State globally that the limitations don't apply to DTLS
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 8fdf6a6..97b0dcb 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -4984,8 +4984,10 @@
* be the case even if TLS 1.3 is offered but eventually
* not selected).
*
- * \note Defragmentation of incoming handshake messages in TLS
- * is supported with some limitations:
+ * \note In TLS, reception of fragmented handshake messages is
+ * supported with some limitations (those limitations do
+ * not apply to DTLS, where defragmentation is fully
+ * supported):
* - On an Mbed TLS server that only accepts TLS 1.2,
* the initial ClientHello message must not be fragmented.
* A TLS 1.2 ClientHello may be fragmented if the server
@@ -4993,7 +4995,6 @@
* that #MBEDTLS_SSL_PROTO_TLS1_3 enabled, and the
* accepted versions have not been restricted with
* mbedtls_ssl_conf_max_tls_version() or the like).
- * This limitation does not apply to DTLS.
* - The first fragment of a handshake message must be
* at least 4 bytes long.
* - Non-handshake records must not be interleaved between