gnutls_anti_replay_set_ptr - Linux


gnutls_anti_replay_set_ptr configures the anti-replay mechanism of a TLS connection, allowing the application to maintain its own replay list.


gnutls_anti_replay_set_ptr(session, list_ptr, hash_func, cmp_func)

| Parameter | Description |
| session | Pointer to the TLS session object |
| list_ptr | Pointer to the user-managed replay list structure |
| hash_func | Hash function used to calculate replay sequence numbers |
| cmp_func | Comparator function used to compare replay sequence numbers |




#include <gnutls/abstract.h>

void set_replay_list(gnutls_session_t session) {
  struct replay_list_st replay_list; // Define the replay list structure

  // Initialize the replay list structure

  // Set the replay list and callback functions
  gnutls_anti_replay_set_ptr(session, &replay_list, GNUTLS_DIG_SHA256, compare_func);

Common Issues

  • Security Considerations: Ensure that the replay list and callback functions are securely implemented to prevent replay attacks.
  • Performance: Large replay lists can impact performance. Tune the list size according to the application’s needs.


  • Combine with gnutls_handshake to establish a TLS connection with anti-replay protection.
  • Integrate with other TLS connection management functions to handle replay protection throughout the connection lifecycle.

Related Commands

  • gnutls_anti_replay_init
  • gnutls_anti_replay_set_sequence_ptr
  • gnutls_anti_replay_add