Manuel Pégourié-Gonnard
|
7a66cbca75
|
Rm some redundant tests
|
2014-10-21 16:32:40 +02:00 |
|
Manuel Pégourié-Gonnard
|
9590e0a176
|
Add proxy tests with gnutls-srv & fragmentation
|
2014-10-21 16:32:40 +02:00 |
|
Manuel Pégourié-Gonnard
|
fa60f128d6
|
Quit using "yes" in ssl-opt.sh with openssl
It caused s_server to send an AppData record of 16Kb every millisecond or so,
which destroyed readability of the proxy and client logs.
|
2014-10-21 16:32:39 +02:00 |
|
Manuel Pégourié-Gonnard
|
ae666c5092
|
proxy: avoid always dropping the same packet
|
2014-10-21 16:32:39 +02:00 |
|
Manuel Pégourié-Gonnard
|
08a1d4bce1
|
Fix bug with client auth with DTLS
|
2014-10-21 16:32:39 +02:00 |
|
Manuel Pégourié-Gonnard
|
d0fd1daa6b
|
Add test with proxy and openssl server
|
2014-10-21 16:32:38 +02:00 |
|
Manuel Pégourié-Gonnard
|
1b753f1e27
|
Add test for renego with proxy
|
2014-10-21 16:32:38 +02:00 |
|
Manuel Pégourié-Gonnard
|
23b7b703aa
|
Fix issue with renego & resend
|
2014-10-21 16:32:38 +02:00 |
|
Manuel Pégourié-Gonnard
|
8cc7e03ae0
|
udp_proxy: show encrypted messages as encrypted
|
2014-10-21 16:32:37 +02:00 |
|
Manuel Pégourié-Gonnard
|
18e519a660
|
Add proxy tests with more handshake flows
|
2014-10-21 16:32:37 +02:00 |
|
Manuel Pégourié-Gonnard
|
6265d305f1
|
Fix some delayed packets going the wrong way
|
2014-10-21 16:32:36 +02:00 |
|
Manuel Pégourié-Gonnard
|
bf02319b58
|
udp_proxy: don't overwrite delayed packets
|
2014-10-21 16:32:36 +02:00 |
|
Manuel Pégourié-Gonnard
|
76fe9e41c1
|
Test that anti-replay ignores all duplicates
|
2014-10-21 16:32:36 +02:00 |
|
Manuel Pégourié-Gonnard
|
f03c7aa469
|
Add replay detection in parse_client_hello()
|
2014-10-21 16:32:35 +02:00 |
|
Manuel Pégourié-Gonnard
|
2739313cea
|
Make anti-replay a runtime option
|
2014-10-21 16:32:35 +02:00 |
|
Manuel Pégourié-Gonnard
|
8464a46b6b
|
Make DTLS_ANTI_REPLAY depends on PROTO_DTLS
|
2014-10-21 16:32:35 +02:00 |
|
Manuel Pégourié-Gonnard
|
246c13a05f
|
Fix epoch checking
|
2014-10-21 16:32:34 +02:00 |
|
Manuel Pégourié-Gonnard
|
b47368a00a
|
Add replay detection
|
2014-10-21 16:32:34 +02:00 |
|
Manuel Pégourié-Gonnard
|
4956fd7437
|
Test and fix anti-replay functions
|
2014-10-21 16:32:34 +02:00 |
|
Manuel Pégourié-Gonnard
|
7a7e140d4e
|
Add functions for replay protection
|
2014-10-21 16:32:33 +02:00 |
|
Manuel Pégourié-Gonnard
|
ea22ce577e
|
Rm unneeded counter increment with DTLS
|
2014-10-21 16:32:33 +02:00 |
|
Manuel Pégourié-Gonnard
|
6312e0f4e6
|
udp_proxy: allow successive clients
|
2014-10-21 16:32:32 +02:00 |
|
Manuel Pégourié-Gonnard
|
484b8f9ed8
|
Fix bug in ssl_client2 reconnect option
|
2014-10-21 16:32:32 +02:00 |
|
Manuel Pégourié-Gonnard
|
b46780edee
|
Enlarge udp_proxy's message buffer
|
2014-10-21 16:32:32 +02:00 |
|
Manuel Pégourié-Gonnard
|
825a49ed7c
|
Add more udp_proxy tests
|
2014-10-21 16:32:32 +02:00 |
|
Manuel Pégourié-Gonnard
|
ae8d2399a5
|
udp_proxy: also drop messages from the last flight
|
2014-10-21 16:32:31 +02:00 |
|
Manuel Pégourié-Gonnard
|
abf16240dd
|
Add ability to resend last flight
|
2014-10-21 16:32:31 +02:00 |
|
Manuel Pégourié-Gonnard
|
992e13665d
|
Make decisions pseudo-random in udp_proxy
|
2014-10-21 16:32:31 +02:00 |
|
Manuel Pégourié-Gonnard
|
cd32a50d67
|
Fix NewSesssionTicket vs ChangeCipherSpec bug
Since we were cheating on state, ssl_read_record() wasn't able to drop
out-of-sequence ChangeCipherSpec messages. Cheat a bit less.
|
2014-10-21 16:32:31 +02:00 |
|
Manuel Pégourié-Gonnard
|
a6189f0fb0
|
udp_proxy wasn't actually killed
|
2014-10-21 16:32:30 +02:00 |
|
Manuel Pégourié-Gonnard
|
a0719727da
|
Add tests with dropped packets
|
2014-10-21 16:32:30 +02:00 |
|
Manuel Pégourié-Gonnard
|
bc010a045c
|
udp_proxy: don't drop messages in the last flight
Resending the last flight is on the todo-list, but I want to be able to test
what's already done now.
|
2014-10-21 16:32:30 +02:00 |
|
Manuel Pégourié-Gonnard
|
b6440a496b
|
ssl_server2 now dies on SIGTERM during a read
|
2014-10-21 16:32:29 +02:00 |
|
Manuel Pégourié-Gonnard
|
767c69561b
|
Drop out-of-sequence ChangeCipherSpec messages
|
2014-10-21 16:32:29 +02:00 |
|
Manuel Pégourié-Gonnard
|
7cf3518284
|
Enhance output of udp_proxy (with time)
|
2014-10-21 16:32:29 +02:00 |
|
Manuel Pégourié-Gonnard
|
93017de47e
|
Minor optim: don't resend on duplicated HVR
|
2014-10-21 16:32:29 +02:00 |
|
Manuel Pégourié-Gonnard
|
c715aed744
|
Fix epoch swapping
|
2014-10-21 16:32:28 +02:00 |
|
Manuel Pégourié-Gonnard
|
6a2bdfaf73
|
Actually resend flights
|
2014-10-21 16:32:28 +02:00 |
|
Manuel Pégourié-Gonnard
|
5d8ba53ace
|
Expand and fix resend infrastructure
|
2014-10-21 16:32:28 +02:00 |
|
Manuel Pégourié-Gonnard
|
ffa67be698
|
Infrastructure for buffering & resending flights
|
2014-10-21 16:32:27 +02:00 |
|
Manuel Pégourié-Gonnard
|
a014829024
|
Use ssl_set_bio_timeout() in test client/server
|
2014-10-21 16:32:27 +02:00 |
|
Manuel Pégourié-Gonnard
|
57fa314412
|
Fix depend documentation
|
2014-10-21 16:32:27 +02:00 |
|
Manuel Pégourié-Gonnard
|
9d9b003a9a
|
Add net_recv_timeout()
|
2014-10-21 16:32:26 +02:00 |
|
Manuel Pégourié-Gonnard
|
8fa6dfd560
|
Introduce f_recv_timeout callback
|
2014-10-21 16:32:26 +02:00 |
|
Manuel Pégourié-Gonnard
|
e6bdc4497c
|
Merge I/O contexts into one
|
2014-10-21 16:32:25 +02:00 |
|
Manuel Pégourié-Gonnard
|
f4acfe1808
|
Document previous API changes in this branch
|
2014-10-21 16:32:23 +02:00 |
|
Manuel Pégourié-Gonnard
|
d92d6a1b5b
|
ssl_parse_server_key_exchange() cleanups
|
2014-10-21 16:30:32 +02:00 |
|
Manuel Pégourié-Gonnard
|
5ee96546de
|
Add length checks in parse_certificate_verify()
|
2014-10-21 16:30:32 +02:00 |
|
Manuel Pégourié-Gonnard
|
72226214b1
|
Merge checks in ssl_parse_certificate_verify()
|
2014-10-21 16:30:32 +02:00 |
|
Manuel Pégourié-Gonnard
|
ca6440b246
|
Small cleanups in parse_finished()
|
2014-10-21 16:30:31 +02:00 |
|