Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d9ba0d96b6 
								
							 
						 
						
							
							
								
								Prepare for checking incoming handshake seqnum  
							
							
							
						 
						
							2014-10-21 16:30:23 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								0c4cbc7895 
								
							 
						 
						
							
							
								
								Add test for fragmentation + renego with GnuTLS  
							
							
							
						 
						
							2014-10-21 16:30:23 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ac03052f22 
								
							 
						 
						
							
							
								
								Fix segfault with some very short fragments  
							
							
							
						 
						
							2014-10-21 16:30:23 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								f1499f602e 
								
							 
						 
						
							
							
								
								Add interop testing for renego with GnuTLS  
							
							
							
						 
						
							2014-10-21 16:30:23 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								77b0b8d100 
								
							 
						 
						
							
							
								
								Disable some tests with valgrind for now  
							
							
							
						 
						
							2014-10-21 16:30:23 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								64dffc5d14 
								
							 
						 
						
							
							
								
								Make handshake reassembly work with openssl  
							
							
							
						 
						
							2014-10-21 16:30:22 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								a77561765f 
								
							 
						 
						
							
							
								
								Add test with openssl with DTLS in ssl-opt.sh  
							
							
							
						 
						
							2014-10-21 16:30:22 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								502bf30fb5 
								
							 
						 
						
							
							
								
								Handle reassembly of handshake messages  
							
							... 
							
							
							
							Works only with GnuTLS for now, OpenSSL packs other records in the same
datagram after the last fragmented one, which we don't handle yet.
Also, ssl-opt.sh fails the tests with valgrind for now: we're so slow with
valgrind that gnutls-serv retransmits some messages, and we don't handle
duplicated messages yet. 
							
						 
						
							2014-10-21 16:30:22 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ed79a4bb14 
								
							 
						 
						
							
							
								
								Prepare for DTLS handshake reassembly  
							
							
							
						 
						
							2014-10-21 16:30:21 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								edcbe549fd 
								
							 
						 
						
							
							
								
								Reorder checks in ssl_read_record  
							
							
							
						 
						
							2014-10-21 16:30:21 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								0557bd5fa4 
								
							 
						 
						
							
							
								
								Fix message_seq with server-initiated renego  
							
							
							
						 
						
							2014-10-21 16:30:21 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								c392b240c4 
								
							 
						 
						
							
							
								
								Fix server-initiated renegotiation with DTLS  
							
							
							
						 
						
							2014-10-21 16:30:21 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								30d16eb429 
								
							 
						 
						
							
							
								
								Fix client-initiated renegotiation with DTLS  
							
							
							
						 
						
							2014-10-21 16:30:20 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b35fe5638a 
								
							 
						 
						
							
							
								
								Fix HelloVerifyRequest version handling  
							
							
							
						 
						
							2014-10-21 16:30:20 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								4ba6ab6d0d 
								
							 
						 
						
							
							
								
								Fix glitch with HelloVerifyRequest  
							
							... 
							
							
							
							With the close-rebind strategy, sometimes the second ClientHello was lost (if
received before close), and since our client doesn't resend yet, the tests
would fail (no problem with other client that resend). Anyway, it's not really
clean to lose messages. 
							
						 
						
							2014-10-21 16:30:20 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								562eb787ec 
								
							 
						 
						
							
							
								
								Add and use POLARSSL_ERR_SSL_BUFFER_TOO_SMALL  
							
							
							
						 
						
							2014-10-21 16:30:20 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								bef8f09899 
								
							 
						 
						
							
							
								
								Make cookie timeout configurable  
							
							
							
						 
						
							2014-10-21 16:30:19 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								e90308178f 
								
							 
						 
						
							
							
								
								Add timestamp/serial to cookies, with timeout  
							
							
							
						 
						
							2014-10-21 16:30:19 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								445a1ec6cd 
								
							 
						 
						
							
							
								
								Change internal names  
							
							
							
						 
						
							2014-10-21 16:30:19 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								0eb6cab979 
								
							 
						 
						
							
							
								
								Add DTLS cookies test to ssl-opt.sh  
							
							
							
						 
						
							2014-10-21 16:30:19 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								26820e3061 
								
							 
						 
						
							
							
								
								Add option 'cookies' to ssl_server2  
							
							
							
						 
						
							2014-10-21 16:30:18 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								29ad7e8fc0 
								
							 
						 
						
							
							
								
								Add check for missing ssl_set_client_transport_id()  
							
							
							
						 
						
							2014-10-21 16:30:18 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								a64acd4f84 
								
							 
						 
						
							
							
								
								Add separate SSL_COOKIE_C define  
							
							
							
						 
						
							2014-10-21 16:30:18 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								7d38d215b1 
								
							 
						 
						
							
							
								
								Allow disabling HelloVerifyRequest  
							
							
							
						 
						
							2014-10-21 16:30:18 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								e4de06145a 
								
							 
						 
						
							
							
								
								Fix cookie context usage  
							
							
							
						 
						
							2014-10-21 16:30:17 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								232edd46be 
								
							 
						 
						
							
							
								
								Move cookie callbacks implementation to own module  
							
							
							
						 
						
							2014-10-21 16:30:17 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d485d194f9 
								
							 
						 
						
							
							
								
								Move to a callback interface for DTLS cookies  
							
							
							
						 
						
							2014-10-21 16:30:17 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d7f9bc5091 
								
							 
						 
						
							
							
								
								Refactor cookie to prepare for external callbacks  
							
							... 
							
							
							
							Also adds flexibility to the verification process. 
							
						 
						
							2014-10-21 16:30:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								82202f0a9c 
								
							 
						 
						
							
							
								
								Make DTLS_HELLO_VERIFY a compile option  
							
							
							
						 
						
							2014-10-21 16:30:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								98545f128a 
								
							 
						 
						
							
							
								
								Generate random key for HelloVerifyRequest  
							
							
							
						 
						
							2014-10-21 16:30:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								dd3cdb0fbc 
								
							 
						 
						
							
							
								
								Start using client IP in HelloVerifyRequest  
							
							... 
							
							
							
							Dummy fixed key for now. 
							
						 
						
							2014-10-21 16:30:15 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								336b824f07 
								
							 
						 
						
							
							
								
								Use ssl_set_client_transport_id() in ssl_server2  
							
							
							
						 
						
							2014-10-21 16:30:15 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								43c021874d 
								
							 
						 
						
							
							
								
								Add ssl_set_client_transport_id()  
							
							
							
						 
						
							2014-10-21 16:30:15 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								fb2d22371f 
								
							 
						 
						
							
							
								
								Reuse random when responding to a verify request  
							
							
							
						 
						
							2014-10-21 16:30:14 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b760f001d7 
								
							 
						 
						
							
							
								
								Extract generate client random to a function  
							
							
							
						 
						
							2014-10-21 16:30:14 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								2c9ee81f6e 
								
							 
						 
						
							
							
								
								Start adding srv support for hello verify request  
							
							... 
							
							
							
							Dummy fixed content for now.
Also, seems to be a race condition in the way the socket is closed and
reopened, leading to a few "random" failures in compat.sh. A fix is planned
for later. 
							
						 
						
							2014-10-21 16:30:13 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								a0e1632b79 
								
							 
						 
						
							
							
								
								Do not use compression with DTLS  
							
							
							
						 
						
							2014-10-21 16:30:13 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								5d53cbef3a 
								
							 
						 
						
							
							
								
								Fix length check in ssl_write_ticket()  
							
							
							
						 
						
							2014-10-21 16:30:13 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								879a4f9623 
								
							 
						 
						
							
							
								
								Abort on DTLS epoch wrap  
							
							
							
						 
						
							2014-10-21 16:30:12 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								53aef81a7d 
								
							 
						 
						
							
							
								
								Work around OpenSSL bug in compat.sh  
							
							
							
						 
						
							2014-10-21 16:30:12 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d1af1025d0 
								
							 
						 
						
							
							
								
								Add DTLS interop testing with OpenSSL server  
							
							... 
							
							
							
							PSK suites failing with client auth 
							
						 
						
							2014-10-21 16:30:12 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								805e2300af 
								
							 
						 
						
							
							
								
								Fix error message and return code  
							
							
							
						 
						
							2014-10-21 16:30:12 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								9bfb1226da 
								
							 
						 
						
							
							
								
								Add DTLS interop testing with GnuTLS server  
							
							
							
						 
						
							2014-10-21 16:30:12 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ae5050c212 
								
							 
						 
						
							
							
								
								Start adapting ssl_client2 to datagram I/O  
							
							
							
						 
						
							2014-10-21 16:30:11 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								67427c07b2 
								
							 
						 
						
							
							
								
								Fix checksum computation with HelloVerifyRequest  
							
							
							
						 
						
							2014-10-21 16:30:11 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								74848811b4 
								
							 
						 
						
							
							
								
								Implement HelloVerifyRequest on client  
							
							
							
						 
						
							2014-10-21 16:30:11 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								29980b16bd 
								
							 
						 
						
							
							
								
								Add DTLS interop testing (PolarSSL server)  
							
							
							
						 
						
							2014-10-21 16:30:11 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b2f3be8757 
								
							 
						 
						
							
							
								
								Support multiple records in one datagram  
							
							
							
						 
						
							2014-10-21 16:30:10 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								798f15a500 
								
							 
						 
						
							
							
								
								Fix version adjustments with force_ciphersuite  
							
							
							
						 
						
							2014-10-21 16:30:10 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								3025b6cfd6 
								
							 
						 
						
							
							
								
								Add DTLS self-op test in compat.sh  
							
							
							
						 
						
							2014-10-21 16:30:10 +02:00