yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-12-13 11:31:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
2818 commits 88 branches 205 tags 69 MiB
Commit graph

823 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard 56d985d0a6 Merge branch 'session-hash' into dtls 
* session-hash:
  Update Changelog for session-hash
  Make session-hash depend on TLS versions
  Forbid extended master secret with SSLv3
  compat.sh: allow git version of gnutls
  compat.sh: make options a bit more robust
  Implement extended master secret
  Add negotiation of Extended Master Secret

Conflicts:
	include/polarssl/check_config.h
	programs/ssl/ssl_server2.c
 2014-11-06 01:25:09 +01:00
Manuel Pégourié-Gonnard fedba98ede Merge branch 'fb-scsv' into dtls 
* fb-scsv:
  Update Changelog for FALLBACK_SCSV
  Implement FALLBACK_SCSV server-side
  Implement FALLBACK_SCSV client-side
 2014-11-05 16:12:09 +01:00
Manuel Pégourié-Gonnard b575b54cb9 Forbid extended master secret with SSLv3 2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard dd4592774b compat.sh: allow git version of gnutls 2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard 85a4178f82 compat.sh: make options a bit more robust 2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard 01b2699198 Implement FALLBACK_SCSV server-side 2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard 1cbd39dbeb Implement FALLBACK_SCSV client-side 2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard 367381fddd Add negotiation of Extended Master Secret 
(But not the actual thing yet.)
 2014-11-05 16:00:49 +01:00
Paul Bakker f2a459df05 Preparation for PolarSSL 1.4.0 2014-10-21 16:40:54 +02:00
Manuel Pégourié-Gonnard a6ace04c5c Test for lost HelloRequest 2014-10-21 16:32:57 +02:00
Manuel Pégourié-Gonnard f1384470bf Avoid spurious timeout in ssl-opt.sh 2014-10-21 16:32:57 +02:00
Manuel Pégourié-Gonnard 74a1378175 Avoid false positive in ssl-opt.sh with memcheck 2014-10-21 16:32:56 +02:00
Manuel Pégourié-Gonnard e698f59a25 Add tests for ssl_set_dtls_badmac_limit() 2014-10-21 16:32:56 +02:00
Manuel Pégourié-Gonnard caecdaed25 Cosmetics in ssl_server2 & complete tests for HVR 2014-10-21 16:32:54 +02:00
Manuel Pégourié-Gonnard 37e08e1689 Fix max_fragment_length with DTLS 2014-10-21 16:32:53 +02:00
Manuel Pégourié-Gonnard 127ab88dba Give more time to lossy tests with normal timers 2014-10-21 16:32:51 +02:00
Manuel Pégourié-Gonnard ba958b8bdc Add test for server-initiated renego 
Just assuming the HelloRequest isn't lost for now
 2014-10-21 16:32:50 +02:00
Manuel Pégourié-Gonnard 85beb30b11 Add test for resumption with non-blocking I/O 2014-10-21 16:32:48 +02:00
Manuel Pégourié-Gonnard a59af05dce Give more time to tests that time out too often 2014-10-21 16:32:47 +02:00
Manuel Pégourié-Gonnard 7a26d73735 Add test for session resumption 2014-10-21 16:32:47 +02:00
Manuel Pégourié-Gonnard df9a0a8460 Drop unexpected ApplicationData 
This is likely to happen on resumption if client speaks first at the
application level.
 2014-10-21 16:32:46 +02:00
Manuel Pégourié-Gonnard 37a4de2cec Use shorter timeouts in ssl-opt.sh proxy tests 2014-10-21 16:32:44 +02:00
Manuel Pégourié-Gonnard 6093d81c20 Add tests with proxy and non-blocking I/O 2014-10-21 16:32:42 +02:00
Manuel Pégourié-Gonnard 579950c2bb Fix bug with non-blocking I/O and cookies 2014-10-21 16:32:42 +02:00
Manuel Pégourié-Gonnard bd97fdb3a4 Make ssl_server2's HVR handling more realistic 
It makes not sense to keep the connection open until the client is verified.
Until now it was useful since closing it crates a race where the second
ClientHello might be lost. But now that our client is able to resend, that's
not an issue any more.
 2014-10-21 16:32:40 +02:00
Manuel Pégourié-Gonnard 36795197d9 Rm now useless MTU setting in compat.sh 2014-10-21 16:32:40 +02:00
Manuel Pégourié-Gonnard 7a66cbca75 Rm some redundant tests 2014-10-21 16:32:40 +02:00
Manuel Pégourié-Gonnard 9590e0a176 Add proxy tests with gnutls-srv & fragmentation 2014-10-21 16:32:40 +02:00
Manuel Pégourié-Gonnard fa60f128d6 Quit using "yes" in ssl-opt.sh with openssl 
It caused s_server to send an AppData record of 16Kb every millisecond or so,
which destroyed readability of the proxy and client logs.
 2014-10-21 16:32:39 +02:00
Manuel Pégourié-Gonnard 08a1d4bce1 Fix bug with client auth with DTLS 2014-10-21 16:32:39 +02:00
Manuel Pégourié-Gonnard d0fd1daa6b Add test with proxy and openssl server 2014-10-21 16:32:38 +02:00
Manuel Pégourié-Gonnard 1b753f1e27 Add test for renego with proxy 2014-10-21 16:32:38 +02:00
Manuel Pégourié-Gonnard 18e519a660 Add proxy tests with more handshake flows 2014-10-21 16:32:37 +02:00
Manuel Pégourié-Gonnard 76fe9e41c1 Test that anti-replay ignores all duplicates 2014-10-21 16:32:36 +02:00
Manuel Pégourié-Gonnard 2739313cea Make anti-replay a runtime option 2014-10-21 16:32:35 +02:00
Manuel Pégourié-Gonnard 246c13a05f Fix epoch checking 2014-10-21 16:32:34 +02:00
Manuel Pégourié-Gonnard b47368a00a Add replay detection 2014-10-21 16:32:34 +02:00
Manuel Pégourié-Gonnard 4956fd7437 Test and fix anti-replay functions 2014-10-21 16:32:34 +02:00
Manuel Pégourié-Gonnard 825a49ed7c Add more udp_proxy tests 2014-10-21 16:32:32 +02:00
Manuel Pégourié-Gonnard a6189f0fb0 udp_proxy wasn't actually killed 2014-10-21 16:32:30 +02:00
Manuel Pégourié-Gonnard a0719727da Add tests with dropped packets 2014-10-21 16:32:30 +02:00
Manuel Pégourié-Gonnard 63eca930d7 Drop invalid records with DTLS 2014-10-21 16:30:28 +02:00
Manuel Pégourié-Gonnard 990f9e428a Handle late handshake messages gracefully 2014-10-21 16:30:26 +02:00
Manuel Pégourié-Gonnard be9eb877f7 Adapt ssl-opt.sh to allow using udp_proxy in tests 2014-10-21 16:30:25 +02:00
Manuel Pégourié-Gonnard 0a65934ef3 Re-enable valgrind for all tests 
Now we can handle duplicated messages due to the peer re-sending (due to us
being soooo slow with valgrind)
 2014-10-21 16:30:24 +02:00
Manuel Pégourié-Gonnard 0c4cbc7895 Add test for fragmentation + renego with GnuTLS 2014-10-21 16:30:23 +02:00
Manuel Pégourié-Gonnard f1499f602e Add interop testing for renego with GnuTLS 2014-10-21 16:30:23 +02:00
Manuel Pégourié-Gonnard 77b0b8d100 Disable some tests with valgrind for now 2014-10-21 16:30:23 +02:00
Manuel Pégourié-Gonnard 64dffc5d14 Make handshake reassembly work with openssl 2014-10-21 16:30:22 +02:00
Manuel Pégourié-Gonnard a77561765f Add test with openssl with DTLS in ssl-opt.sh 2014-10-21 16:30:22 +02:00