cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-24 05:00:45 -04:00
Code Issues Packages Projects Releases Wiki Activity

Move the defragmentation documentation to mbedtls_ssl_handshake

Browse Source 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2025-03-11 13:45:27 +01:00
parent 1933932e55
commit 494e4943b5
1 changed files with 21 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
include/mbedtls/ssl.h
View File

@ -4449,23 +4449,9 @@ void mbedtls_ssl_conf_cert_req_ca_list(mbedtls_ssl_config *conf,
* with \c mbedtls_ssl_read()), not handshake messages. * with \c mbedtls_ssl_read()), not handshake messages.
* With DTLS, this affects both ApplicationData and handshake. * With DTLS, this affects both ApplicationData and handshake.
* *
* \note Defragmentation of incoming handshake messages in TLS * \note Defragmentation of TLS handshake messages is supported
* (excluding DTLS) is supported with some limitations: * with some limitations. See the documentation of
* - On an Mbed TLS server that only accepts TLS 1.2, * mbedtls_ssl_handshake() for details.
* the initial ClientHello message must not be fragmented.
* A TLS 1.2 ClientHello may be fragmented if the server
* also accepts TLS 1.3 connections (meaning
* that #MBEDTLS_SSL_PROTO_TLS1_3 enabled, and the
* accepted versions have not been restricted with
* mbedtls_ssl_conf_max_tls_version() or the like).
* - A ClientHello message that initiates a renegotiation
* must not be fragmented.
* - The first fragment of a handshake message must be
* at least 4 bytes long.
* - Non-handshake records must not be interleaved between
* the fragments of a handshake message. (This is permitted
* in TLS 1.2 but not in TLS 1.3, but Mbed TLS rejects it
* even in TLS 1.2.)
* *
* \note This sets the maximum length for a record's payload, * \note This sets the maximum length for a record's payload,
* excluding record overhead that will be added to it, see * excluding record overhead that will be added to it, see
@ -4997,6 +4983,24 @@ int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl,
* if a negotiation involving TLS 1.3 takes place (this may * if a negotiation involving TLS 1.3 takes place (this may
* be the case even if TLS 1.3 is offered but eventually * be the case even if TLS 1.3 is offered but eventually
* not selected). * not selected).
*
* \note Defragmentation of incoming handshake messages in TLS
* (excluding DTLS) is supported with some limitations:
* - On an Mbed TLS server that only accepts TLS 1.2,
* the initial ClientHello message must not be fragmented.
* A TLS 1.2 ClientHello may be fragmented if the server
* also accepts TLS 1.3 connections (meaning
* that #MBEDTLS_SSL_PROTO_TLS1_3 enabled, and the
* accepted versions have not been restricted with
* mbedtls_ssl_conf_max_tls_version() or the like).
* - A ClientHello message that initiates a renegotiation
* must not be fragmented.
* - The first fragment of a handshake message must be
* at least 4 bytes long.
* - Non-handshake records must not be interleaved between
* the fragments of a handshake message. (This is permitted
* in TLS 1.2 but not in TLS 1.3, but Mbed TLS rejects it
* even in TLS 1.2.)
*/ */
int mbedtls_ssl_handshake(mbedtls_ssl_context *ssl); int mbedtls_ssl_handshake(mbedtls_ssl_context *ssl);