File tree Expand file tree Collapse file tree 1 file changed +6
-1
lines changed
Expand file tree Collapse file tree 1 file changed +6
-1
lines changed Original file line number Diff line number Diff line change @@ -1446,6 +1446,11 @@ enum {
14461446
14471447#define TLS13_TICKET_NONCE_MAX_SZ 255
14481448
1449+ #ifndef WOLFSSL_COOKIE_LEN
1450+ /* Maximum size for a DTLS cookie */
1451+ #define WOLFSSL_COOKIE_LEN 32
1452+ #endif
1453+
14491454#if (defined(HAVE_FIPS ) && \
14501455 !(defined(FIPS_VERSION_GE ) && FIPS_VERSION_GE (5 ,3 ))) && \
14511456 defined(TLS13_TICKET_NONCE_STATIC_SZ )
@@ -1569,7 +1574,7 @@ enum Misc {
15691574 SEED_LEN = RAN_LEN * 2 , /* tls prf seed length */
15701575 ID_LEN = 32 , /* session id length */
15711576 COOKIE_SECRET_SZ = 14 , /* dtls cookie secret size */
1572- MAX_COOKIE_LEN = 254 , /* max dtls cookie size per RFC 6347 (opaque<0..2^8-1>) more than 254 can be malformed / malicious */
1577+ MAX_COOKIE_LEN = WOLFSSL_COOKIE_LEN , /* max dtls cookie size */
15731578 COOKIE_SZ = 20 , /* use a 20 byte cookie */
15741579 SUITE_LEN = 2 , /* cipher suite sz length */
15751580 ENUM_LEN = 1 , /* always a byte */
You can’t perform that action at this time.
0 commit comments