DTLS Reordering: Improve doc of MBEDTLS_SSL_DTLS_MAX_BUFFERING
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 1cdff71..70770de 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -3015,6 +3015,15 @@
* Maximum number of heap-allocated bytes for the purpose of
* DTLS handshake message reassembly and future message buffering.
*
+ * This should be at least 9/8 * MBEDTLSSL_MAX_IN_CONTENT_LEN
+ * to account for a reassembled handshake message of maximum size,
+ * together with its reassembly bitmap.
+ *
+ * A value of 2 * MBEDTLS_SSL_MAX_IN_CONTENT_LEN (32768 by default)
+ * should be sufficient for all practical situations as it allows
+ * to reassembly a large handshake message (such as a certificate)
+ * while buffering multiple smaller handshake messages.
+ *
*/
//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 39c7bfa..5de911c 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -243,8 +243,12 @@
#define MBEDTLS_SSL_OUT_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN
#endif
+/*
+ * Maximum number of heap-allocated bytes for the purpose of
+ * DTLS handshake message reassembly and future message buffering.
+ */
#if !defined(MBEDTLS_SSL_DTLS_MAX_BUFFERING)
-#define MBEDTLS_SSL_DTLS_MAX_BUFFERING ( 2 * MBEDTLS_SSL_IN_CONTENT_LEN )
+#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
#endif
/* \} name SECTION: Module settings */