[gnutls-devel] GnuTLS | add support for 0-RTT (!775)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Thu Nov 1 17:03:05 CET 2018
Daiki Ueno commented on a discussion on lib/includes/gnutls/gnutls.h.in:
> void gnutls_supplemental_send(gnutls_session_t session, unsigned do_send_supplemental);
> +/* Anti-replay related functions */
> +typedef struct gnutls_anti_replay_st *gnutls_anti_replay_t;
> +typedef int (*gnutls_anti_replay_add_func) (void *, const gnutls_datum_t *key);
> +typedef unsigned (*gnutls_anti_replay_check_func) (void *, const gnutls_datum_t *key);
> +typedef void(*gnutls_anti_replay_clear_func) (void *);
I have managed to port it to the existing db functions (plus, optional `gnutls_db_check_func` to avoid unnecessary malloc with `gnutls_db_retr_func`). As we discussed off-line, the key shouldn't overlap with TLS 1.2 session ID, as it is always longer than 32 octets.
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/775#note_113866987
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel