Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								64dffc5d14 
								
							 
						 
						
							
							
								
								Make handshake reassembly work with openssl  
							
							
							
						 
						
							2014-10-21 16:30:22 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								502bf30fb5 
								
							 
						 
						
							
							
								
								Handle reassembly of handshake messages  
							
							... 
							
							
							
							Works only with GnuTLS for now, OpenSSL packs other records in the same
datagram after the last fragmented one, which we don't handle yet.
Also, ssl-opt.sh fails the tests with valgrind for now: we're so slow with
valgrind that gnutls-serv retransmits some messages, and we don't handle
duplicated messages yet. 
							
						 
						
							2014-10-21 16:30:22 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ed79a4bb14 
								
							 
						 
						
							
							
								
								Prepare for DTLS handshake reassembly  
							
							
							
						 
						
							2014-10-21 16:30:21 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								edcbe549fd 
								
							 
						 
						
							
							
								
								Reorder checks in ssl_read_record  
							
							
							
						 
						
							2014-10-21 16:30:21 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								0557bd5fa4 
								
							 
						 
						
							
							
								
								Fix message_seq with server-initiated renego  
							
							
							
						 
						
							2014-10-21 16:30:21 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								c392b240c4 
								
							 
						 
						
							
							
								
								Fix server-initiated renegotiation with DTLS  
							
							
							
						 
						
							2014-10-21 16:30:21 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								30d16eb429 
								
							 
						 
						
							
							
								
								Fix client-initiated renegotiation with DTLS  
							
							
							
						 
						
							2014-10-21 16:30:20 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b35fe5638a 
								
							 
						 
						
							
							
								
								Fix HelloVerifyRequest version handling  
							
							
							
						 
						
							2014-10-21 16:30:20 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								562eb787ec 
								
							 
						 
						
							
							
								
								Add and use POLARSSL_ERR_SSL_BUFFER_TOO_SMALL  
							
							
							
						 
						
							2014-10-21 16:30:20 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								bef8f09899 
								
							 
						 
						
							
							
								
								Make cookie timeout configurable  
							
							
							
						 
						
							2014-10-21 16:30:19 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								e90308178f 
								
							 
						 
						
							
							
								
								Add timestamp/serial to cookies, with timeout  
							
							
							
						 
						
							2014-10-21 16:30:19 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								445a1ec6cd 
								
							 
						 
						
							
							
								
								Change internal names  
							
							
							
						 
						
							2014-10-21 16:30:19 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								29ad7e8fc0 
								
							 
						 
						
							
							
								
								Add check for missing ssl_set_client_transport_id()  
							
							
							
						 
						
							2014-10-21 16:30:18 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								a64acd4f84 
								
							 
						 
						
							
							
								
								Add separate SSL_COOKIE_C define  
							
							
							
						 
						
							2014-10-21 16:30:18 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								7d38d215b1 
								
							 
						 
						
							
							
								
								Allow disabling HelloVerifyRequest  
							
							
							
						 
						
							2014-10-21 16:30:18 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								e4de06145a 
								
							 
						 
						
							
							
								
								Fix cookie context usage  
							
							
							
						 
						
							2014-10-21 16:30:17 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								232edd46be 
								
							 
						 
						
							
							
								
								Move cookie callbacks implementation to own module  
							
							
							
						 
						
							2014-10-21 16:30:17 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d485d194f9 
								
							 
						 
						
							
							
								
								Move to a callback interface for DTLS cookies  
							
							
							
						 
						
							2014-10-21 16:30:17 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d7f9bc5091 
								
							 
						 
						
							
							
								
								Refactor cookie to prepare for external callbacks  
							
							... 
							
							
							
							Also adds flexibility to the verification process. 
							
						 
						
							2014-10-21 16:30:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								82202f0a9c 
								
							 
						 
						
							
							
								
								Make DTLS_HELLO_VERIFY a compile option  
							
							
							
						 
						
							2014-10-21 16:30:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								98545f128a 
								
							 
						 
						
							
							
								
								Generate random key for HelloVerifyRequest  
							
							
							
						 
						
							2014-10-21 16:30:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								dd3cdb0fbc 
								
							 
						 
						
							
							
								
								Start using client IP in HelloVerifyRequest  
							
							... 
							
							
							
							Dummy fixed key for now. 
							
						 
						
							2014-10-21 16:30:15 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								43c021874d 
								
							 
						 
						
							
							
								
								Add ssl_set_client_transport_id()  
							
							
							
						 
						
							2014-10-21 16:30:15 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								fb2d22371f 
								
							 
						 
						
							
							
								
								Reuse random when responding to a verify request  
							
							
							
						 
						
							2014-10-21 16:30:14 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b760f001d7 
								
							 
						 
						
							
							
								
								Extract generate client random to a function  
							
							
							
						 
						
							2014-10-21 16:30:14 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								2c9ee81f6e 
								
							 
						 
						
							
							
								
								Start adding srv support for hello verify request  
							
							... 
							
							
							
							Dummy fixed content for now.
Also, seems to be a race condition in the way the socket is closed and
reopened, leading to a few "random" failures in compat.sh. A fix is planned
for later. 
							
						 
						
							2014-10-21 16:30:13 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								a0e1632b79 
								
							 
						 
						
							
							
								
								Do not use compression with DTLS  
							
							
							
						 
						
							2014-10-21 16:30:13 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								5d53cbef3a 
								
							 
						 
						
							
							
								
								Fix length check in ssl_write_ticket()  
							
							
							
						 
						
							2014-10-21 16:30:13 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								879a4f9623 
								
							 
						 
						
							
							
								
								Abort on DTLS epoch wrap  
							
							
							
						 
						
							2014-10-21 16:30:12 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								805e2300af 
								
							 
						 
						
							
							
								
								Fix error message and return code  
							
							
							
						 
						
							2014-10-21 16:30:12 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								67427c07b2 
								
							 
						 
						
							
							
								
								Fix checksum computation with HelloVerifyRequest  
							
							
							
						 
						
							2014-10-21 16:30:11 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								74848811b4 
								
							 
						 
						
							
							
								
								Implement HelloVerifyRequest on client  
							
							
							
						 
						
							2014-10-21 16:30:11 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b2f3be8757 
								
							 
						 
						
							
							
								
								Support multiple records in one datagram  
							
							
							
						 
						
							2014-10-21 16:30:10 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								34c1011b3d 
								
							 
						 
						
							
							
								
								Fix a few warnings in reduced configs  
							
							
							
						 
						
							2014-10-21 16:30:09 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								fe98aceb70 
								
							 
						 
						
							
							
								
								Adapt ssl_fetch_input() for UDP  
							
							
							
						 
						
							2014-10-21 16:30:09 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								f5a1312eaa 
								
							 
						 
						
							
							
								
								Add UDP support to the NET module  
							
							
							
						 
						
							2014-10-21 16:30:09 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d6b721c7ee 
								
							 
						 
						
							
							
								
								More ssl_parse_client_hello() adjustments  
							
							
							
						 
						
							2014-10-21 16:30:08 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								4128aa71ee 
								
							 
						 
						
							
							
								
								Add the 'cookie' field of DTLS ClientHello  
							
							
							
						 
						
							2014-10-21 16:30:08 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								8933a65d5c 
								
							 
						 
						
							
							
								
								Rework ssl_parse_client_hello() a bit  
							
							... 
							
							
							
							- make it more linear
- check lengths better
- prepare for optional "cookie" field 
							
						 
						
							2014-10-21 16:30:08 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								e89bcf05da 
								
							 
						 
						
							
							
								
								Write new DTLS handshake fields correctly  
							
							
							
						 
						
							2014-10-21 16:30:07 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ce441b3442 
								
							 
						 
						
							
							
								
								Add space for new DTLS fields in handshake  
							
							
							
						 
						
							2014-10-21 16:30:07 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								a59543af30 
								
							 
						 
						
							
							
								
								Minor refactoring in ssl_read_record()  
							
							
							
						 
						
							2014-10-21 16:30:07 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								f302fb52e1 
								
							 
						 
						
							
							
								
								Fix hmac computation for DTLS  
							
							
							
						 
						
							2014-10-21 16:30:06 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								5afb167e2c 
								
							 
						 
						
							
							
								
								Implement DTLS epochs  
							
							
							
						 
						
							2014-10-21 16:30:06 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								0619348288 
								
							 
						 
						
							
							
								
								Add explicit counter in DTLS record header  
							
							
							
						 
						
							2014-10-21 16:30:06 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								507e1e410a 
								
							 
						 
						
							
							
								
								Prep: allow {in,out}_len != {in,out}_hdr + 3  
							
							
							
						 
						
							2014-10-21 16:30:06 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								7ee6f0e6e5 
								
							 
						 
						
							
							
								
								Preparation: allow {in,out}_ctr != {in,out}_buf  
							
							
							
						 
						
							2014-10-21 16:30:05 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								abc7e3b4ba 
								
							 
						 
						
							
							
								
								Handle DTLS version encoding and fix some checks  
							
							
							
						 
						
							2014-10-21 16:30:05 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								864a81fdc0 
								
							 
						 
						
							
							
								
								More ssl_set_XXX() functions can return BAD_INPUT  
							
							
							
						 
						
							2014-10-21 16:30:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b21ca2a69f 
								
							 
						 
						
							
							
								
								Adapt version-handling functions to DTLS  
							
							
							
						 
						
							2014-10-21 16:30:04 +02:00