Manuel Pégourié-Gonnard
|
905dd2425c
|
Add ssl_set_handshake_timeout()
|
2014-10-21 16:32:43 +02:00 |
|
Manuel Pégourié-Gonnard
|
0ac247fd88
|
Implement timeout back-off (fixed range for now)
|
2014-10-21 16:32:43 +02:00 |
|
Manuel Pégourié-Gonnard
|
579950c2bb
|
Fix bug with non-blocking I/O and cookies
|
2014-10-21 16:32:42 +02:00 |
|
Manuel Pégourié-Gonnard
|
7de3c9eecb
|
Count timeout per flight, not per message
|
2014-10-21 16:32:41 +02:00 |
|
Manuel Pégourié-Gonnard
|
db2858ce96
|
Preparation for timers
Currently directly using timing.c, plan to use callbacks later to loosen
coupling, but first just get things working.
|
2014-10-21 16:32:41 +02:00 |
|
Manuel Pégourié-Gonnard
|
08a1d4bce1
|
Fix bug with client auth with DTLS
|
2014-10-21 16:32:39 +02:00 |
|
Manuel Pégourié-Gonnard
|
23b7b703aa
|
Fix issue with renego & resend
|
2014-10-21 16:32:38 +02:00 |
|
Manuel Pégourié-Gonnard
|
f03c7aa469
|
Add replay detection in parse_client_hello()
|
2014-10-21 16:32:35 +02:00 |
|
Manuel Pégourié-Gonnard
|
2739313cea
|
Make anti-replay a runtime option
|
2014-10-21 16:32:35 +02:00 |
|
Manuel Pégourié-Gonnard
|
8464a46b6b
|
Make DTLS_ANTI_REPLAY depends on PROTO_DTLS
|
2014-10-21 16:32:35 +02:00 |
|
Manuel Pégourié-Gonnard
|
246c13a05f
|
Fix epoch checking
|
2014-10-21 16:32:34 +02:00 |
|
Manuel Pégourié-Gonnard
|
b47368a00a
|
Add replay detection
|
2014-10-21 16:32:34 +02:00 |
|
Manuel Pégourié-Gonnard
|
4956fd7437
|
Test and fix anti-replay functions
|
2014-10-21 16:32:34 +02:00 |
|
Manuel Pégourié-Gonnard
|
7a7e140d4e
|
Add functions for replay protection
|
2014-10-21 16:32:33 +02:00 |
|
Manuel Pégourié-Gonnard
|
ea22ce577e
|
Rm unneeded counter increment with DTLS
|
2014-10-21 16:32:33 +02:00 |
|
Manuel Pégourié-Gonnard
|
abf16240dd
|
Add ability to resend last flight
|
2014-10-21 16:32:31 +02:00 |
|
Manuel Pégourié-Gonnard
|
cd32a50d67
|
Fix NewSesssionTicket vs ChangeCipherSpec bug
Since we were cheating on state, ssl_read_record() wasn't able to drop
out-of-sequence ChangeCipherSpec messages. Cheat a bit less.
|
2014-10-21 16:32:31 +02:00 |
|
Manuel Pégourié-Gonnard
|
767c69561b
|
Drop out-of-sequence ChangeCipherSpec messages
|
2014-10-21 16:32:29 +02:00 |
|
Manuel Pégourié-Gonnard
|
93017de47e
|
Minor optim: don't resend on duplicated HVR
|
2014-10-21 16:32:29 +02:00 |
|
Manuel Pégourié-Gonnard
|
c715aed744
|
Fix epoch swapping
|
2014-10-21 16:32:28 +02:00 |
|
Manuel Pégourié-Gonnard
|
6a2bdfaf73
|
Actually resend flights
|
2014-10-21 16:32:28 +02:00 |
|
Manuel Pégourié-Gonnard
|
5d8ba53ace
|
Expand and fix resend infrastructure
|
2014-10-21 16:32:28 +02:00 |
|
Manuel Pégourié-Gonnard
|
ffa67be698
|
Infrastructure for buffering & resending flights
|
2014-10-21 16:32:27 +02:00 |
|
Manuel Pégourié-Gonnard
|
9d9b003a9a
|
Add net_recv_timeout()
|
2014-10-21 16:32:26 +02:00 |
|
Manuel Pégourié-Gonnard
|
8fa6dfd560
|
Introduce f_recv_timeout callback
|
2014-10-21 16:32:26 +02:00 |
|
Manuel Pégourié-Gonnard
|
e6bdc4497c
|
Merge I/O contexts into one
|
2014-10-21 16:32:25 +02:00 |
|
Manuel Pégourié-Gonnard
|
f4acfe1808
|
Document previous API changes in this branch
|
2014-10-21 16:32:23 +02:00 |
|
Manuel Pégourié-Gonnard
|
d92d6a1b5b
|
ssl_parse_server_key_exchange() cleanups
|
2014-10-21 16:30:32 +02:00 |
|
Manuel Pégourié-Gonnard
|
5ee96546de
|
Add length checks in parse_certificate_verify()
|
2014-10-21 16:30:32 +02:00 |
|
Manuel Pégourié-Gonnard
|
72226214b1
|
Merge checks in ssl_parse_certificate_verify()
|
2014-10-21 16:30:32 +02:00 |
|
Manuel Pégourié-Gonnard
|
ca6440b246
|
Small cleanups in parse_finished()
|
2014-10-21 16:30:31 +02:00 |
|
Manuel Pégourié-Gonnard
|
624bcb5260
|
No memmove: done, rm temporary things
|
2014-10-21 16:30:31 +02:00 |
|
Manuel Pégourié-Gonnard
|
000d5aec13
|
No memmove: parse_new_session_ticket()
|
2014-10-21 16:30:31 +02:00 |
|
Manuel Pégourié-Gonnard
|
0b3400dafa
|
No memmove: ssl_parse_server_hello()
|
2014-10-21 16:30:31 +02:00 |
|
Manuel Pégourié-Gonnard
|
069eb79043
|
No memmove: ssl_parse_hello_verify_request()
|
2014-10-21 16:30:30 +02:00 |
|
Manuel Pégourié-Gonnard
|
04c1b4ece1
|
No memmove: certificate_request + server_hello_done
|
2014-10-21 16:30:30 +02:00 |
|
Manuel Pégourié-Gonnard
|
f4830b5092
|
No memmove: ssl_parse_server_key_exchange()
|
2014-10-21 16:30:30 +02:00 |
|
Manuel Pégourié-Gonnard
|
4528f3f5c0
|
No memmove: parse_certificate_verify()
|
2014-10-21 16:30:30 +02:00 |
|
Manuel Pégourié-Gonnard
|
2114d724dc
|
No memmove: ssl_parse_client_key_exchange()
|
2014-10-21 16:30:29 +02:00 |
|
Manuel Pégourié-Gonnard
|
f49a7daa1a
|
No memmove: ssl_parse_certificate()
|
2014-10-21 16:30:29 +02:00 |
|
Manuel Pégourié-Gonnard
|
4abc32734e
|
No memmove: ssl_parse_finished()
|
2014-10-21 16:30:29 +02:00 |
|
Manuel Pégourié-Gonnard
|
f899583f94
|
Prepare moving away from memmove() on incoming HS
|
2014-10-21 16:30:29 +02:00 |
|
Manuel Pégourié-Gonnard
|
4a1753657c
|
Fix missing return in error check
|
2014-10-21 16:30:28 +02:00 |
|
Manuel Pégourié-Gonnard
|
19d438f4ff
|
Get rid of memmove for DTLS in parse_client_hello()
|
2014-10-21 16:30:28 +02:00 |
|
Manuel Pégourié-Gonnard
|
63eca930d7
|
Drop invalid records with DTLS
|
2014-10-21 16:30:28 +02:00 |
|
Manuel Pégourié-Gonnard
|
167a37632d
|
Split two functions out of ssl_read_record()
|
2014-10-21 16:30:27 +02:00 |
|
Manuel Pégourié-Gonnard
|
990f9e428a
|
Handle late handshake messages gracefully
|
2014-10-21 16:30:26 +02:00 |
|
Manuel Pégourié-Gonnard
|
60ca5afaec
|
Drop records from wrong epoch
|
2014-10-21 16:30:25 +02:00 |
|
Manuel Pégourié-Gonnard
|
1aa586e41d
|
Check handshake message_seq field
|
2014-10-21 16:30:24 +02:00 |
|
Manuel Pégourié-Gonnard
|
9d1d7196e4
|
Check length before reading handshake header
|
2014-10-21 16:30:24 +02:00 |
|