Add compile-time checks for size of record content and payload
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 756360b..916817a 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -24,6 +24,7 @@
#define MBEDTLS_SSL_INTERNAL_H
#include "ssl.h"
+#include "cipher.h"
#if defined(MBEDTLS_MD5_C)
#include "md5.h"
@@ -138,14 +139,32 @@
#define MBEDTLS_SSL_PADDING_ADD 0
#endif
-#define MBEDTLS_SSL_BUFFER_LEN ( MBEDTLS_SSL_MAX_CONTENT_LEN \
- + MBEDTLS_SSL_COMPRESSION_ADD \
- + 29 /* counter + header + IV */ \
- + MBEDTLS_SSL_MAC_ADD \
- + MBEDTLS_SSL_PADDING_ADD \
+#define MBEDTLS_SSL_PAYLOAD_LEN ( MBEDTLS_SSL_MAX_CONTENT_LEN \
+ + MBEDTLS_SSL_COMPRESSION_ADD \
+ + MBEDTLS_MAX_IV_LENGTH \
+ + MBEDTLS_SSL_MAC_ADD \
+ + MBEDTLS_SSL_PADDING_ADD \
)
/*
+ * Check that we obey the standard's message size bounds
+ */
+
+#if MBEDTLS_SSL_MAX_CONTENT_LEN > 16384
+#error Bad configuration - record content too large.
+#endif
+
+#if MBEDTLS_SSL_PAYLOAD_LEN > 16384 + 2048
+#error Bad configuration - protected record payload too large.
+#endif
+
+#define MBEDTLS_SSL_BUFFER_LEN ( MBEDTLS_SSL_PAYLOAD_LEN \
+ + 5 /* TLS record header */ \
+ + 8 /* Additional DTLS fields */ \
+ )
+
+
+/*
* TLS extension flags (for extensions with outgoing ServerHello content
* that need it (e.g. for RENEGOTIATION_INFO the server already knows because
* of state of the renegotiation flag, so no indicator is required)