If the maximum fragment extension was negotiated, enforce it. Also

enforce the 2^14 byte plaintext limit in the reader (previously only the 2^14+2048 byte ciphertext size limit was enforced).
author: lloyd <[email protected]> 2012-01-05 21:01:34 +0000
committer: lloyd <[email protected]> 2012-01-05 21:01:34 +0000
commit: 74226be019b1a66f8eae9a6516f2eb28a53fb9e2 (patch)
tree: 60cb288f4d6b1a5f284d993b0de2bfedf4476420 /src/tls/tls_server.cpp
parent: 66665fe98ddfe08a1c12fedb43eabe83532349a2 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp
index 17f2b51b9..e66936771 100644
--- a/src/tls/tls_server.cpp
+++ b/src/tls/tls_server.cpp
@@ -200,7 +200,10 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
             rng);
 
          if(session_info.fragment_size())
+            {
+            reader.set_maximum_fragment_size(session_info.fragment_size());
             writer.set_maximum_fragment_size(session_info.fragment_size());
+            }
 
          state->suite = TLS_Cipher_Suite(state->server_hello->ciphersuite());
 
@@ -250,7 +253,10 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
             rng);
 
          if(state->client_hello->fragment_size())
+            {
+            reader.set_maximum_fragment_size(state->client_hello->fragment_size());
             writer.set_maximum_fragment_size(state->client_hello->fragment_size());
+            }
 
          state->suite = TLS_Cipher_Suite(state->server_hello->ciphersuite());
author	lloyd <[email protected]>	2012-01-05 21:01:34 +0000
committer	lloyd <[email protected]>	2012-01-05 21:01:34 +0000
commit	74226be019b1a66f8eae9a6516f2eb28a53fb9e2 (patch)
tree	60cb288f4d6b1a5f284d993b0de2bfedf4476420 /src/tls/tls_server.cpp
parent	66665fe98ddfe08a1c12fedb43eabe83532349a2 (diff)