Hi Ankita,
Regarding DTLS cookies, resetting the SSL context and setting the client transport ID is indeed mandatory and how things are supposed to work when you enable hello verify request. Setting the client transport ID is necessary as that is used to compute and verify the cookie value. Resetting the SSL context is actually a feature: it means you don't have to maintain state on the server before the client reachability at the claimed address is established.
See https://mbed-tls.readthedocs.io/en/latest/kb/how-to/dtls-tutorial/#server-si... for context and details.
Why is resetting the context and setting the client transport ID a problem for you?
Regarding your second question, yes, we do require a toolchain with at least some C99 features, including those two headers. See https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-3.6?tab=readme-ov-file#tool...
May I ask what toolchain you are using that doesn't have that level of C99 support? Perhaps your toolchain is just defaulting to C89 but that can be changed to C99?
Regards, Manuel. ________________________________ From: Ankita Hatmode via mbed-tls mbed-tls@lists.trustedfirmware.org Sent: 01 September 2025 06:28 To: mbed-tls@lists.trustedfirmware.org mbed-tls@lists.trustedfirmware.org Subject: [mbed-tls] DTLS handshake with and without hello verify request
Hi Team,
I am working on exploring DTLS handshake using the mbedtls-3.6.4 version on our embedded platform. I enabled the hello verify request feature and got stuck at hello verify request state on server side if I don't reset the ssl context and don't set the client transport ID. I want to know if there is any way to complete a handshake by bypassing the reset of ssl context and setting the client transport ID.
Also, our environment only supports C89 constructs. I could not see inttypes.h in the mbedtls-3.6.4, is there any specific reason to remove this file? I am getting compilation errors without inttypes.h and stdint.h. Is there any macro to be enabled to support the c89 compilation in mbedtls stack?
Looking forward to your response.
Thanks and regards, Ankita Hatmode
------------------------------------------------------------------------------------------------------------------------- Disclaimer: This email message including any attachments is confidential, and may be privileged and proprietary to Agiliad. If you are not the intended recipient, please notify us immediately by replying to this message and destroy all copies of this message including any attachments. You are NOT authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. Thank you. ------------------------------------------------------------------------------------------------------------------------