From 42017cd4c9dacef74a82618a1d1b8afbfbfe35a9 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Wed, 8 Nov 2023 11:15:23 +0800
Subject: [PATCH] tls13: cli: write Record Size Limit ext in ClientHello

- add the support in library
- update corresponding test case

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 library/ssl_tls13_client.c |  9 +++++++++
 tests/ssl-opt.sh           | 11 +++++++----
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 342ec5242..0d132227c 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -1160,6 +1160,15 @@ int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl,
     }
     p += ext_len;
 
+#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
+    ret = mbedtls_ssl_tls13_write_record_size_limit_ext(
+        ssl, MBEDTLS_SSL_IN_CONTENT_LEN, p, end, &ext_len);
+    if (ret != 0) {
+        return ret;
+    }
+    p += ext_len;
+#endif
+
 #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED)
     if (mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) {
         ret = ssl_tls13_write_key_share_ext(ssl, p, end, &ext_len);
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 92b3e171c..1cd01dc0c 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -4856,10 +4856,13 @@ run_test    "Record Size Limit: TLS 1.3: Client-side parsing and debug output" \
             "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert -d 4" \
             "$P_CLI debug_level=4 force_version=tls13" \
             0 \
-            -s "Preparing extension (Record Size Limit/28) for 'encrypted extensions'"
-# The P_CLI can not yet send the Record Size Limit extension. Thus, the G_NEXT_SRV does not send
-# a response in its EncryptedExtensions record.
-#            -c "RecordSizeLimit: 16385 Bytes"
+            -c "Sent RecordSizeLimit: 16384 Bytes"                                      \
+            -c "ClientHello: record_size_limit(28) extension exists."                   \
+            -c "found record_size_limit extension"                                      \
+            -c "RecordSizeLimit: 16385 Bytes"                                           \
+            -c "EncryptedExtensions: record_size_limit(28) extension received."         \
+            -s "Parsing extension 'Record Size Limit/28' (2 bytes)"                     \
+            -s "record_size_limit 16384 negotiated"
 
 # In the following (9) tests, --recordsize is the value used by the G_NEXT_CLI (3.7.2) to configure the
 # maximum record size using "https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-size".