Pull-request: https://github.com/SerenityOS/serenity/pull/10302 Reviewed-by: https://github.com/bgianfo
@ -37,24 +37,31 @@ void TLSv12::alert(AlertLevel level, AlertDescription code)
|
||||
|
||||
void TLSv12::write_packet(ByteBuffer& packet)
|
||||
{
|
||||
auto schedule_or_perform_flush = [&](bool immediate) {
|
||||
if (m_context.connection_status > ConnectionStatus::Disconnected) {
|
||||
if (!m_has_scheduled_write_flush && !immediate) {
|
||||
dbgln_if(TLS_DEBUG, "Scheduling write of {}", m_context.tls_buffer.size());
|
||||
deferred_invoke([this] { write_into_socket(); });
|
||||
m_has_scheduled_write_flush = true;
|
||||
} else {
|
||||
// multiple packet are available, let's flush some out
|
||||
dbgln_if(TLS_DEBUG, "Flushing scheduled write of {}", m_context.tls_buffer.size());
|
||||
write_into_socket();
|
||||
// the deferred invoke is still in place
|
||||
m_has_scheduled_write_flush = true;
|
||||
}
|
||||
}
|
||||
};
|
||||
// Record size limit is 18432 bytes, leave some headroom and flush at 16K.
|
||||
if (m_context.tls_buffer.size() + packet.size() > 16 * KiB)
|
||||
schedule_or_perform_flush(true);
|
||||
|
||||
auto ok = m_context.tls_buffer.try_append(packet.data(), packet.size());
|
||||
if (!ok) {
|
||||
// Toooooo bad, drop the record on the ground.
|
||||
return;
|
||||
}
|
||||
if (m_context.connection_status > ConnectionStatus::Disconnected) {
|
||||
if (!m_has_scheduled_write_flush) {
|
||||
dbgln_if(TLS_DEBUG, "Scheduling write of {}", m_context.tls_buffer.size());
|
||||
deferred_invoke([this] { write_into_socket(); });
|
||||
m_has_scheduled_write_flush = true;
|
||||
} else {
|
||||
// multiple packet are available, let's flush some out
|
||||
dbgln_if(TLS_DEBUG, "Flushing scheduled write of {}", m_context.tls_buffer.size());
|
||||
write_into_socket();
|
||||
// the deferred invoke is still in place
|
||||
m_has_scheduled_write_flush = true;
|
||||
}
|
||||
}
|
||||
schedule_or_perform_flush(false);
|
||||
}
|
||||
|
||||
void TLSv12::update_packet(ByteBuffer& packet)
|
||||
|
@ -10,6 +10,11 @@
|
||||
#include <LibCrypto/PK/Code/EMSA_PSS.h>
|
||||
#include <LibTLS/TLSv12.h>
|
||||
|
||||
// Each record can hold at most 18432 bytes, leaving some headroom and rounding down to
|
||||
// a nice number gives us a maximum of 16 KiB for user-supplied application data,
|
||||
// which will be sent as a single record containing a single ApplicationData message.
|
||||
constexpr static size_t MaximumApplicationDataChunkSize = 16 * KiB;
|
||||
|
||||
namespace TLS {
|
||||
|
||||
Optional<ByteBuffer> TLSv12::read()
|
||||
@ -67,12 +72,14 @@ bool TLSv12::write(ReadonlyBytes buffer)
|
||||
return false;
|
||||
}
|
||||
|
||||
PacketBuilder builder { MessageType::ApplicationData, m_context.options.version, buffer.size() };
|
||||
builder.append(buffer);
|
||||
auto packet = builder.build();
|
||||
for (size_t offset = 0; offset < buffer.size(); offset += MaximumApplicationDataChunkSize) {
|
||||
PacketBuilder builder { MessageType::ApplicationData, m_context.options.version, buffer.size() - offset };
|
||||
builder.append(buffer.slice(offset, min(buffer.size() - offset, MaximumApplicationDataChunkSize)));
|
||||
auto packet = builder.build();
|
||||
|
||||
update_packet(packet);
|
||||
write_packet(packet);
|
||||
update_packet(packet);
|
||||
write_packet(packet);
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user