1 files changed, 8 insertions, 9 deletions

diff --git a/lib/ext/max_record.c b/lib/ext/max_record.c
index 2a7a9d3496..c67920376e 100644
--- a/lib/ext/max_record.c
+++ b/lib/ext/max_record.c
@@ -153,16 +153,16 @@ _gnutls_max_record_send_params(gnutls_session_t session,
 
 	} else {		/* server side */
 
+		if (session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_SENT)
+			return 0;
+
 		if (session->security_parameters.max_record_recv_size !=
 		    DEFAULT_MAX_RECORD_SIZE) {
 			ret = _gnutls_mre_record2num
 			      (session->security_parameters.
 			       max_record_recv_size);
-
-			/* it's not an error, as long as we send the
-			 * record_size_limit extension with that value */
 			if (ret < 0)
-				return 0;
+				return gnutls_assert_val(ret);
 
 			p = (uint8_t) ret;
 			ret = _gnutls_buffer_append_data(extdata, &p, 1);
@@ -240,8 +240,7 @@ size_t gnutls_record_get_max_size(gnutls_session_t session)
  * @size: is the new size
  *
  * This function sets the maximum record packet size in this
- * connection.  This property can only be set to clients.  The server
- * may choose not to accept the requested size.
+ * connection.
  *
  * The requested record size does get in effect immediately only while
  * sending data. The receive part will take effect after a successful
@@ -255,14 +254,14 @@ size_t gnutls_record_get_max_size(gnutls_session_t session)
  * 512 and 16384.  Note that not all TLS implementations use or even
  * understand those extension.
  *
+ * In TLS 1.3, the value is the length of plaintext content plus its
+ * padding, excluding content type octet.
+ *
  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
  *   otherwise a negative error code is returned.
  **/
 ssize_t gnutls_record_set_max_size(gnutls_session_t session, size_t size)
 {
-	if (session->security_parameters.entity == GNUTLS_SERVER)
-		return GNUTLS_E_INVALID_REQUEST;
-
 	if (size < MIN_RECORD_SIZE || size > DEFAULT_MAX_RECORD_SIZE)
 		return GNUTLS_E_INVALID_REQUEST;