From 2537f37faf0a3c2a0bda15ae1d9f78b2f3f6a43d Mon Sep 17 00:00:00 2001
From: Simon Butcher <simon.butcher@arm.com>
Date: Fri, 3 Feb 2017 00:21:28 +0000
Subject: [PATCH] Add clarification to the TLS renegotiation period

Expanded details on use of mbedtls_ssl_conf_renegotiation_period()
---
 include/mbedtls/ssl.h | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 8042693d0..42c9779c6 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -2194,8 +2194,14 @@ void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_
  *                 Lower values can be used to enforce policies such as "keys
  *                 must be refreshed every N packets with cipher X".
  *
- * \note           When the transport is set to MBEDTLS_SSL_TRANSPORT_DATAGRAM,
- *                 the maximum renegotiation period is 2^48 - 1.
+ *                 The renegotiation period can be disabled by setting
+ *                 conf->disable_renegotiation to
+ *                 MBEDTLS_SSL_RENEGOTIATION_DISABLED.
+ *
+ * \note           When the configured transport is
+ *                 MBEDTLS_SSL_TRANSPORT_DATAGRAM the maximum renegotiation
+ *                 period is 2^48 - 1, and for MBEDTLS_SSL_TRANSPORT_STREAM,
+ *                 the maximum renegotiation period is 2^64 - 1.
  *
  * \param conf     SSL configuration
  * \param period   The threshold value: a big-endian 64-bit number.