Merge remote-tracking branch 'origin/pr/2410' into development

* origin/pr/2410: Update change log Document the default value for the maximum fragment length Improve clarity of mbedtls_ssl_conf_max_frag_len documentation Reword ssl_conf_max_frag_len documentation Fix typos and miswording in the mbedtls_ssl_conf_max_frag_len documentation comment Reword ssl_conf_max_frag_len documentation to clarify its necessity
2019-05-22 15:34:51 +01:00 · 2019-05-22 15:34:51 +01:00 · 7525aa06c1
commit 7525aa06c1
parent 31d1432233 35d3ec01a8
2 changed files with 12 additions and 4 deletions
--- a/2
+++ b/2
@ -66,6 +66,8 @@ Changes
     Found by Coverity, reported and fixed by Peter Kolbus (Garmin). Fixes #2309.
   * Add test for minimal value of MBEDTLS_MPI_WINDOW_SIZE to all.sh.
     Contributed by Peter Kolbus (Garmin).
+   * Change wording in the `mbedtls_ssl_conf_max_frag_len()`'s documentation to
+     improve clarity. Fixes #2258.

 = mbed TLS 2.17.0 branch released 2019-03-19

--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -2820,13 +2820,19 @@ void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf,

 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
 /**
- * \brief          Set the maximum fragment length to emit and/or negotiate
- *                 (Default: the smaller of MBEDTLS_SSL_IN_CONTENT_LEN and
- *                 MBEDTLS_SSL_OUT_CONTENT_LEN, usually 2^14 bytes)
+ * \brief          Set the maximum fragment length to emit and/or negotiate.
+ *                 (Typical: the smaller of #MBEDTLS_SSL_IN_CONTENT_LEN and
+ *                 #MBEDTLS_SSL_OUT_CONTENT_LEN, usually `2^14` bytes)
 *                 (Server: set maximum fragment length to emit,
- *                 usually negotiated by the client during handshake
+ *                 usually negotiated by the client during handshake)
 *                 (Client: set maximum fragment length to emit *and*
 *                 negotiate with the server during handshake)
+ *                 (Default: #MBEDTLS_SSL_MAX_FRAG_LEN_NONE)
+ *
+ * \note           On the client side, the maximum fragment length extension
+ *                 *will not* be used, unless the maximum fragment length has
+ *                 been set via this function to a value different than
+ *                 #MBEDTLS_SSL_MAX_FRAG_LEN_NONE.
 *
 * \note           With TLS, this currently only affects ApplicationData (sent
 *                 with \c mbedtls_ssl_read()), not handshake messages.