Topic: some questions

Hi all,

working with wolfssl 5.3.1 stable

Have some questions:
1) About TLS 1.3, is it possible to configure wolfssl to disable change_cipher_spec records ?
2) Is it possible co configure the record data chunk size ?

Thanks,
angelo

Share

Re: some questions

Hi _angelo_

1) are you asking to never send change_cipher_spec and to ignore them if received ?
2) in `wolfssl/internal.h` we define max record size as follows:

MAX_RECORD_SIZE = 16384,    /* 2^14, max size by standard */

Hope this helps.  Let me know your clarifications on the first point and if you have any further questions.

Warm regards, Anthony

Share

Re: some questions

Hi _angelo_,

1) About TLS 1.3, is it possible to configure wolfssl to disable change_cipher_spec records ?

Sending of change_chiper_spec should be disabled by default and enabled by the preprocessor define WOLFSSL_TLS13_MIDDLEBOX_COMPAT at compile time. If you aren't using this define and you still see sending of change_cipher_spec, feel free to provide more details on your compilation configuration and I'll look at it.

2) Is it possible co configure the record data chunk size ?

Client may negotiate a maximum message size with the server using the max_fragment_length extension. Other than that wolfSSL have no other way of automatically limiting the max size of a message but it can also be done at the application layer. What's your use case?

- Marco

Share