commit f482dcc6c7a6003a86a69948f1f05f4e9490967e
author Jan Bruckner <jan@janbruckner.de> Wed Mar 15 09:09:06 2023 +0100
committer Waleed Elmelegy <waleed.elmelegy@arm.com> Wed Dec 06 15:18:08 2023 +0000
tree 2d5224708a320b30ee4dc3e1cbabd27b6ca69d1a
parent d9c69d12acebe89dbdc023e66d25c05d84725aa0

Comply with the received Record Size Limit extension

Fixes #7010

Signed-off-by: Jan Bruckner <jan@janbruckner.de>

library/ssl_tls13_server.c

diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index bfe805f..9e2cbbf 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -1699,14 +1699,11 @@
 
                 ret = mbedtls_ssl_tls13_parse_record_size_limit_ext(
                     ssl, p, extension_data_end);
-
-                /*
-                 * TODO: Return unconditionally here until we handle the record
-                 *       size limit correctly.
-                 *       Once handled correctly, only return in case of errors.
-                 */
-                return ret;
-
+                if (ret != 0) {
+                    MBEDTLS_SSL_DEBUG_RET(
+                        1, ("mbedtls_ssl_tls13_parse_record_size_limit_ext"), ret);
+                    return ret;
+                }
                 break;
 #endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */