[Help-gnutls] TLS message boundary
Ang Way Chuang
wcang at yahoo.com
Thu Mar 2 06:05:37 CET 2006
> SSL/TLS will fragment your data message if it is larger than the
> record size (max 16k) - and it is up to the receiving application
> to put the fragments back together.
Thanks. But typically my application will only send data that are
less than 100 bytes and will not send more than 500 bytes at any
particular time. So is the data message boundary still respected in
such cases?
I did a quick test on my simple gnutls client/server app:
client:
buf[0] = 0;
for (i = 0; i < 10; i++) {
sprintf(temp, "%c", 'a' + i);
strcat(buf, temp);
len = strlen(buf) + 1;
ret = gnutls_record_send(session, buf, len);
if (ret != len) {
fprintf(stderr, "buffer length(%d) doesn't equal to send len(%d)\n", len, ret);
}
}
gnutls_bye(session, GNUTLS_SHUT_WR);
server:
try = 10;
while (try-- > 0) {
FD_ZERO(&read_fds);
FD_SET(sockfd, &read_fds);
select(sockfd + 1, &read_fds, NULL, NULL, NULL);
}
do {
ret = gnutls_record_recv(session, buf, sizeof(buf));
printf("length %d\n", ret);
printf("buffer: %s\n", buf);
} while (ret != 0);
The output on server:
length 2
buffer: a
length 3
buffer: ab
length 4
buffer: abc
length 5
buffer: abcd
length 6
buffer: abcde
length 7
buffer: abcdef
length 8
buffer: abcdefg
length 9
buffer: abcdefgh
length 10
buffer: abcdefghi
length 11
buffer: abcdefghij
Seems like data message boundary is still respected because none
of data are truncated/appended. The test is performed on loop back
interface. So is it 100% safe to assume gnutls_record_recv respect
data message boundary for app that sends less than 16k? Please advise.
Thanks in advance
Regards,
Ang Way Chuang
May you be well and happy
---------------------------------
Yahoo! Messenger NEW - crystal clear PC to PC calling worldwide with voicemail
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20060302/b55d33c2/attachment.htm>
More information about the Gnutls-help
mailing list