[gnutls-devel] GnuTLS | add support for 0-RTT (!775)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Tue Oct 30 10:29:57 CET 2018

Daiki Ueno commented on a discussion on lib/includes/gnutls/gnutls.h.in:

> +typedef struct gnutls_anti_replay_st *gnutls_anti_replay_t;
> +
> +typedef int (*gnutls_anti_replay_add_func) (void *, const gnutls_datum_t *key);
> +typedef unsigned (*gnutls_anti_replay_check_func) (void *, const gnutls_datum_t *key);
> +typedef void(*gnutls_anti_replay_clear_func) (void *);
> +
> +int gnutls_anti_replay_init(gnutls_anti_replay_t *anti_replay);
> +void gnutls_anti_replay_deinit(gnutls_anti_replay_t anti_replay);
> +void gnutls_anti_replay_set_window(gnutls_anti_replay_t anti_replay,
> +				   unsigned int window);
> +void gnutls_anti_replay_set_functions(gnutls_anti_replay_t anti_replay,
> +				      gnutls_anti_replay_add_func add_func,
> +				      gnutls_anti_replay_check_func check_func,
> +				      gnutls_anti_replay_clear_func clear_func,
> +				      void *ptr);
> +int gnutls_anti_replay_enable(gnutls_session_t session,

The current implementation refuses the use of 0-rtt if the anti-replay mechanism is not set on the session (see the documentation).  Not sure if it is feasible to enable it by default.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/775#note_113078434
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181030/19b005e4/attachment.html>

More information about the Gnutls-devel mailing list