mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-14 16:20:51 +00:00
Move the defragmentation documentation to mbedtls_ssl_handshake
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
1b785e2201
commit
d8f9e22b5e
@ -4360,23 +4360,9 @@ void mbedtls_ssl_conf_cert_req_ca_list(mbedtls_ssl_config *conf,
|
||||
* with \c mbedtls_ssl_read()), not handshake messages.
|
||||
* With DTLS, this affects both ApplicationData and handshake.
|
||||
*
|
||||
* \note Defragmentation of incoming handshake messages in TLS
|
||||
* (excluding DTLS) is supported with some limitations:
|
||||
* - On an Mbed TLS server that only accepts TLS 1.2,
|
||||
* the initial ClientHello message must not be fragmented.
|
||||
* A TLS 1.2 ClientHello may be fragmented if the server
|
||||
* also accepts TLS 1.3 connections (meaning
|
||||
* that #MBEDTLS_SSL_PROTO_TLS1_3 enabled, and the
|
||||
* accepted versions have not been restricted with
|
||||
* mbedtls_ssl_conf_max_tls_version() or the like).
|
||||
* - A ClientHello message that initiates a renegotiation
|
||||
* must not be fragmented.
|
||||
* - The first fragment of a handshake message must be
|
||||
* at least 4 bytes long.
|
||||
* - Non-handshake records must not be interleaved between
|
||||
* the fragments of a handshake message. (This is permitted
|
||||
* in TLS 1.2 but not in TLS 1.3, but Mbed TLS rejects it
|
||||
* even in TLS 1.2.)
|
||||
* \note Defragmentation of TLS handshake messages is supported
|
||||
* with some limitations. See the documentation of
|
||||
* mbedtls_ssl_handshake() for details.
|
||||
*
|
||||
* \note This sets the maximum length for a record's payload,
|
||||
* excluding record overhead that will be added to it, see
|
||||
@ -4867,6 +4853,24 @@ int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl,
|
||||
* currently being processed might or might not contain further
|
||||
* DTLS records.
|
||||
*
|
||||
* \note Defragmentation of incoming handshake messages in TLS
|
||||
* (excluding DTLS) is supported with some limitations:
|
||||
* - On an Mbed TLS server that only accepts TLS 1.2,
|
||||
* the initial ClientHello message must not be fragmented.
|
||||
* A TLS 1.2 ClientHello may be fragmented if the server
|
||||
* also accepts TLS 1.3 connections (meaning
|
||||
* that #MBEDTLS_SSL_PROTO_TLS1_3 enabled, and the
|
||||
* accepted versions have not been restricted with
|
||||
* mbedtls_ssl_conf_max_tls_version() or the like).
|
||||
* - A ClientHello message that initiates a renegotiation
|
||||
* must not be fragmented.
|
||||
* - The first fragment of a handshake message must be
|
||||
* at least 4 bytes long.
|
||||
* - Non-handshake records must not be interleaved between
|
||||
* the fragments of a handshake message. (This is permitted
|
||||
* in TLS 1.2 but not in TLS 1.3, but Mbed TLS rejects it
|
||||
* even in TLS 1.2.)
|
||||
*
|
||||
* \note The PSA crypto subsystem must have been initialized by
|
||||
* calling psa_crypto_init() before calling this function.
|
||||
*/
|
||||
|
Loading…
x
Reference in New Issue
Block a user