gnutls-serv: all skipping DTLS cookie request

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2018-05-05 21:59:13 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2018-05-05 22:18:01 +0200
commit: cb1930bafe82ce591b8bdaad6757dd6eb02e54dd (patch)
tree: 416a17f4416244bd27ebda00221a732b465089b8
parent: c7e1f3f9c5fc00d5814a3f6ecf3850953e487a92 (diff)
download: gnutls-cb1930bafe82ce591b8bdaad6757dd6eb02e54dd.tar.gz
2 files changed, 44 insertions, 33 deletions
diff --git a/src/serv-args.def b/src/serv-args.def
index b59cef9eb0..5f133ed617 100644
--- a/src/serv-args.def
+++ b/src/serv-args.def
@@ -43,6 +43,12 @@ flag = {
 };
 
 flag = {
+    name      = nocookie;
+    descrip   = "Don't require cookie on DTLS sessions";
+    doc      = "";
+};
+
+flag = {
     name      = generate;
     value     = g;
     descrip   = "Generate Diffie-Hellman parameters";
diff --git a/src/udp-serv.c b/src/udp-serv.c
index 046026e00c..5442946165 100644
--- a/src/udp-serv.c
+++ b/src/udp-serv.c
@@ -36,6 +36,7 @@
 #include <errno.h>
 #include <common.h>
 #include "udp-serv.h"
+#include "serv-args.h"
 #include "list.h"
 
 typedef struct {
@@ -89,39 +90,41 @@ void udp_server(const char *name, int port, int mtu)
 			     (struct sockaddr *) &cli_addr,
 			     &cli_addr_size);
 		if (ret > 0) {
-			memset(&prestate, 0, sizeof(prestate));
-			ret =
-			    gnutls_dtls_cookie_verify(&cookie_key,
-						      &cli_addr,
-						      cli_addr_size,
-						      buffer, ret,
-						      &prestate);
-			if (ret < 0) {	/* cookie not valid */
-				priv_data_st s;
-
-				memset(&s, 0, sizeof(s));
-				s.fd = sock;
-				s.cli_addr = (void *) &cli_addr;
-				s.cli_addr_size = cli_addr_size;
-
-				printf
-				    ("Sending hello verify request to %s\n",
-				     human_addr((struct sockaddr *)
-						&cli_addr,
-						cli_addr_size, buffer,
-						sizeof(buffer)-1));
-				gnutls_dtls_cookie_send(&cookie_key,
+			if (!HAVE_OPT(NOCOOKIE)) {
+				memset(&prestate, 0, sizeof(prestate));
+				ret =
+				    gnutls_dtls_cookie_verify(&cookie_key,
+							      &cli_addr,
+							      cli_addr_size,
+							      buffer, ret,
+							      &prestate);
+				if (ret < 0) {	/* cookie not valid */
+					priv_data_st s;
+
+					memset(&s, 0, sizeof(s));
+					s.fd = sock;
+					s.cli_addr = (void *) &cli_addr;
+					s.cli_addr_size = cli_addr_size;
+
+					printf
+					    ("Sending hello verify request to %s\n",
+					     human_addr((struct sockaddr *)
 							&cli_addr,
-							cli_addr_size,
-							&prestate,
-							(gnutls_transport_ptr_t)
-							&s, push_func);
-
-				/* discard peeked data */
-				recvfrom(sock, buffer, sizeof(buffer)-1, 0,
-					 (struct sockaddr *) &cli_addr,
-					 &cli_addr_size);
-				continue;
+							cli_addr_size, buffer,
+							sizeof(buffer)-1));
+					gnutls_dtls_cookie_send(&cookie_key,
+								&cli_addr,
+								cli_addr_size,
+								&prestate,
+								(gnutls_transport_ptr_t)
+								&s, push_func);
+
+					/* discard peeked data */
+					recvfrom(sock, buffer, sizeof(buffer)-1, 0,
+						 (struct sockaddr *) &cli_addr,
+						 &cli_addr_size);
+					continue;
+				}
 			}
 			printf("Accepted connection from %s\n",
 			       human_addr((struct sockaddr *)
@@ -131,7 +134,9 @@ void udp_server(const char *name, int port, int mtu)
 			continue;
 
 		session = initialize_session(1);
-		gnutls_dtls_prestate_set(session, &prestate);
+		if (!HAVE_OPT(NOCOOKIE))
+			gnutls_dtls_prestate_set(session, &prestate);
+
 		if (mtu)
 			gnutls_dtls_set_mtu(session, mtu);
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-05-05 21:59:13 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-05-05 22:18:01 +0200
commit	cb1930bafe82ce591b8bdaad6757dd6eb02e54dd (patch)
tree	416a17f4416244bd27ebda00221a732b465089b8
parent	c7e1f3f9c5fc00d5814a3f6ecf3850953e487a92 (diff)
download	gnutls-cb1930bafe82ce591b8bdaad6757dd6eb02e54dd.tar.gz