Merge pull request #7455 from KloolK/record-size-limit/comply-with-limit

Comply with the received Record Size Limit extension
2024-01-09 15:22:17 +00:00 · 2024-01-09 15:22:17 +00:00 · 3a6059beca
commit 3a6059beca
parent 454ab28be5 e2d3db5cfc
11 changed files with 293 additions and 57 deletions
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@ -1699,14 +1699,11 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,

                ret = mbedtls_ssl_tls13_parse_record_size_limit_ext(
                    ssl, p, extension_data_end);
-
-                /*
-                 * TODO: Return unconditionally here until we handle the record
-                 *       size limit correctly.
-                 *       Once handled correctly, only return in case of errors.
-                 */
-                return ret;
-
+                if (ret != 0) {
+                    MBEDTLS_SSL_DEBUG_RET(
+                        1, ("mbedtls_ssl_tls13_parse_record_size_limit_ext"), ret);
+                    return ret;
+                }
                break;
 #endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */