-
Notifications
You must be signed in to change notification settings - Fork 597
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MessageFragmenter doesn't take account of encryption overhead #991
Comments
I'm reading RFC 6066 and it seems like 81 would be a reasonable length at the record layer since that the
If I'm misreading that, would we need to determine the record payload protection overhead before fragmenting in order to fragment shorter? |
We don't implement RFC6066
Yes I think so. |
#1579 is relevant to this |
If we set
ServerConfig::max_fragment_size
orClientConfig::max_fragment_size
it is expected that all the TLS messages are no larger than this. However, this is only true if the messages are unencrypted: after that the sizes are larger by the encryption overhead.This means, setting
max_fragment_size
toSome(64)
, the message sizes are:The text was updated successfully, but these errors were encountered: