1 (edited by move 2019-05-02 11:09:26)

Topic: test if a given extension is negotiated

I want to check if the max_fragment_length extension is negotiated. I could sniff the server_hello message and parse it in the client. But is there built-in support for this?

Thanks a lot!

Share

Re: test if a given extension is negotiated

Hi move,

I don't believe there's a way to detect at runtime if the max_fragment_length has been negotiated, but you are able to check the current values of the max_fragment_length extension in the ssl object by using the wolfSSL_GetMaxOutputSize API. It checks the SSL object and returns what the current max_fragment_length extension value is.

Hope this helps!

Share

Re: test if a given extension is negotiated

Hi @move,

You noted you can sniff the server hello, can you capture a wireshark trace of the connection from either the client or server side? If so you should be able to expand the Wireshark packet to see which max fragment length is negotiated.

Warm Regards,

K