Correct record header size in case of TLS The previous commit reduced the internal header size to 5 bytes in case of TLS. This is not a valid since in that situation Mbed TLS internally uses the first 8 bytes of the message buffer for the implicit record sequence number.

commit: e40802aebc22bb107f532cdf7eaf1f9fc20aaf1b [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Thu Dec 07 08:22:51 2017 +0000
committer: Hanno Becker <hanno.becker@arm.com> Thu Dec 07 08:27:56 2017 +0000
tree: 563b4708bb8eb6224935b42af89e9e646db93c23
parent: 0ca15967d16305456499c5f203b7c200ae3351ef [diff] [blame]
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 2d99d40..c153442 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h

@@ -154,14 +154,10 @@
 #error Bad configuration - protected record payload too large.
 #endif
 
-#if !defined(MBEDTLS_SSL_PROTO_DTLS)
-/* https://tools.ietf.org/html/rfc5246#section-6.2 */
-#define MBEDTLS_SSL_HEADER_LEN 5
-#else
-/* https://tools.ietf.org/html/rfc6347#section-4.1  */
-/* 8 additional bytes for epoch and sequence number */
+/* Note: Even though the TLS record header is only 5 bytes
+   long, we're internally using 8 bytes to store the
+   implicit sequence number. */
 #define MBEDTLS_SSL_HEADER_LEN 13
-#endif
 
 #define MBEDTLS_SSL_BUFFER_LEN  \
     ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_PAYLOAD_LEN ) )
commit	e40802aebc22bb107f532cdf7eaf1f9fc20aaf1b	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Thu Dec 07 08:22:51 2017 +0000
committer	Hanno Becker <hanno.becker@arm.com>	Thu Dec 07 08:27:56 2017 +0000
tree	563b4708bb8eb6224935b42af89e9e646db93c23
parent	0ca15967d16305456499c5f203b7c200ae3351ef [diff] [blame]