From f879c2e15a98b607fb5e9b56acb74df117d9f2b1 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Mon, 19 Sep 2016 14:19:28 +0200 Subject: Increased the maximum size allowed for handshake messages to 128kb This would allow the library to cope with larger packets, as well as TLS 1.3 hellos. Suggested by Hubert Kario. --- lib/gnutls_handshake.c | 2 +- lib/gnutls_int.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 98bdb1c5d9..3ef763cb7f 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -3427,7 +3427,7 @@ _gnutls_remove_unwanted_ciphersuites (gnutls_session_t session, * This function will set the maximum size of all handshake messages. * Handshakes over this size are rejected with * %GNUTLS_E_HANDSHAKE_TOO_LARGE error code. The default value is - * 48kb which is typically large enough. Set this to 0 if you do not + * 128kb which is typically large enough. Set this to 0 if you do not * want to set an upper limit. * * The reason for restricting the handshake message sizes are to diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index ec9c2bcced..9fc40ef758 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -75,7 +75,7 @@ typedef struct /* The size of a handshake message should not * be larger than this value. */ -#define MAX_HANDSHAKE_PACKET_SIZE 48*1024 +#define MAX_HANDSHAKE_PACKET_SIZE 128*1024 #define TLS_MAX_SESSION_ID_SIZE 32 -- cgit v1.2.1