gnutls_prf_rfc5705: apply the context limits only under TLS1.2 or earlier

These limits do not exist under TLS1.3.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

diff --git a/lib/prf.c b/lib/prf.c
index a249924351b76d37a278fa7f6ae740de3f6f8293..ff5eda32b204f84e14807b0a07d7d3b419cb5f81 100644 (file)
--- a/lib/prf.c
+++ b/lib/prf.c
@@ -136,11 +136,6 @@ gnutls_prf_rfc5705(gnutls_session_t session,
        const version_entry_st *vers = get_version(session);
        int ret;
 
-       if (context != NULL && context_size > 65535)  {
-               gnutls_assert();
-               return GNUTLS_E_INVALID_REQUEST;
-       }
-
        if (vers && vers->tls13_sem) {
                uint8_t secret[MAX_HASH_SIZE];
                uint8_t digest[MAX_HASH_SIZE];
@@ -169,6 +164,11 @@ gnutls_prf_rfc5705(gnutls_session_t session,
        } else {
                char *pctx = NULL;
 
+               if (context != NULL && context_size > 65535)  {
+                       gnutls_assert();
+                       return GNUTLS_E_INVALID_REQUEST;
+               }
+
                if (context != NULL) {
                        pctx = gnutls_malloc(context_size+2);
                        if (!pctx) {