Skip to content

Commit 5a19e44

Browse files
yosuke-wolfsslejohnstown
authored andcommitted
Add upper limit of max window size and packet size, Add unit tests
1 parent aa04eca commit 5a19e44

3 files changed

Lines changed: 54 additions & 0 deletions

File tree

src/ssh.c

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2518,8 +2518,12 @@ int wolfSSH_CTX_SetWindowPacketSize(WOLFSSH_CTX* ctx,
25182518
if (ctx == NULL)
25192519
return WS_BAD_ARGUMENT;
25202520

2521+
if (windowSz != 0 && windowSz > WINDOW_SZ_UPPER_BOUND)
2522+
return WS_BAD_ARGUMENT;
25212523
if (windowSz == 0)
25222524
windowSz = DEFAULT_WINDOW_SZ;
2525+
if (maxPacketSz != 0 && maxPacketSz > MAX_PACKET_SZ)
2526+
return WS_BAD_ARGUMENT;
25232527
if (maxPacketSz == 0)
25242528
maxPacketSz = DEFAULT_MAX_PACKET_SZ;
25252529

tests/api.c

Lines changed: 46 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -642,6 +642,51 @@ static void test_wolfSSH_CTX_UsePrivateKey_buffer_pem(void)
642642
}
643643

644644

645+
static void test_wolfSSH_CTX_SetWindowPacketSize(void)
646+
{
647+
WOLFSSH_CTX* ctx = NULL;
648+
649+
/* NULL ctx must be rejected. */
650+
AssertIntEQ(WS_BAD_ARGUMENT,
651+
wolfSSH_CTX_SetWindowPacketSize(NULL, 0, 0));
652+
653+
ctx = wolfSSH_CTX_new(WOLFSSH_ENDPOINT_SERVER, NULL);
654+
AssertNotNull(ctx);
655+
656+
/* Both zero: should default without error. */
657+
AssertIntEQ(WS_SUCCESS,
658+
wolfSSH_CTX_SetWindowPacketSize(ctx, 0, 0));
659+
660+
/* windowSz exactly at upper bound: must succeed and be stored. */
661+
AssertIntEQ(WS_SUCCESS,
662+
wolfSSH_CTX_SetWindowPacketSize(ctx, WINDOW_SZ_UPPER_BOUND, 0));
663+
AssertIntEQ(WINDOW_SZ_UPPER_BOUND, (int)ctx->windowSz);
664+
665+
/* windowSz one above upper bound: must fail. */
666+
AssertIntEQ(WS_BAD_ARGUMENT,
667+
wolfSSH_CTX_SetWindowPacketSize(ctx,
668+
WINDOW_SZ_UPPER_BOUND + 1, 0));
669+
670+
/* maxPacketSz exactly at transport limit: must succeed and be stored. */
671+
AssertIntEQ(WS_SUCCESS,
672+
wolfSSH_CTX_SetWindowPacketSize(ctx, 0, MAX_PACKET_SZ));
673+
AssertIntEQ(MAX_PACKET_SZ, (int)ctx->maxPacketSz);
674+
675+
/* maxPacketSz one above transport limit: must fail. */
676+
AssertIntEQ(WS_BAD_ARGUMENT,
677+
wolfSSH_CTX_SetWindowPacketSize(ctx, 0, MAX_PACKET_SZ + 1));
678+
679+
/* Both valid non-zero values: must succeed and be stored. */
680+
AssertIntEQ(WS_SUCCESS,
681+
wolfSSH_CTX_SetWindowPacketSize(ctx,
682+
DEFAULT_WINDOW_SZ, DEFAULT_MAX_PACKET_SZ));
683+
AssertIntEQ(DEFAULT_WINDOW_SZ, (int)ctx->windowSz);
684+
AssertIntEQ(DEFAULT_MAX_PACKET_SZ, (int)ctx->maxPacketSz);
685+
686+
wolfSSH_CTX_free(ctx);
687+
}
688+
689+
645690
static void test_wolfSSH_CertMan(void)
646691
{
647692
#ifdef WOLFSSH_CERTMAN
@@ -2277,6 +2322,7 @@ int wolfSSH_ApiTest(int argc, char** argv)
22772322
test_wolfSSH_CTX_UsePrivateKey_buffer();
22782323
test_wolfSSH_CTX_UseCert_buffer();
22792324
test_wolfSSH_CTX_UsePrivateKey_buffer_pem();
2325+
test_wolfSSH_CTX_SetWindowPacketSize();
22802326
test_wolfSSH_CertMan();
22812327
test_wolfSSH_ReadKey();
22822328
test_wolfSSH_ReadKey_badPad();

wolfssh/internal.h

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -449,6 +449,10 @@ enum NameIdType {
449449
#ifndef DEFAULT_WINDOW_SZ
450450
#define DEFAULT_WINDOW_SZ (128 * 1024)
451451
#endif
452+
#ifndef WINDOW_SZ_UPPER_BOUND
453+
/* Upper bound accepted by wolfSSH_CTX_SetWindowPacketSize(). */
454+
#define WINDOW_SZ_UPPER_BOUND (256 * 1024)
455+
#endif
452456
#ifndef DEFAULT_MAX_PACKET_SZ
453457
/* This is from RFC 4253 section 6.1. */
454458
#define DEFAULT_MAX_PACKET_SZ 32768

0 commit comments

Comments
 (0)