[openssl] master update

Matt Caswell matt at openssl.org
Mon Jan 18 09:16:53 UTC 2021 

The branch master has been updated
       via  3aff5b4bac7186fda9208a76127eff040cafae13 (commit)
      from  ed4a9b15d9cd1eea7493873d01949f075cea2b65 (commit)


- Log -----------------------------------------------------------------
commit 3aff5b4bac7186fda9208a76127eff040cafae13
Author: Michael Baentsch <info at baentsch.ch>
Date:   Fri Jan 15 11:40:31 2021 +0100

    Update SERVER_HELLO_MAX_LENGTH
    
    Update constant to maximum permitted by RFC 8446
    
    Fixes #13868
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/13874)

-----------------------------------------------------------------------

Summary of changes:
 ssl/statem/statem_local.h | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ssl/statem/statem_local.h b/ssl/statem/statem_local.h
index 9e03b7d363..40c3724bed 100644
--- a/ssl/statem/statem_local.h
+++ b/ssl/statem/statem_local.h
@@ -19,13 +19,16 @@
 /* The spec allows for a longer length than this, but we limit it */
 #define HELLO_VERIFY_REQUEST_MAX_LENGTH 258
 #define END_OF_EARLY_DATA_MAX_LENGTH    0
-#define SERVER_HELLO_MAX_LENGTH         20000
 #define HELLO_RETRY_REQUEST_MAX_LENGTH  20000
 #define ENCRYPTED_EXTENSIONS_MAX_LENGTH 20000
 #define SERVER_KEY_EXCH_MAX_LENGTH      102400
 #define SERVER_HELLO_DONE_MAX_LENGTH    0
 #define KEY_UPDATE_MAX_LENGTH           1
 #define CCS_MAX_LENGTH                  1
+
+/* Max ServerHello size permitted by RFC 8446 */
+#define SERVER_HELLO_MAX_LENGTH         65607
+
 /* Max should actually be 36 but we are generous */
 #define FINISHED_MAX_LENGTH             64

More information about the openssl-commits mailing list