Refactor record size limit extension handling Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>

commit: 049cd302ed13a516eef412bffa9753f77edb763f [log] [tgz]
author: Waleed Elmelegy <waleed.elmelegy@arm.com> Wed Dec 20 17:28:31 2023 +0000
committer: Waleed Elmelegy <waleed.elmelegy@arm.com> Wed Dec 20 17:28:31 2023 +0000
tree: eeef459d49f4c2360a5d60033285c6e2473f2088
parent: 26e36983575e857e5a0364b11f20700bcdc6f9a2 [diff] [blame]
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 1a246c4..503db58 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c

@@ -2131,6 +2131,19 @@
         p += extension_data_len;
     }
 
+    if ((handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(RECORD_SIZE_LIMIT)) &&
+        (handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(MAX_FRAGMENT_LENGTH))) {
+        mbedtls_debug_print_msg(ssl,
+                                3,
+                                __FILE__,
+                                __LINE__,
+                                "Record size limit extension cannot be used with max fragment length extension");
+        MBEDTLS_SSL_PEND_FATAL_ALERT(
+            MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
+            MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER);
+        return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
+    }
+
     MBEDTLS_SSL_PRINT_EXTS(3, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
                            handshake->received_extensions);
commit	049cd302ed13a516eef412bffa9753f77edb763f	[log] [tgz]
author	Waleed Elmelegy <waleed.elmelegy@arm.com>	Wed Dec 20 17:28:31 2023 +0000
committer	Waleed Elmelegy <waleed.elmelegy@arm.com>	Wed Dec 20 17:28:31 2023 +0000
tree	eeef459d49f4c2360a5d60033285c6e2473f2088
parent	26e36983575e857e5a0364b11f20700bcdc6f9a2 [diff] [blame]