2025-09-03, 12:14:32 +0200, Sabrina Dubroca wrote: > 2025-09-03, 11:47:57 +1000, Wilfred Mallawa wrote: > Pushing out the pending "too big" record at the time we set > tx_record_size_limit would likely make the peer close the connection > (because it's already told us to limit our TX size), so I guess we'd > have to split the pending record into tx_record_size_limit chunks > before we start processing the new message (either directly at > setsockopt(TLS_INFO_TX_RECORD_SIZE_LIM) time, or the next send/etc > call). The final push during socket closing, and maybe some more > codepaths that deal with ctx->open_rec, would also have to do that. > > I think additional selftests for > send(MSG_MORE), TLS_INFO_TX_RECORD_SIZE_LIM, send > and > send(MSG_MORE), TLS_INFO_TX_RECORD_SIZE_LIM, close > verifying the received record sizes would make sense, since it's a bit > tricky to get that right. Hmm, after thinking about this a bit more, maybe we don't need to care? There could be more records larger than the new limit already pushed out to TCP but not received by the peer, and we can't do anything about those. I suspect it's not a problem in practice because of what the TLS exchange between the peers setting up this extension looks like? (ie, there should never be an open record at this stage - unless userspace delays doing this setsockopt after getting the message from the peer, but then maybe we can call that a buggy userspace) -- Sabrina
