eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Allow disabling HelloVerifyRequest

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-07-23 17:52:09 +02:00 committed by Paul Bakker
parent e4de06145a
commit 7d38d215b1
3 changed files with 74 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

10
include/polarssl/ssl.h
View file

@ -1136,6 +1136,16 @@ typedef int ssl_cookie_check_t( void *ctx,
* \brief Register callbacks for DTLS cookies
* (Server only. DTLS only.)
*
* Default: dummy callbacks that fail, to force you to
* register working callbacks (and initialize their context).
*
* To disable HelloVerifyRequest, register NULL callbacks.
*
* \warning Disabling hello verification allows your server to be used
* for amplification in DoS attacks against other hosts.
* Only disable if you known this can't happen in your
* particular environment.
*
* \param ssl SSL context
* \param f_cookie_write Cookie write callback
* \param f_cookie_check Cookie check callback