openssl/ssl/record
Matt Caswell c1decd6246 Don't apply max_frag_len checking if no Max Fragment Length extension
Don't check the Max Fragment Length if the it hasn't been negotiated. We
were checking it anyway, and using the default value
(SSL3_RT_MAX_PLAIN_LENGTH). This works in most cases but KTLS can cause the
record length to actually exceed this in some cases.

Fixes #23169

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23182)
2024-01-18 15:20:18 +00:00
..
methods Don't apply max_frag_len checking if no Max Fragment Length extension 2024-01-18 15:20:18 +00:00
build.info
rec_layer_d1.c Move increment of dtls epoch to change cipher state function 2024-01-18 12:48:46 +01:00
rec_layer_s3.c Move increment of dtls epoch to change cipher state function 2024-01-18 12:48:46 +01:00
record_local.h Move increment of dtls epoch to change cipher state function 2024-01-18 12:48:46 +01:00
record.h Move increment of dtls epoch to change cipher state function 2024-01-18 12:48:46 +01:00