[gnutls-devel] GnuTLS | record_size_limit extension (!733)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Mon Aug 20 13:30:31 CEST 2018
Nikos Mavrogiannopoulos started a new discussion on lib/ext/record_size_limit.c:
> new_size = _gnutls_read_uint16(data);
>
> /* treat receipt of a smaller value as a fatal error */
> - if (new_size < 64)
> + if (new_size < MIN_RECORD_SIZE)
What about doing:
```
/* protocol error */
if (new_size < 64)
return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
/* we do not want to accept sizes less than that */
if (new_size < MIN_RECORD_SIZE)
return 0;
```
That way we will still allow clients making "legal" proposals, but we'll ignore them, right?
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/733#note_95496625
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20180820/7a12bbea/attachment.html>
More information about the Gnutls-devel
mailing list