lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-28 00:21:48 +03:00
Code Activity

Allow disabling HelloVerifyRequest

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard
2014-07-23 17:52:09 +02:00
committed by Paul Bakker
parent e4de06145a
commit 7d38d215b1
3 changed files with 74 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
include/polarssl/ssl.h
View File

@ -1136,6 +1136,16 @@ typedef int ssl_cookie_check_t( void *ctx,
* \brief Register callbacks for DTLS cookies
* (Server only. DTLS only.)
*
* Default: dummy callbacks that fail, to force you to
* register working callbacks (and initialize their context).
*
* To disable HelloVerifyRequest, register NULL callbacks.
*
* \warning Disabling hello verification allows your server to be used
* for amplification in DoS attacks against other hosts.
* Only disable if you known this can't happen in your
* particular environment.
*
* \param ssl SSL context
* \param f_cookie_write Cookie write callback
* \param f_cookie_check Cookie check callback