From e64305f9ffb1552783ef342dfabb049fa4bb154b Mon Sep 17 00:00:00 2001 From: Roy Carter Date: Thu, 16 Apr 2026 13:03:08 +0300 Subject: [PATCH] Refactor - when crafting a DTLS packet max external cookie length (for hijacking) can be more than 32 in size based on RFC6347 --- wolfssl/internal.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 576492d05d..86fb9ab80c 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -1569,7 +1569,7 @@ enum Misc { SEED_LEN = RAN_LEN * 2, /* tls prf seed length */ ID_LEN = 32, /* session id length */ COOKIE_SECRET_SZ = 14, /* dtls cookie secret size */ - MAX_COOKIE_LEN = 32, /* max dtls cookie size */ + MAX_COOKIE_LEN = 255, /* max dtls cookie size per RFC 6347 (opaque<0..2^8-1>) */ COOKIE_SZ = 20, /* use a 20 byte cookie */ SUITE_LEN = 2, /* cipher suite sz length */ ENUM_LEN = 1, /* always a byte */