Hanno Becker
cd9dcda0a0
Add const qualifier to handshake header reading functions
2018-08-28 17:52:53 +01:00
Hanno Becker
39b8bc9aef
Change wording of debug message
2018-08-28 17:52:49 +01:00
Hanno Becker
ef7afdfa5a
Rename another_record_in_datagram to next_record_is_in_datagram
2018-08-28 17:16:31 +01:00
Hanno Becker
c573ac33dd
Fix typos in debug message and comment in ssl-tls.c
2018-08-28 17:15:25 +01:00
Hanno Becker
7c48dd11db
ssl-opt.sh: Add function extracting val or default val from config.h
2018-08-28 16:09:22 +01:00
Hanno Becker
dc1e950170
DTLS reordering: Add test for buffering a proper fragment
...
This commit adds a test to ssl-opt.sh which exercises the behavior
of the library in the situation where a single proper fragment
of a future handshake message is received prior to the next
expected handshake message (concretely, the client receives
the first fragment of the server's Certificate message prior
to the server's ServerHello).
2018-08-28 16:02:33 +01:00
Simon Butcher
8a552cf9d6
Merge remote-tracking branch 'public/pr/1920' into development-restricted
2018-08-28 15:39:38 +01:00
Simon Butcher
3af567d4a7
Merge remote-tracking branch 'restricted/pr/437' into development-restricted
2018-08-28 15:33:59 +01:00
Simon Butcher
129fa82908
Merge remote-tracking branch 'restricted/pr/470' into development-restricted
2018-08-28 15:26:11 +01:00
Simon Butcher
7f85563f9b
Merge remote-tracking branch 'restricted/pr/491' into development-restricted
2018-08-28 15:22:40 +01:00
Hanno Becker
97a1c134b2
Correct typo in documentation of MBEDTLS_SSL_DTLS_MAX_BUFFERING
2018-08-28 14:42:15 +01:00
Hanno Becker
02f6f5af26
Adapt ChangeLog
...
Make explicit that buffering support is about DTLS.
2018-08-28 12:54:27 +01:00
Simon Butcher
9ce5160fea
Merge remote-tracking branch 'public/pr/1965' into development
2018-08-28 12:34:14 +01:00
Simon Butcher
676d3fd116
Merge remote-tracking branch 'public/pr/1129' into development
2018-08-28 12:31:23 +01:00
Simon Butcher
9d5a9e1213
Merge remote-tracking branch 'public/pr/1625' into development
2018-08-28 12:23:40 +01:00
Simon Butcher
14dac0953e
Merge remote-tracking branch 'public/pr/1918' into development
2018-08-28 12:21:41 +01:00
Simon Butcher
1846e406c8
Merge remote-tracking branch 'public/pr/1939' into development
2018-08-28 12:19:56 +01:00
Simon Butcher
9598845d11
Merge remote-tracking branch 'public/pr/1955' into development
2018-08-28 12:00:18 +01:00
Simon Butcher
4613772dea
Merge remote-tracking branch 'public/pr/1915' into development
2018-08-28 11:45:44 +01:00
Hanno Becker
e604556feb
ssl-opt.sh: Don't hardcode varname in requires_config_value_xxx()
2018-08-28 11:24:55 +01:00
Hanno Becker
41038108e9
Style: Correct indentation in UDP proxy code
2018-08-28 11:15:32 +01:00
Hanno Becker
eefe084f72
Style: Spell out PMTU in ssl.h
2018-08-28 10:29:17 +01:00
Hanno Becker
0207e533b2
Style: Correct typo in ssl-tls.c
2018-08-28 10:28:28 +01:00
Hanno Becker
b841b4f107
ssl-opt.sh: Remove reference to Github issue
2018-08-28 10:25:51 +01:00
Hanno Becker
3b8b40c16d
ssl-opt.sh: Add function to skip next test
2018-08-28 10:25:41 +01:00
Simon Butcher
6f032a60c9
Merge remote-tracking branch 'public/pr/1963' into development
2018-08-28 10:21:06 +01:00
Simon Butcher
badeb07872
Merge remote-tracking branch 'public/pr/1967' into development
2018-08-28 10:20:23 +01:00
Hanno Becker
b9a0086975
ssl-opt.sh: Explain use of --insecure in GnuTLS client tests
2018-08-28 10:20:22 +01:00
Simon Butcher
ea85848b39
Merge remote-tracking branch 'public/pr/1979' into development
2018-08-28 10:17:27 +01:00
Hanno Becker
bc2498a9ff
Style: Add numerous comments indicating condition guarded by #endif
2018-08-28 10:13:29 +01:00
Hanno Becker
cf469458ca
Style: Add empty line before comment in UDP proxy code
2018-08-28 10:09:47 +01:00
Hanno Becker
d58477769d
Style: Group buffering-related forward declarations in ssl_tls.c
2018-08-28 10:09:23 +01:00
Hanno Becker
360bef3fe3
Reordering: Document that only HS and CCS msgs are buffered
2018-08-28 10:04:33 +01:00
Hanno Becker
4f432ad44d
Style: Don't use abbreviations in comments
2018-08-28 10:02:32 +01:00
Hanno Becker
b8f50147ee
Add explicit MBEDTLS_DEBUG_C-guard around debugging code
2018-08-28 10:01:34 +01:00
Hanno Becker
f0da6670dc
Style: Add braces around if-branch where else-branch has them
2018-08-28 09:55:10 +01:00
Hanno Becker
ecbdf1c048
Style: Correct indentation of debug msgs in mbedtls_ssl_write_record
2018-08-28 09:54:44 +01:00
Hanno Becker
3f7b973e32
Correct typo in mbedtls_ssl_flight_transmit()
2018-08-28 09:53:25 +01:00
Hanno Becker
280075104e
DTLS Reordering: Improve doc of MBEDTLS_SSL_DTLS_MAX_BUFFERING
2018-08-28 09:46:44 +01:00
Andrzej Kurek
6a4f224ac3
ssl-opt.sh: change expected output for large srv packet test with SSLv3
...
This test also exercises a protection against BEAST
and should expect message splitting.
2018-08-27 08:00:13 -04:00
Hanno Becker
159a37f75d
config.h: Don't use arithmetical exp for SSL_DTLS_MAX_BUFFERING
...
The functions requires_config_value_at_least and requires_config_value_at_most
only work with numerical constants.
2018-08-24 15:07:29 +01:00
Hanno Becker
2f5aa4c64e
all.sh: Add builds allowing to test dropping buffered messages
...
This commit adds two builds to all.sh which use a value of
MBEDTLS_SSL_DTLS_MAX_BUFFERING that allows to run the
reordering tests in ssl-opt.sh introduced in the last commit.
2018-08-24 14:48:11 +01:00
Hanno Becker
a1adcca1da
ssl-opt.sh: Add tests exercising freeing of buffered messages
...
This commit adds tests to ssl-opt.sh which trigger code-paths
responsible for freeing future buffered messages when the buffering
limitations set by MBEDTLS_SSL_DTLS_MAX_BUFFERING don't allow the
next expected message to be reassembled.
These tests only work for very specific ranges of
MBEDTLS_SSL_DTLS_MAX_BUFFERING and will therefore be skipped
on a run of ssl-opt.sh in ordinary configurations.
2018-08-24 14:48:11 +01:00
Hanno Becker
5cd017f931
ssl-opt.sh: Allow numerical constraints for tests
...
This commit adds functions requires_config_value_at_most()
and requires_config_value_at_least() which can be used to
only run tests when a numerical value from config.h
(e.g. MBEDTLS_SSL_IN_CONTENT_LEN) is within a certain range.
2018-08-24 14:48:11 +01:00
Hanno Becker
6e12c1ea7d
Enhance debugging output
2018-08-24 14:48:08 +01:00
Hanno Becker
0e96585bdd
Merge branch 'datagram_packing' into message_reordering
2018-08-24 12:16:41 +01:00
Hanno Becker
69ca0ad5c4
ssl-opt.sh: Remove wrong test exercising MTU implications of MFL
...
The negotiated MFL is always the one suggested by the client, even
if the server has a smaller MFL configured locally. Hence, in the test
where the client asks for an MFL of 4096 bytes while the server locally
has an MFL of 512 bytes configured, the client will still send datagrams
of up to ~4K size.
2018-08-24 12:14:00 +01:00
Hanno Becker
6b6f602174
Merge branch 'iotssl-165-dtls-hs-fragmentation-new' into datagram_packing
2018-08-24 11:55:03 +01:00
Hanno Becker
c92b5c8a0d
ssl-opt.sh: Add tests checking that MFL implies bounds on MTU
...
This commit introduces some tests to ssl-opt.sh checking that
setting the MFL limits the MTU to MFL + { Maximum Record Expansion }.
2018-08-24 11:48:01 +01:00
Hanno Becker
eb57008d7d
Fix typo in documentation of mbedtls_ssl_set_datagram_packing()
2018-08-24 11:28:35 +01:00