Remove use of SSL object for fragment length checking in record layer

[thirdparty/openssl.git] / ssl / record / methods / ktls_meth.c

diff --git a/ssl/record/methods/ktls_meth.c b/ssl/record/methods/ktls_meth.c
index dbebb8acf53f1f3335065ddab2668d9b7730667d..e608b530ff4711965b62ec75057d6629ed53f1f2 100644 (file)
--- a/ssl/record/methods/ktls_meth.c
+++ b/ssl/record/methods/ktls_meth.c
@@ -462,8 +462,16 @@ static int ktls_set_crypto_state(OSSL_RECORD_LAYER *rl, int level,
         return OSSL_RECORD_RETURN_NON_FATAL_ERR;
 
     /* ktls supports only the maximum fragment size */
+    if (rl->max_frag_len > 0 && rl->max_frag_len != SSL3_RT_MAX_PLAIN_LENGTH)
+        return OSSL_RECORD_RETURN_NON_FATAL_ERR;
+#if 0
+    /*
+     * TODO(RECLAYER): We will need to reintroduce the check of the send
+     * fragment for KTLS once we do the record write side implementation
+     */
     if (ssl_get_max_send_fragment(s) != SSL3_RT_MAX_PLAIN_LENGTH)
         return OSSL_RECORD_RETURN_NON_FATAL_ERR;
+#endif
 
     /* check that cipher is supported */
     if (!ktls_int_check_supported_cipher(rl, ciph, md, taglen))