wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 03:12:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

ssl: add new wolfSSL_disable_hrr_cookie() API to disable hrr cookie

Browse Source 
Add a way to disable hrr cookie so it can be enabled by default for DTLS
connections.
This commit is contained in:
Marco Oliverio
2022-08-26 12:21:37 +02:00
parent db6d69143e
commit edd723cc84
3 changed files with 56 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/tls13.c
View File

@@ -10628,7 +10628,33 @@ int wolfSSL_send_hrr_cookie(WOLFSSL* ssl, const unsigned char* secret,
return ret;
}
#endif
int wolfSSL_disable_hrr_cookie(WOLFSSL* ssl)
{
if (ssl == NULL || !IsAtLeastTLSv1_3(ssl->version))
return BAD_FUNC_ARG;
#ifdef NO_WOLFSSL_SERVER
return SIDE_ERROR
#else
if (ssl->options.side == WOLFSSL_CLIENT_END)
return SIDE_ERROR;
if (ssl->buffers.tls13CookieSecret.buffer != NULL) {
ForceZero(ssl->buffers.tls13CookieSecret.buffer,
ssl->buffers.tls13CookieSecret.length);
XFREE(ssl->buffers.tls13CookieSecret.buffer, ssl->heap,
DYNAMIC_TYPE_COOKIE_PWD);
ssl->buffers.tls13CookieSecret.buffer = NULL;
ssl->buffers.tls13CookieSecret.length = 0;
}
ssl->options.sendCookie = 0;
return WOLFSSL_SUCCESS;
#endif /* NO_WOLFSSL_SERVER */
}
#endif /* defined(WOLFSSL_SEND_HRR_COOKIE) */
#ifdef HAVE_SUPPORTED_CURVES
/* Create a key share entry from group.