On Tue, 2025-07-29 at 17:13 +0900, Damien Le Moal wrote:
On 7/29/25 11:41, Wilfred Mallawa wrote:
quoted
From: Wilfred Mallawa <redacted>
Currently, for tls_sw, the kernel uses the default 16K
TLS_MAX_PAYLOAD_SIZE for records. However, if an endpoint has
specified
a record size much lower than that, it is currently not respected.
Remove "much". Lower is lower and we have to respect it, even if it
is 1B.
quoted
This patch adds support to using the record size limit specified by
an
endpoint if it has been set.
s/to using/for using
quoted
Signed-off-by: Wilfred Mallawa <redacted>
quoted
@@ -1045,6 +1046,13 @@ static int tls_sw_sendmsg_locked(struct sock
*sk, struct msghdr *msg,
}
}
+ if (tls_ctx->tls_record_size_limit > 0) {
+ tls_record_size_limit = min(tls_ctx-quoted
tls_record_size_limit,
+ TLS_MAX_PAYLOAD_SIZE);
+ } else {
+ tls_record_size_limit = TLS_MAX_PAYLOAD_SIZE;
+ }
You can simplify this with:
tls_record_size_limit =
min_not_zero(tls_ctx->tls_record_size_limit,
TLS_MAX_PAYLOAD_SIZE);
Hey Damien,
Thanks for the feedback! Will amend for V2.
Regards,
Wilfred