TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / b8ae1451e234840b2fb2609559ea957b4512004e^1..b8ae1451e234840b2fb2609559ea957b4512004e / .
commitb8ae1451e234840b2fb2609559ea957b4512004e[log] [tgz]
authorJaeden Amero <jaeden.amero@arm.com>Wed May 22 15:35:29 2019 +0100
committerJaeden Amero <jaeden.amero@arm.com>Thu May 23 15:13:46 2019 +0100
tree396c52915686d4401775809cf6c355ede7e9b657
parente58c8814180e163fe02bdb8f28095d3d2da98a04 [diff]
parent8aed8e1612ae2b638988620c3e11497dcb796bdf [diff]
Merge remote-tracking branch 'origin/pr/2612' into mbedtls-2.7

* origin/pr/2612:
  Adjust backport's documentation to account for missing features
  Backport a doxygen note from development for `mbedtls_ssl_conf_max_frag_len()`
  Update change log
  Reword ssl_conf_max_frag_len documentation for clarity

diff --git a/ChangeLog b/ChangeLog
index d57b890..f155a02 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -45,6 +45,8 @@
      Found by Coverity, reported and fixed by Peter Kolbus (Garmin). Fixes #2309.
    * Add test for minimal value of MBEDTLS_MPI_WINDOW_SIZE to all.sh.
      Contributed by Peter Kolbus (Garmin).
+   * Change wording in the `mbedtls_ssl_conf_max_frag_len()`'s documentation to
+     improve clarity. Fixes #2258.
 
 = mbed TLS 2.7.10 branch released 2019-03-19
 

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 5593a52..5fd6969 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h

@@ -2106,12 +2106,27 @@
 
 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
 /**
- * \brief          Set the maximum fragment length to emit and/or negotiate
- *                 (Default: MBEDTLS_SSL_MAX_CONTENT_LEN, usually 2^14 bytes)
+ * \brief          Set the maximum fragment length to emit and/or negotiate.
+ *                 (Typical: #MBEDTLS_SSL_MAX_CONTENT_LEN, by default that is
+ *                 set to `2^14` bytes)
  *                 (Server: set maximum fragment length to emit,
- *                 usually negotiated by the client during handshake
+ *                 usually negotiated by the client during handshake)
  *                 (Client: set maximum fragment length to emit *and*
  *                 negotiate with the server during handshake)
+ *                 (Default: #MBEDTLS_SSL_MAX_FRAG_LEN_NONE)
+ *
+ * \note           With TLS, this currently only affects ApplicationData (sent
+ *                 with \c mbedtls_ssl_read()), not handshake messages.
+ *                 With DTLS, this affects both ApplicationData and handshake.
+ *
+ * \note           On the client side, the maximum fragment length extension
+ *                 *will not* be used, unless the maximum fragment length has
+ *                 been set via this function to a value different than
+ *                 #MBEDTLS_SSL_MAX_FRAG_LEN_NONE.
+ *
+ * \note           This sets the maximum length for a record's payload,
+ *                 excluding record overhead that will be added to it, see
+ *                 \c mbedtls_ssl_get_record_expansion().
  *
  * \param conf     SSL configuration
  * \param mfl_code Code for maximum fragment length (allowed values: