Compute record expansion at the right time
Depends on the current transform, which might change when retransmitting a
flight containing a Finished message, so compute it only after the transform
is swapped.
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 5f3abe5..da21db2 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2845,20 +2845,8 @@
*/
int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl )
{
- const int ret_payload = mbedtls_ssl_get_max_out_record_payload( ssl );
- const size_t max_record_payload = (size_t) ret_payload;
- /* DTLS handshake headers are 12 bytes */
- const size_t max_hs_fragment_len = max_record_payload - 12;
-
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_flight_transmit" ) );
- if( ret_payload < 0 )
- {
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_get_max_out_record_payload",
- ret_payload );
- return( ret_payload );
- }
-
if( ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialise flight transmission" ) );
@@ -2895,6 +2883,10 @@
}
else
{
+ const int ret_payload = mbedtls_ssl_get_max_out_record_payload( ssl );
+ const size_t max_record_payload = (size_t) ret_payload;
+ /* DTLS handshake headers are 12 bytes */
+ const size_t max_hs_fragment_len = max_record_payload - 12;
const unsigned char * const p = ssl->handshake->cur_msg_p;
const size_t hs_len = cur->len - 12;
const size_t frag_off = p - ( cur->p + 12 );
@@ -2902,6 +2894,13 @@
const size_t frag_len = rem_len > max_hs_fragment_len
? max_hs_fragment_len : rem_len;
+ if( ret_payload < 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_get_max_out_record_payload",
+ ret_payload );
+ return( ret_payload );
+ }
+
if( frag_off == 0 && frag_len != hs_len )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "fragmenting handshake message (%u > %u)",