lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Allow fragments less HS msg header size (4 bytes)

Browse Source 
Except the first

Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>
This commit is contained in:
Deomid rojer Ryabkov
2025-01-26 11:10:54 +02:00
committed by Gilles Peskine
parent 96e2290e3d
commit 5c853ea2c5
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
library/ssl_msg.c
View File

@ -3220,7 +3220,8 @@ static uint32_t ssl_get_hs_total_len(mbedtls_ssl_context const *ssl)
int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl) int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl)
{ {
if (ssl->in_msglen < mbedtls_ssl_hs_hdr_len(ssl)) { /* First handshake fragment must at least include the header. */
if (ssl->in_msglen < mbedtls_ssl_hs_hdr_len(ssl) && ssl->in_hslen == 0) {
MBEDTLS_SSL_DEBUG_MSG(1, ("handshake message too short: %" MBEDTLS_PRINTF_SIZET, MBEDTLS_SSL_DEBUG_MSG(1, ("handshake message too short: %" MBEDTLS_PRINTF_SIZET,
ssl->in_msglen)); ssl->in_msglen));
return MBEDTLS_ERR_SSL_INVALID_RECORD; return MBEDTLS_ERR_SSL_INVALID_RECORD;