TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-crypto / 3546201dbc2ecd0387b291c62fe6f7bfbbb3428a^! / . / include / mbedtls
commit3546201dbc2ecd0387b291c62fe6f7bfbbb3428a[log] [tgz]
authorHanno Becker <hanno.becker@arm.com>Wed Aug 22 10:25:40 2018 +0100
committerHanno Becker <hanno.becker@arm.com>Wed Aug 22 10:25:40 2018 +0100
treef0529315717e60c2cfd02233ed8b63fd58442d3c
parent903ee3d363099bb19cd5461c156969b2c55893af [diff]
parenta67dee256dc066fc8dfe48eb461b50d0f97898d6 [diff]
Merge branch 'datagram_packing' into message_reordering

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index c1fad6a..b6700fc 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h

@@ -1400,23 +1400,28 @@
  *                 the maximum size datagram the DTLS layer will pass to the
  *                 \c f_send() callback set using \c mbedtls_ssl_set_bio().
  *
+ * \note           The limit on datagram size is converted to a limit on
+ *                 record payload by subtracting the current overhead of
+ *                 encapsulation and encryption/authentication if any.
+ *
  * \note           This can be called at any point during the connection, for
  *                 example when a PMTU estimate becomes available from other
  *                 sources, such as lower (or higher) protocol layers.
  *
- * \note           This only controls the size of the packets we send.
- *                 Client-side, you can request the server to use smaller
- *                 records with \c mbedtls_ssl_conf_max_frag_len().
+ * \note           This setting only controls the size of the packets we send,
+ *                 and does not restrict the size of the datagrams we're
+ *                 willing to receive. Client-side, you can request the
+ *                 server to use smaller records with \c
+ *                 mbedtls_ssl_conf_max_frag_len().
  *
  * \note           If both a MTU and a maximum fragment length have been
  *                 configured (or negotiated with the peer), the resulting
- *                 lower limit (after translating the MTU setting to a limit
- *                 on the record content length) is used.
+ *                 lower limit on record payload (see first note) is used.
  *
  * \note           This can only be used to decrease the maximum size
- *                 of datagrams sent. It cannot be used to increase the
- *                 maximum size of records over the limit set by
- *                 #MBEDTLS_SSL_OUT_CONTENT_LEN.
+ *                 of datagrams (hence records, see first note) sent. It
+ *                 cannot be used to increase the maximum size of records over
+ *                 the limit set by #MBEDTLS_SSL_OUT_CONTENT_LEN.
  *
  * \note           Values lower than the current record layer expansion will
  *                 result in an error when trying to send data.

diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 2c0684f..3f595a3 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h

@@ -334,6 +334,8 @@
         } future_record;
 
     } buffering;
+
+    uint16_t mtu;                       /*!<  Handshake mtu, used to fragment outgoing messages */
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
 
     /*