From f48eb638daa57000305bdf538f8e4a1847fcd3b8 Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sean@wolfssl.com>
Date: Wed, 31 Jan 2024 07:26:25 +1000
Subject: [PATCH] TLS 1.3, HRR Cookie: send cookie back in new ClientHello

Make it mandatory that the cookie is sent back in new ClientHello when
seen in a HelloRetryRequest.
---
 src/tls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/tls.c b/src/tls.c
index 04794ae94..7ce612cc1 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -6479,7 +6479,7 @@ static int TLSX_Cookie_Parse(WOLFSSL* ssl, const byte* input, word16 length,
         return BUFFER_E;
 
     if (msgType == hello_retry_request)
-        return TLSX_Cookie_Use(ssl, input + idx, len, NULL, 0, 0,
+        return TLSX_Cookie_Use(ssl, input + idx, len, NULL, 0, 1,
                                &ssl->extensions);
 
     /* client_hello */