commit f482dcc6c7a6003a86a69948f1f05f4e9490967e
author Jan Bruckner <jan@janbruckner.de> Wed Mar 15 09:09:06 2023 +0100
committer Waleed Elmelegy <waleed.elmelegy@arm.com> Wed Dec 06 15:18:08 2023 +0000
tree 2d5224708a320b30ee4dc3e1cbabd27b6ca69d1a
parent d9c69d12acebe89dbdc023e66d25c05d84725aa0

Comply with the received Record Size Limit extension

Fixes #7010

Signed-off-by: Jan Bruckner <jan@janbruckner.de>

library/ssl_misc.h

diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index eae192b..6b799ee 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -439,6 +439,24 @@
 size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl);
 #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
 
+#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
+/**
+ * \brief          Return the record size limit (in bytes) for
+ *                 the output buffer. This is less than the value requested by the
+ *                 peer (using RFC 8449), since it subtracts the space required for the
+ *                 content type and padding of the TLSInnerPlaintext struct (RFC 8446).
+ *                 Returns MBEDTLS_SSL_OUT_CONTENT_LEN if no limit was requested by the peer.
+ *
+ * \sa             mbedtls_ssl_get_max_out_record_payload()
+ *                 ssl_compute_internal_record_size_limit()
+ *
+ * \param ssl      SSL context
+ *
+ * \return         Current record size limit for the output buffer.
+ */
+size_t mbedtls_ssl_get_output_record_size_limit(const mbedtls_ssl_context *ssl);
+#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */
+
 #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
 static inline size_t mbedtls_ssl_get_output_buflen(const mbedtls_ssl_context *ctx)
 {