diff --git a/src/ssl_sess.c b/src/ssl_sess.c
index 0d5178c66..4afd2b97b 100644
--- a/src/ssl_sess.c
+++ b/src/ssl_sess.c
@@ -751,6 +751,7 @@ long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX* ctx, long mode)
 /* return the max fragment size set when handshake was negotiated */
 uint8_t wolfSSL_SESSION_get_max_fragment_length(WOLFSSL_SESSION* session)
 {
+    session = ClientSessionToSession(session);
     if (session == NULL) {
         return 0;
     }
@@ -3908,6 +3909,10 @@ static int wolfSSL_DupSessionEx(const WOLFSSL_SESSION* input,
     }
     ticBuff = NULL;
 
+#ifdef HAVE_MAX_FRAGMENT
+    output->mfl = input->mfl;
+#endif
+
 #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&          \
     (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
     if (preallocUsed != NULL)
diff --git a/src/tls.c b/src/tls.c
index 03df15674..8188183d7 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -2988,8 +2988,9 @@ static int TLSX_MFL_Parse(WOLFSSL* ssl, const byte* input, word16 length,
             WOLFSSL_ERROR_VERBOSE(UNKNOWN_MAX_FRAG_LEN_E);
             return UNKNOWN_MAX_FRAG_LEN_E;
     }
-    if (ssl->session != NULL)
+    if (ssl->session != NULL) {
         ssl->session->mfl = *input;
+    }
 
 #ifndef NO_WOLFSSL_SERVER
     if (isRequest) {