diff options
| -rw-r--r-- | src/components/security_manager/src/ssl_context_impl.cc | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/components/security_manager/src/ssl_context_impl.cc b/src/components/security_manager/src/ssl_context_impl.cc index 357d9556fb..d5c892c07a 100644 --- a/src/components/security_manager/src/ssl_context_impl.cc +++ b/src/components/security_manager/src/ssl_context_impl.cc @@ -529,13 +529,18 @@ bool CryptoManagerImpl::SSLContextImpl::Decrypt(const uint8_t* const in_data, } size_t CryptoManagerImpl::SSLContextImpl::get_max_block_size(size_t mtu) const { + LOG4CXX_AUTO_TRACE(logger_); if (!max_block_size_) { // FIXME(EZamakhov): add correct logics for TLS1/1.2/SSL3 // For SSL3.0 set temporary value 90, old TLS1.2 value is 29 assert(mtu > 90); return mtu - 90; } - return max_block_size_(mtu); + + const auto max_allowed_block_size = + mtu > SSL3_RT_MAX_PLAIN_LENGTH ? SSL3_RT_MAX_PLAIN_LENGTH : mtu; + + return max_block_size_(max_allowed_block_size); } bool CryptoManagerImpl::SSLContextImpl::IsHandshakePending() const { |