manpagez: man pages & more
info gnutls

Other versions of gnutls Choose... gnutls-3.3.3gnutls-3.0.10

Home | html | info | man

[ << ]

[ < ]

[ Up ]

[ > ]

[ >> ]

[Top]

[Contents]

[Index]

[ ? ]

---

C.2 Datagram TLS API

The prototypes for the following functions lie in ‘gnutls/dtls.h’.

gnutls_dtls_cookie_send

Function: int gnutls_dtls_cookie_send (gnutls_datum_t* key, void* client_data, size_t client_data_size, gnutls_dtls_prestate_st* prestate, gnutls_transport_ptr_t ptr, gnutls_push_func push_func)

key: is a random key to be used at cookie generation

client_data: contains data identifying the client (i.e. address)

client_data_size: The size of client’s data

prestate: The previous cookie returned by gnutls_dtls_cookie_verify()

ptr: A transport pointer to be used by push_func

push_func: A function that will be used to reply

Description: This function can be used to prevent denial of service attacks to a DTLS server by requiring the client to reply using a cookie sent by this function. That way it can be ensured that a client we allocated resources for (i.e. gnutls_session_t) is the one that the original incoming packet was originated from.

Returns: the number of bytes sent, or a negative error code.

Since: 3.0.0

gnutls_dtls_cookie_verify

Function: int gnutls_dtls_cookie_verify (gnutls_datum_t* key, void* client_data, size_t client_data_size, void* _msg, size_t msg_size, gnutls_dtls_prestate_st* prestate)

key: is a random key to be used at cookie generation

client_data: contains data identifying the client (i.e. address)

client_data_size: The size of client’s data

_msg: An incoming message that initiates a connection.

msg_size: The size of the message.

prestate: The cookie of this client.

Description: This function will verify an incoming message for a valid cookie. If a valid cookie is returned then it should be associated with the session using gnutls_dtls_prestate_set();

Returns: GNUTLS_E_SUCCESS (0) on success, or a negative error code.

Since: 3.0.0

gnutls_dtls_get_data_mtu

Function: unsigned int gnutls_dtls_get_data_mtu (gnutls_session_t session)

session: is a gnutls_session_t structure.

Description: This function will return the actual maximum transfer unit for application data. I.e. DTLS headers are subtracted from the actual MTU.

Returns: the maximum allowed transfer unit.

Since: 3.0.0

gnutls_dtls_get_mtu

Function: unsigned int gnutls_dtls_get_mtu (gnutls_session_t session)

session: is a gnutls_session_t structure.

Description: This function will return the MTU size as set with gnutls_dtls_set_mtu(). This is not the actual MTU of data you can transmit. Use gnutls_dtls_get_data_mtu() for that reason.

Returns: the set maximum transfer unit.

Since: 3.0.0

gnutls_dtls_prestate_set

Function: void gnutls_dtls_prestate_set (gnutls_session_t session, gnutls_dtls_prestate_st* prestate)

session: a new session

prestate: contains the client’s prestate

Description: This function will associate the prestate acquired by the cookie authentication with the client, with the newly established session.

Since: 3.0.0

gnutls_dtls_set_mtu

Function: void gnutls_dtls_set_mtu (gnutls_session_t session, unsigned int mtu)

session: is a gnutls_session_t structure.

mtu: The maximum transfer unit of the interface

Description: This function will set the maximum transfer unit of the interface that DTLS packets are expected to leave from.

Since: 3.0.0

gnutls_dtls_set_timeouts

Function: void gnutls_dtls_set_timeouts (gnutls_session_t session, unsigned int retrans_timeout, unsigned int total_timeout)

session: is a gnutls_session_t structure.

retrans_timeout: The time at which a retransmission will occur in milliseconds

total_timeout: The time at which the connection will be aborted, in milliseconds.

Description: This function will set the timeouts required for the DTLS handshake protocol. The retransmission timeout is the time after which a message from the peer is not received, the previous messages will be retransmitted. The total timeout is the time after which the handshake will be aborted with GNUTLS_E_TIMEDOUT.

The DTLS protocol recommends the values of 1 sec and 60 seconds respectively.

If the retransmission timeout is zero then the handshake will operate in a non-blocking way, i.e., return GNUTLS_E_AGAIN.

Since: 3.0.0

gnutls_record_get_discarded

Function: unsigned int gnutls_record_get_discarded (gnutls_session_t session)

session: is a gnutls_session_t structure.

Description: Returns the number of discarded packets in a DTLS connection.

Returns: The number of discarded packets.

Since: 3.0.0

---

[ << ]

[ < ]

[ Up ]

[ > ]

[ >> ]

[Top]

[Contents]

[Index]

[ ? ]

This document was generated on January 4, 2012 using texi2html 5.0.

© manpagez.com 2000-2025
Individual documents may contain additional copyright information.