Refactor - when crafting a DTLS packet max external cookie length (for hijacking) can be more than 32 in size based on RFC6347

Roy-Carter · Roy-Carter · commit e64305f9ffb1 · 2026-04-16T13:03:08.000+03:00
diff --git a/wolfssl/internal.h b/wolfssl/internal.h
@@ -1569,7 +1569,7 @@ enum Misc {
     SEED_LEN     = RAN_LEN * 2, /* tls prf seed length    */
     ID_LEN       = 32,         /* session id length       */
     COOKIE_SECRET_SZ = 14,     /* dtls cookie secret size */
-    MAX_COOKIE_LEN = 32,       /* max dtls cookie size    */
+    MAX_COOKIE_LEN = 255,      /* max dtls cookie size per RFC 6347 (opaque<0..2^8-1>) */
     COOKIE_SZ    = 20,         /* use a 20 byte cookie    */
     SUITE_LEN    =  2,         /* cipher suite sz length  */
     ENUM_LEN     =  1,         /* always a byte           */
