From d9b9aa40155ce1a42133cfb2b79a7e663c7a8e47 Mon Sep 17 00:00:00 2001 From: Kasper Lund Date: Thu, 28 Apr 2022 06:30:06 +0200 Subject: [PATCH] Add more TLS buffer space (#682) --- CMakeLists.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 095af7272..b33d1d205 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -114,13 +114,13 @@ endif() # Set the output buffer size to 3700, reduced from 16k. This is small enough # that the allocation from MbedTLS is < 4k, 4033bytes to be precise. We set -# the input buffer length to 6k because some sites have very large certificates +# the input buffer length to 8k because some sites have very large certificates # (eg Telegram, over 5100 bytes) and this is not something we can control. # There are some protocol extensions for telling the other side about our buffer # sizes, but they just cause the other side to fragment packets more agressively. # At this end we still have to reassemble the packets in and unfragmented form # that fits in the buffer size below. -set(MBEDTLS_C_FLAGS "-DMBEDTLS_SSL_IN_CONTENT_LEN=6400 -DMBEDTLS_SSL_OUT_CONTENT_LEN=3700 -DMBEDTLS_PLATFORM_MEMORY=1") +set(MBEDTLS_C_FLAGS "-DMBEDTLS_SSL_IN_CONTENT_LEN=8100 -DMBEDTLS_SSL_OUT_CONTENT_LEN=3700 -DMBEDTLS_PLATFORM_MEMORY=1") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${TOIT_GENERIC_FLAGS} ${TOIT_LWIP_C_FLAGS} ${MBEDTLS_C_FLAGS}") set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -DDEBUG")