[gnutls-devel] GnuTLS | add support for 0-RTT (!775)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Thu Nov 1 17:03:05 CET 2018

Daiki Ueno commented on a discussion on lib/includes/gnutls/gnutls.h.in:

>  void gnutls_supplemental_send(gnutls_session_t session, unsigned do_send_supplemental);
> +/* Anti-replay related functions */
> +
> +typedef struct gnutls_anti_replay_st *gnutls_anti_replay_t;
> +
> +typedef int (*gnutls_anti_replay_add_func) (void *, const gnutls_datum_t *key);
> +typedef unsigned (*gnutls_anti_replay_check_func) (void *, const gnutls_datum_t *key);
> +typedef void(*gnutls_anti_replay_clear_func) (void *);

I have managed to port it to the existing db functions (plus, optional `gnutls_db_check_func` to avoid unnecessary malloc with `gnutls_db_retr_func`). As we discussed off-line, the key shouldn't overlap with TLS 1.2 session ID, as it is always longer than 32 octets.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/775#note_113866987
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181101/f333ed8c/attachment.html>

More information about the Gnutls-devel mailing list