Update SERVER_HELLO_MAX_LENGTH

author Michael Baentsch <info@baentsch.ch>

Fri, 15 Jan 2021 10:40:31 +0000 (11:40 +0100)

committer Matt Caswell <matt@openssl.org>

Mon, 18 Jan 2021 09:06:34 +0000 (09:06 +0000)
author Michael Baentsch <info@baentsch.ch>
Fri, 15 Jan 2021 10:40:31 +0000 (11:40 +0100)
committer Matt Caswell <matt@openssl.org>
Mon, 18 Jan 2021 09:06:34 +0000 (09:06 +0000)
diff --git a/ssl/statem/statem_local.h b/ssl/statem/statem_local.h

index 9e03b7d363bae0c0d048ec3fb4b0b0c8c6289bff..40c3724bed39b47d5bfd3d6cfc83c4a2f93825fb 100644 (file)
--- a/ssl/statem/statem_local.h
+++ b/ssl/statem/statem_local.h
@@ -19,13 +19,16 @@
  /* The spec allows for a longer length than this, but we limit it */
  #define HELLO_VERIFY_REQUEST_MAX_LENGTH 258
  #define END_OF_EARLY_DATA_MAX_LENGTH    0
-#define SERVER_HELLO_MAX_LENGTH         20000
  #define HELLO_RETRY_REQUEST_MAX_LENGTH  20000
  #define ENCRYPTED_EXTENSIONS_MAX_LENGTH 20000
  #define SERVER_KEY_EXCH_MAX_LENGTH      102400
  #define SERVER_HELLO_DONE_MAX_LENGTH    0
  #define KEY_UPDATE_MAX_LENGTH           1
  #define CCS_MAX_LENGTH                  1
+
+/* Max ServerHello size permitted by RFC 8446 */
+#define SERVER_HELLO_MAX_LENGTH         65607
+
  /* Max should actually be 36 but we are generous */
  #define FINISHED_MAX_LENGTH             64
author	Michael Baentsch <info@baentsch.ch>
	Fri, 15 Jan 2021 10:40:31 +0000 (11:40 +0100)
committer	Matt Caswell <matt@openssl.org>
	Mon, 18 Jan 2021 09:06:34 +0000 (09:06 +0000)