ssize_t len = datalen;
size_t pos = 0;
uint8_t cookie_len;
+ unsigned int nb_verifs;
if (!_gnutls_is_dtls (session)
|| session->security_parameters.entity == GNUTLS_SERVER)
return GNUTLS_E_UNEXPECTED_PACKET;
}
+ nb_verifs = ++session->internals.dtls.hsk_hello_verify_requests;
+ if (nb_verifs >= MAX_HANDSHAKE_HELLO_VERIFY_REQUESTS)
+ {
+ /* The server is either buggy, malicious or changing cookie
+ secrets _way_ too fast. */
+ gnutls_assert ();
+ return GNUTLS_E_UNEXPECTED_PACKET;
+ }
+
/* TODO: determine if we need to do anything with the server version field */
DECR_LEN (len, 2);
pos += 2;
/* the maximum size of the DTLS cookie */
#define DTLS_MAX_COOKIE_SIZE 32
+/* The maximum number of HELLO_VERIFY_REQUEST messages the client
+ processes before aborting. */
+#define MAX_HANDSHAKE_HELLO_VERIFY_REQUESTS 5
+
/* defaults for verification functions
*/
#define DEFAULT_VERIFY_DEPTH 32
/* Head of the next outgoing flight. */
dtls_hsk_retransmit_buffer *retransmit;
dtls_hsk_retransmit_buffer **retransmit_end;
+
+ unsigned int hsk_hello_verify_requests;
} dtls_st;