diff options
Diffstat (limited to 'lib/dtls.c')
-rw-r--r-- | lib/dtls.c | 26 |
1 files changed, 15 insertions, 11 deletions
diff --git a/lib/dtls.c b/lib/dtls.c index 002c7145ef..f5b4a0a4c9 100644 --- a/lib/dtls.c +++ b/lib/dtls.c @@ -586,7 +586,10 @@ size_t gnutls_est_record_overhead_size(gnutls_protocol_t version, if (v->transport == GNUTLS_STREAM) total = TLS_RECORD_HEADER_SIZE; else - total = DTLS_RECORD_HEADER_SIZE; + if (cipher == GNUTLS_CIPHER_NULL) + total = DTLS_RECORD_HEADER_SIZE; + else + total = DTLS13_RECORD_HEADER_SIZE; total += _gnutls_record_overhead(v, c, m, 1); @@ -629,14 +632,8 @@ static int record_overhead_rt(gnutls_session_t session) **/ size_t gnutls_record_overhead_size(gnutls_session_t session) { - const version_entry_st *v = get_version(session); int ret; - size_t total; - - if (v->transport == GNUTLS_STREAM) - total = TLS_RECORD_HEADER_SIZE; - else - total = DTLS_RECORD_HEADER_SIZE; + size_t total = RECORD_HEADER_SIZE(session); ret = record_overhead_rt(session); if (ret >= 0) @@ -667,13 +664,20 @@ unsigned int gnutls_dtls_get_data_mtu(gnutls_session_t session) mtu -= RECORD_HEADER_SIZE(session); - if (session->internals.initial_negotiation_completed == 0) - return mtu; - ret = _gnutls_epoch_get(session, EPOCH_WRITE_CURRENT, ¶ms); if (ret < 0) return mtu; + if (session->internals.initial_negotiation_completed == 0){ + if (session->security_parameters.pversion->tls13_sem) + return (mtu - params->write.aead_tag_size - 1); //Tag + content_type + return mtu; + } + + if (session->security_parameters.pversion->tls13_sem && + params->cipher->id != GNUTLS_CIPHER_NULL) + mtu -= params->write.aead_tag_size + 1; //Tag + content_type + if (params->cipher->type == CIPHER_AEAD || params->cipher->type == CIPHER_STREAM) return mtu-_gnutls_record_overhead(get_version(session), params->cipher, params->mac, 0); |