diff options
Diffstat (limited to 'lib/ext/max_record.c')
-rw-r--r-- | lib/ext/max_record.c | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/lib/ext/max_record.c b/lib/ext/max_record.c index 2a7a9d3496..c67920376e 100644 --- a/lib/ext/max_record.c +++ b/lib/ext/max_record.c @@ -153,16 +153,16 @@ _gnutls_max_record_send_params(gnutls_session_t session, } else { /* server side */ + if (session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_SENT) + return 0; + if (session->security_parameters.max_record_recv_size != DEFAULT_MAX_RECORD_SIZE) { ret = _gnutls_mre_record2num (session->security_parameters. max_record_recv_size); - - /* it's not an error, as long as we send the - * record_size_limit extension with that value */ if (ret < 0) - return 0; + return gnutls_assert_val(ret); p = (uint8_t) ret; ret = _gnutls_buffer_append_data(extdata, &p, 1); @@ -240,8 +240,7 @@ size_t gnutls_record_get_max_size(gnutls_session_t session) * @size: is the new size * * This function sets the maximum record packet size in this - * connection. This property can only be set to clients. The server - * may choose not to accept the requested size. + * connection. * * The requested record size does get in effect immediately only while * sending data. The receive part will take effect after a successful @@ -255,14 +254,14 @@ size_t gnutls_record_get_max_size(gnutls_session_t session) * 512 and 16384. Note that not all TLS implementations use or even * understand those extension. * + * In TLS 1.3, the value is the length of plaintext content plus its + * padding, excluding content type octet. + * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, * otherwise a negative error code is returned. **/ ssize_t gnutls_record_set_max_size(gnutls_session_t session, size_t size) { - if (session->security_parameters.entity == GNUTLS_SERVER) - return GNUTLS_E_INVALID_REQUEST; - if (size < MIN_RECORD_SIZE || size > DEFAULT_MAX_RECORD_SIZE) return GNUTLS_E_INVALID_REQUEST; |