mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-19 09:40:29 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Stop sending record size limit extension if it's not sent from client

Browse Source 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
This commit is contained in:
Waleed Elmelegy 2024-01-04 18:04:53 +00:00
parent 148dfb6457
commit d2fc90e024
1 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
library/ssl_tls13_server.c
View File

@ -2500,6 +2500,9 @@ static int ssl_tls13_write_encrypted_extensions_body(mbedtls_ssl_context *ssl,
size_t extensions_len = 0;
unsigned char *p_extensions_len;
size_t output_len;
#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
uint32_t record_size_extension_mask;
#endif
*out_len = 0;
@ -2531,12 +2534,15 @@ static int ssl_tls13_write_encrypted_extensions_body(mbedtls_ssl_context *ssl,
#endif /* MBEDTLS_SSL_EARLY_DATA */
#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
ret = mbedtls_ssl_tls13_write_record_size_limit_ext(
ssl, MBEDTLS_SSL_IN_CONTENT_LEN, p, end, &output_len);
if (ret != 0) {
return ret;
record_size_extension_mask = mbedtls_ssl_get_extension_mask(MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT);
if (ssl->handshake->received_extensions | record_size_extension_mask) {
ret = mbedtls_ssl_tls13_write_record_size_limit_ext(
ssl, p, end, &output_len);
if (ret != 0) {
return ret;
}
p += output_len;
}
p += output_len;
#endif
extensions_len = (p - p_extensions_len) - 2;