mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-14 16:20:51 +00:00
Clarify DTLS
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
80facedad9
commit
d9c858039e
@ -4854,7 +4854,7 @@ int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl,
|
||||
* DTLS records.
|
||||
*
|
||||
* \note Defragmentation of incoming handshake messages in TLS
|
||||
* (excluding DTLS) is supported with some limitations:
|
||||
* is supported with some limitations:
|
||||
* - On an Mbed TLS server that only accepts TLS 1.2,
|
||||
* the initial ClientHello message must not be fragmented.
|
||||
* A TLS 1.2 ClientHello may be fragmented if the server
|
||||
@ -4862,6 +4862,7 @@ int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl,
|
||||
* that #MBEDTLS_SSL_PROTO_TLS1_3 enabled, and the
|
||||
* accepted versions have not been restricted with
|
||||
* mbedtls_ssl_conf_max_tls_version() or the like).
|
||||
* This limitation does not apply to DTLS.
|
||||
* - The first fragment of a handshake message must be
|
||||
* at least 4 bytes long.
|
||||
* - Non-handshake records must not be interleaved between
|
||||
|
Loading…
x
Reference in New Issue
Block a user