Hi,
Sorry I made a mistake with question 3 due to my mis-understanding of
plaintext. It is actually the same question as question 1.
Actually I can control the TLS record size when calling SSL_write by
restricting the buffer size of each iterative. However, I couldn't control
the size in communication done by OpenSSL lib when establishing the
connection. The size simply exceed the expected limit (512 bytes) when a
whole certificate chain is transferred.
So far I haven't find any solution other than modifying the macro value.
However, due to some reasons it's best to avoid modifying the source code.
Any help is appreciated.
regards,
Peter Lin
On Sat, Aug 28, 2010 at 11:52 AM, peterlingoal peterling...@gmail.comwrote:
Hi everyone,
I have three questions:
1. Is there any API to limit the TLS fragment length (record size) to a
smaller value than default (2^14)?
2. How to set TLS extension max_fragment_length as suggested in
RFC4366? From the source code of 0.9.8l and mailing achieve it seems that
this has not been implemented.
3. Is there any API to define the maximumly allowed TLS plaintext
length in a TLS record? If not will changing the
macro SSL3_RT_MAX_PLAIN_LENGTH value serving the purpose?
Please comment. Thanks.
regards,
Peter Lin
