Move negotiated max fragment length to session
User-set max fragment length remains in ssl_context.
The min of the two is used for sizing fragments.
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 0374ee8..a230dc9 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -67,7 +67,7 @@
* } MaxFragmentLength;
* and we add 0 -> extension unused
*/
-static unsigned int mfl_code_to_length[] =
+static unsigned int mfl_code_to_length[SSL_MAX_FRAG_LEN_INVALID] =
{
SSL_MAX_CONTENT_LEN, /* SSL_MAX_FRAG_LEN_NONE */
512, /* SSL_MAX_FRAG_LEN_512 */
@@ -2886,8 +2886,6 @@
ssl->out_msglen = 0;
ssl->out_left = 0;
- ssl->mfl_code = SSL_MAX_FRAG_LEN_NONE;
-
ssl->transform_in = NULL;
ssl->transform_out = NULL;
@@ -3424,6 +3422,15 @@
*/
max_len = mfl_code_to_length[ssl->mfl_code];
+ /*
+ * Check if a smaller max length was negociated
+ */
+ if( ssl->session_out != NULL &&
+ mfl_code_to_length[ssl->session_out->mfl_code] < max_len )
+ {
+ max_len = mfl_code_to_length[ssl->session_out->mfl_code];
+ }
+
n = ( len < max_len) ? len : max_len;
if( ssl->out_left != 0 )
