From 787b658bb34200860d224ae7f301dac2917a19c7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Tue, 16 Jul 2013 15:43:17 +0200
Subject: [PATCH] Implement max_frag_len write restriction

---
 library/ssl_tls.c          |  4 ++--
 programs/ssl/ssl_client2.c | 22 ++++++++++++++--------
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index b6bb44f78..b2d3dc85a 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3416,8 +3416,8 @@ int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len )
         }
     }
 
-    n = ( len < SSL_MAX_CONTENT_LEN )
-        ? len : SSL_MAX_CONTENT_LEN;
+    n = ( len < ssl->max_frag_len )
+        ? len : ssl->max_frag_len;
 
     if( ssl->out_left != 0 )
     {
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 63c1b66fd..0a7048120 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -59,7 +59,10 @@
 #define DFL_AUTH_MODE           SSL_VERIFY_OPTIONAL
 #define DFL_MFL_CODE            SSL_MAX_FRAG_LEN_NONE
 
-#define GET_REQUEST "GET %s HTTP/1.0\r\n\r\n"
+/* Uncomment to test sending long paquets */
+#define LONG_HEADER // "User-agent: blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-END\r\n"
+
+#define GET_REQUEST "GET %s HTTP/1.0\r\n" LONG_HEADER "\r\n"
 
 /*
  * global options
@@ -201,7 +204,7 @@ int main( int argc, char *argv[] )
 #else
 int main( int argc, char *argv[] )
 {
-    int ret = 0, len, server_fd, i;
+    int ret = 0, len, server_fd, i, written;
     unsigned char buf[1024];
 #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
     unsigned char psk[256];
@@ -702,17 +705,20 @@ int main( int argc, char *argv[] )
 
     len = sprintf( (char *) buf, GET_REQUEST, opt.request_page );
 
-    while( ( ret = ssl_write( &ssl, buf, len ) ) <= 0 )
+    for( written = 0; written < len; written += ret )
     {
-        if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
+        while( ( ret = ssl_write( &ssl, buf + written, len - written ) ) <= 0 )
         {
-            printf( " failed\n  ! ssl_write returned -0x%x\n\n", -ret );
-            goto exit;
+            if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
+            {
+                printf( " failed\n  ! ssl_write returned -0x%x\n\n", -ret );
+                goto exit;
+            }
         }
     }
 
-    len = ret;
-    printf( " %d bytes written\n\n%s", len, (char *) buf );
+    buf[written] = '\0';
+    printf( " %d bytes written\n\n%s\n", written, (char *) buf );
 
     /*
      * 7. Read the HTTP response