Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						81f2fe9f08 
					 
					
						
						
							
							Add option 'delay_ccs' to udp_proxy  
						
						
						
						
					 
					
						2014-10-21 16:30:27 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						60fdd7e0f2 
					 
					
						
						
							
							Add option 'drop' to udp_proxy  
						
						
						
						
					 
					
						2014-10-21 16:30:26 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						21398c37c0 
					 
					
						
						
							
							Add option 'delay' to udp_proxy  
						
						
						
						
					 
					
						2014-10-21 16:30:26 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						2c41bd85e0 
					 
					
						
						
							
							Add a 'duplicate' option to udp_proxy  
						
						
						
						
					 
					
						2014-10-21 16:30:26 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						44d5e63e6a 
					 
					
						
						
							
							Enhance output of udp_proxy  
						
						
						
						
					 
					
						2014-10-21 16:30:25 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						cb4137b646 
					 
					
						
						
							
							Add test utility udp_proxy  
						
						... 
						
						
						
						Currently just forwards: will delay, duplicate and drop later. 
						
						
					 
					
						2014-10-21 16:30:25 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						4ba6ab6d0d 
					 
					
						
						
							
							Fix glitch with HelloVerifyRequest  
						
						... 
						
						
						
						With the close-rebind strategy, sometimes the second ClientHello was lost (if
received before close), and since our client doesn't resend yet, the tests
would fail (no problem with other client that resend). Anyway, it's not really
clean to lose messages. 
						
						
					 
					
						2014-10-21 16:30:20 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						26820e3061 
					 
					
						
						
							
							Add option 'cookies' to ssl_server2  
						
						
						
						
					 
					
						2014-10-21 16:30:18 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						a64acd4f84 
					 
					
						
						
							
							Add separate SSL_COOKIE_C define  
						
						
						
						
					 
					
						2014-10-21 16:30:18 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						232edd46be 
					 
					
						
						
							
							Move cookie callbacks implementation to own module  
						
						
						
						
					 
					
						2014-10-21 16:30:17 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						d485d194f9 
					 
					
						
						
							
							Move to a callback interface for DTLS cookies  
						
						
						
						
					 
					
						2014-10-21 16:30:17 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						82202f0a9c 
					 
					
						
						
							
							Make DTLS_HELLO_VERIFY a compile option  
						
						
						
						
					 
					
						2014-10-21 16:30:16 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						98545f128a 
					 
					
						
						
							
							Generate random key for HelloVerifyRequest  
						
						
						
						
					 
					
						2014-10-21 16:30:16 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						336b824f07 
					 
					
						
						
							
							Use ssl_set_client_transport_id() in ssl_server2  
						
						
						
						
					 
					
						2014-10-21 16:30:15 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						ae5050c212 
					 
					
						
						
							
							Start adapting ssl_client2 to datagram I/O  
						
						
						
						
					 
					
						2014-10-21 16:30:11 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						798f15a500 
					 
					
						
						
							
							Fix version adjustments with force_ciphersuite  
						
						
						
						
					 
					
						2014-10-21 16:30:10 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						fe3f73bdeb 
					 
					
						
						
							
							Allow force_version to select DTLS  
						
						
						
						
					 
					
						2014-10-21 16:30:10 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						8a06d9c5d6 
					 
					
						
						
							
							Actually use UDP for DTLS in test client/server  
						
						
						
						
					 
					
						2014-10-21 16:30:09 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						f5a1312eaa 
					 
					
						
						
							
							Add UDP support to the NET module  
						
						
						
						
					 
					
						2014-10-21 16:30:09 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						83218f1da1 
					 
					
						
						
							
							Add dtls version aliases to test serv/cli  
						
						
						
						
					 
					
						2014-10-21 16:30:05 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						864a81fdc0 
					 
					
						
						
							
							More ssl_set_XXX() functions can return BAD_INPUT  
						
						
						
						
					 
					
						2014-10-21 16:30:04 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						e29fd4beaf 
					 
					
						
						
							
							Add a dtls option to test server and client  
						
						
						
						
					 
					
						2014-10-21 16:30:03 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						f138874811 
					 
					
						
						
							
							Properly send close_notify in ssl_client2  
						
						
						
						
					 
					
						2014-08-19 16:14:36 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						a8c0a0dbd0 
					 
					
						
						
							
							Add "exchanges" option to test server and client  
						
						... 
						
						
						
						Goal is to test renegotiation better: we need more than one exchange for
server-initiated renego to work reliably (the previous hack for this wouldn't
work with non-blocking I/O and probably not with DTLS either).
Also check message termination in a semi-realistic way. 
						
						
					 
					
						2014-08-19 13:26:05 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						296e3b1174 
					 
					
						
						
							
							Request renego before write in ssl_server2  
						
						... 
						
						
						
						Will be useful for:
- detecting termination of messages by other means than connection close
- DTLS (can be seen as a special case of the above: datagram-oriented) 
						
						
					 
					
						2014-08-19 12:59:03 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						e08660e612 
					 
					
						
						
							
							Fix ssl_read() and close_notify error handling in programs  
						
						
						
						
					 
					
						2014-08-19 10:34:37 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						67686c42e6 
					 
					
						
						
							
							Fix undocumented option in ssl_server2  
						
						
						
						
					 
					
						2014-08-19 10:34:37 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						250b1ca6f3 
					 
					
						
						
							
							Fix ssl_server2 exiting on recoverable errors  
						
						
						
						
					 
					
						2014-08-19 10:34:37 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						bc3e54c70d 
					 
					
						
						
							
							Fix overly rigorous defines in ssl_server2.c  
						
						
						
						
					 
					
						2014-08-18 14:36:17 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						d153ef335f 
					 
					
						
						
							
							Missing dependencies on POLARSSL_ECP_C fixed  
						
						
						
						
					 
					
						2014-08-18 12:00:28 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						09c9dd80ef 
					 
					
						
						
							
							Revert  42cc641. Issue already fixed in  333fdec.  
						
						
						
						
					 
					
						2014-08-18 11:06:56 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						c1283d3f4c 
					 
					
						
						
							
							Only use signal() in ssl_server2 on non-Windows platforms  
						
						
						
						
					 
					
						2014-08-18 11:05:51 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						dcab293bd4 
					 
					
						
						
							
							Get rid of SERVERQUIT code in ssl_{client,server}2  
						
						
						
						
					 
					
						2014-08-14 18:33:00 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						db49330e08 
					 
					
						
						
							
							ssl_server2 aborts cleanly on SIGTERM  
						
						... 
						
						
						
						(while waiting for a new connection) 
						
						
					 
					
						2014-08-14 18:33:00 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						a39416ff38 
					 
					
						
						
							
							Fix bounds and error checking in gen_key.c  
						
						
						
						
					 
					
						2014-08-14 11:34:35 +02:00 
						 
				 
			
				
					
						
							
							
								Alfred Klomp 
							
						 
					 
					
						
						
							
						
						7c03424d1c 
					 
					
						
						
							
							ssl_mail_client.c: silence warning, check base64_encode() status  
						
						... 
						
						
						
						Found with Clang's `scan-build` tool.
ssl_mail_client.c does a dead store by assigning the return value of
base64_encode() to `len` and not using the value.  This causes
scan-build to issue a warning.
Instead of storing the return value into `len`, store it to `ret`, since
base64_encode() returns a status code, not a length. Also check if the
return value is nonzero and print an error; this silences scan-build. 
						
						
					 
					
						2014-08-14 11:34:35 +02:00 
						 
				 
			
				
					
						
							
							
								Alfred Klomp 
							
						 
					 
					
						
						
							
						
						5b78f219d0 
					 
					
						
						
							
							ssl_test.c: remove dead store, assign at declaration  
						
						... 
						
						
						
						Found with Clang's `scan-build` tool.
The store to `ret` is not used, it's overwritten shortly after. Assign
the value of 1 at declaration time instead to silence scan-build. 
						
						
					 
					
						2014-08-14 11:34:34 +02:00 
						 
				 
			
				
					
						
							
							
								Alfred Klomp 
							
						 
					 
					
						
						
							
						
						1d42b3ea7e 
					 
					
						
						
							
							pem2der.c: fix double-free bug  
						
						... 
						
						
						
						Found with Clang's `scan-build` tool.
load_file() allocates memory to a char** parameter. It then tries to fread() a
file, and if that fails, frees the memory and returns to caller. However, the
char** is not reset to NULL, which causes a double-free error when the caller
later passes it to free(). 
						
						
					 
					
						2014-08-14 11:34:34 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						42cc641159 
					 
					
						
						
							
							Don't print uninitialized buffer in ssl_mail_client  
						
						
						
						
					 
					
						2014-08-14 11:34:34 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						9dbe7c5f17 
					 
					
						
						
							
							Remove unreachable code from ssl_pthread_server  
						
						
						
						
					 
					
						2014-08-14 11:34:34 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						955028f858 
					 
					
						
						
							
							Fix compile error in ssl_pthread_server  
						
						
						
						
					 
					
						2014-08-14 11:34:33 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						333fdeca3a 
					 
					
						
						
							
							Properly initialize buf  
						
						
						
						
					 
					
						2014-08-04 12:12:09 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						3966d71fa8 
					 
					
						
						
							
							gen_key should open file as binary for writing DER keys  
						
						
						
						
					 
					
						2014-07-10 15:27:09 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						d2a2d61a68 
					 
					
						
						
							
							Adapt programs / test suites  
						
						
						
						
					 
					
						2014-07-09 10:19:24 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						a317a98221 
					 
					
						
						
							
							Adapt programs / test suites  
						
						
						
						
					 
					
						2014-07-09 10:19:24 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						14e8be4d33 
					 
					
						
						
							
							Adapted programs / test suites to _init() and _free()  
						
						
						
						
					 
					
						2014-07-09 10:19:23 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						8cfd9d8c59 
					 
					
						
						
							
							Adapt programs / test suites to _init() and _free()  
						
						
						
						
					 
					
						2014-07-09 10:19:23 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						c5fd391e04 
					 
					
						
						
							
							Check return value of ssl_set_xxx() in programs  
						
						
						
						
					 
					
						2014-07-08 14:20:26 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						4e3e7c2944 
					 
					
						
						
							
							Clarify comment in program  
						
						
						
						
					 
					
						2014-07-08 14:20:26 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						8fb99abaac 
					 
					
						
						
							
							Merge changes for leaner memory footprint  
						
						
						
						
					 
					
						2014-07-04 15:02:19 +02:00