crypto/tls: maxHandshake is not documented #35153
Labels
Documentation
FrozenDueToAge
NeedsDecision
Feedback is required from experts, contributors, and/or the community before a change can be made.
Comments
dmitshur
added
the
NeedsDecision
|
/cc @FiloSottile |
|
Documenting something makes it a backwards compatibility promise, while this should be just an internal detail. What we do have is a clear error for when the limit is exceeded, so if it starts happening users can open an issue about it. Line 982 in 0fb95e7 (If you opened this issue because you hit the limit and you think we should increase it, feel free to open an issue for that.) |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
crypto/tlshas a hard-coded limitationconst maxHandshake = 65536for handshake message length.While a ClientHello message could has a maximum length of
131396under extreme conditions, according to OpenSSL source code.The 64KiB limitation is good at security perspective, to reduce server resource consumption. But I think it should be documented, as a Go specific behavior.
The text was updated successfully, but these errors were encountered: