From f4b010efc4b7f5056847810b4be4c960006b78cb Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 24 Aug 2018 10:47:29 +0100 Subject: [PATCH] Limit MTU by maximum fragment length setting By the standard (RFC 6066, Sect. 4), the Maximum Fragment Length (MFL) extension limits the maximum record payload size, but not the maximum datagram size. However, not inferring any limitations on the MTU when setting the MFL means that a party has no means to dynamically inform the peer about MTU limitations. This commit changes the function ssl_get_remaining_payload_in_datagram() to never return more than MFL - { Total size of all records within the current datagram } thereby limiting the MTU to MFL + { Maximum Record Expansion }. --- library/ssl_tls.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 0ea7898cf..37ba93baf 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -146,6 +146,20 @@ static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl if( max_len > mfl ) max_len = mfl; + + /* By the standard (RFC 6066 Sect. 4), the MFL extension + * only limits the maximum record payload size, so in theory + * we would be allowed to pack multiple records of payload size + * MFL into a single datagram. However, this would mean that there's + * no way to explicitly communicate MTU restrictions to the peer. + * + * The following reduction of max_len makes sure that we never + * write datagrams larger than MFL + Record Expansion Overhead. + */ + if( max_len <= ssl->out_left ) + return( 0 ); + + max_len -= ssl->out_left; #endif ret = ssl_get_remaining_space_in_datagram( ssl );