add new options and accessors for SCTP

src/ssl.c

@@ -547,6 +547,91 @@ int wolfSSL_dtls_get_peer(WOLFSSL* ssl, void* peer, unsigned int* peerSz)
     return SSL_NOT_IMPLEMENTED;
 #endif
 }
+
+
+int wolfSSL_dtls_set_mtu(WOLFSSL* ssl, unsigned int newMtu)
+{
+#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SCTP)
+    if (ssl == NULL)
+        return SSL_FAILURE;
+
+    if (newMtu > MAX_RECORD_SIZE) {
+        ssl->error = BAD_FUNC_ARG;
+        return SSL_FAILURE;
+    }
+
+    return SSL_SUCCESS;
+#else /* WOLFSSL_DTLS && WOLFSSL_SCTP */
+    (void)ssl;
+    (void)newMtu;
+    return SSL_NOT_IMPLEMENTED;
+#endif /* WOLFSSL_DTLS && WOLFSSL_SCTP */
+}
+
+
+int wolfSSL_dtls_enable_retransmission(WOLFSSL* ssl, unsigned int options)
+{
+    (void)options;
+
+#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SCTP)
+    if (ssl == NULL)
+        return SSL_FAILURE;
+
+    ssl->options.dtlsRetxEnable = 1;
+    return SSL_SUCCESS;
+#else /* WOLFSSL_DTLS && WOLFSSL_SCTP */
+    (void)ssl;
+    return SSL_NOT_IMPLEMENTED;
+#endif /* WOLFSSL_DTLS && WOLFSSL_SCTP */
+}
+
+
+int wolfSSL_dtls_disable_retransmission(WOLFSSL* ssl)
+{
+#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SCTP)
+    if (ssl == NULL)
+        return SSL_FAILURE;
+
+    ssl->options.dtlsRetxEnable = 0;
+    return SSL_SUCCESS;
+#else /* WOLFSSL_DTLS && WOLFSSL_SCTP */
+    (void)ssl;
+    return SSL_NOT_IMPLEMENTED;
+#endif /* WOLFSSL_DTLS && WOLFSSL_SCTP */
+}
+
+
+int wolfSSL_dtls_enable_replay_detection(WOLFSSL* ssl, unsigned int options)
+{
+    (void)options;
+
+#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SCTP)
+    if (ssl == NULL)
+        return SSL_FAILURE;
+
+    ssl->options.dtlsReplayEnable = 1;
+    return SSL_SUCCESS;
+#else /* WOLFSSL_DTLS && WOLFSSL_SCTP */
+    (void)ssl;
+    return SSL_NOT_IMPLEMENTED;
+#endif /* WOLFSSL_DTLS && WOLFSSL_SCTP */
+}
+
+
+int wolfSSL_dtls_disable_replay_detection(WOLFSSL* ssl)
+{
+#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SCTP)
+    if (ssl == NULL)
+        return SSL_FAILURE;
+
+    ssl->options.dtlsReplayEnable = 0;
+    return SSL_SUCCESS;
+#else /* WOLFSSL_DTLS && WOLFSSL_SCTP */
+    (void)ssl;
+    return SSL_NOT_IMPLEMENTED;
+#endif /* WOLFSSL_DTLS && WOLFSSL_SCTP */
+}
+
 #endif /* WOLFSSL_LEANPSK */
 
 

wolfssl/internal.h

@@ -2405,6 +2405,10 @@ typedef struct Options {
 #endif
 #ifdef WOLFSSL_DTLS
     word16            dtlsHsRetain:1;     /* DTLS retaining HS data */
+#ifdef WOLFSSL_SCTP
+    word16            dtlsRetxEnable:1;   /* DTLS HS retransmission enable */
+    word16            dtlsReplayEnable:1; /* DTLS Replay detection enable */
+#endif /* WOLFSSL_SCTP */
 #endif
 
     /* need full byte values for this section */
@@ -2744,6 +2748,9 @@ struct WOLFSSL {
     void*           IOCB_CookieCtx;     /* gen cookie ctx */
     word32          dtls_expected_rx;
     wc_dtls_export  dtls_export;        /* export function for session */
+#ifdef WOLFSSL_SCTP
+    word32          mtu_size;
+#endif /* WOLFSSL_SCTP */
 #endif
 #ifdef WOLFSSL_CALLBACKS
     HandShakeInfo   handShakeInfo;      /* info saved during handshake */

wolfssl/ssl.h

@@ -409,6 +409,12 @@ WOLFSSL_API int  wolfSSL_dtls(WOLFSSL* ssl);
 WOLFSSL_API int  wolfSSL_dtls_set_peer(WOLFSSL*, void*, unsigned int);
 WOLFSSL_API int  wolfSSL_dtls_get_peer(WOLFSSL*, void*, unsigned int*);
 
+WOLFSSL_API int  wolfSSL_dtls_set_mtu(WOLFSSL*, unsigned int);
+WOLFSSL_API int  wolfSSL_dtls_enable_retransmission(WOLFSSL*, unsigned int);
+WOLFSSL_API int  wolfSSL_dtls_disable_retransmission(WOLFSSL*);
+WOLFSSL_API int  wolfSSL_dtls_enable_replay_detection(WOLFSSL*, unsigned int);
+WOLFSSL_API int  wolfSSL_dtls_disable_replay_detection(WOLFSSL*);
+
 WOLFSSL_API int   wolfSSL_ERR_GET_REASON(unsigned long err);
 WOLFSSL_API char* wolfSSL_ERR_error_string(unsigned long,char*);
 WOLFSSL_API void  wolfSSL_ERR_error_string_n(unsigned long e, char* buf,