| 
							
							
								 Manuel Pégourié-Gonnard | 9d7821d774 | Fix warning in reduced config | 2014-11-06 01:19:52 +01:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | fedba98ede | Merge branch 'fb-scsv' into dtls * fb-scsv:
  Update Changelog for FALLBACK_SCSV
  Implement FALLBACK_SCSV server-side
  Implement FALLBACK_SCSV client-side | 2014-11-05 16:12:09 +01:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 1a03473576 | Keep EtM state across renegotiations | 2014-11-05 16:00:50 +01:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 169dd6a514 | Adjust minimum length for EtM | 2014-11-05 16:00:50 +01:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 08558e5b46 | Fix for the RFC erratum | 2014-11-05 16:00:50 +01:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 313d796e80 | Implement EtM | 2014-11-05 16:00:50 +01:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 0098e7dc70 | Preparation for EtM | 2014-11-05 16:00:50 +01:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 699cafaea2 | Implement initial negotiation of EtM Not implemented yet:
- actually using EtM
- conditions on renegotiation | 2014-11-05 16:00:50 +01:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | ada3030485 | Implement extended master secret | 2014-11-05 16:00:49 +01:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 1cbd39dbeb | Implement FALLBACK_SCSV client-side | 2014-11-05 16:00:49 +01:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 367381fddd | Add negotiation of Extended Master Secret (But not the actual thing yet.) | 2014-11-05 16:00:49 +01:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 6b875fc7e5 | Fix potential memory leak (from clang-analyzer) | 2014-10-21 16:33:00 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | df3acd82e2 | Limit HelloRequest retransmission if not enforced | 2014-10-21 16:32:58 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 26a4cf63ec | Add retransmission of HelloRequest | 2014-10-21 16:32:57 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 74a1378175 | Avoid false positive in ssl-opt.sh with memcheck | 2014-10-21 16:32:56 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 8e704f0f74 | DTLS depends on TIMING_C for now | 2014-10-21 16:32:56 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | b0643d152d | Add ssl_set_dtls_badmac_limit() | 2014-10-21 16:32:55 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 9b35f18f66 | Add ssl_get_record_expansion() | 2014-10-21 16:32:55 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 37e08e1689 | Fix max_fragment_length with DTLS | 2014-10-21 16:32:53 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 23cad339c4 | Fail cleanly on unhandled case | 2014-10-21 16:32:52 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | fc572dd4f6 | Retransmit only on last message from prev flight Be a good network citizen, try to avoid causing congestion by causing a
retransmission explosion. | 2014-10-21 16:32:51 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 8a7cf2543a | Add a few #ifdefs | 2014-10-21 16:32:51 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | ba958b8bdc | Add test for server-initiated renego Just assuming the HelloRequest isn't lost for now | 2014-10-21 16:32:50 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 46fb942046 | Fix warning about function that should be static | 2014-10-21 16:32:49 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | f1e9b09a0c | Fix missing #ifdef's | 2014-10-21 16:32:48 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 4e2f245752 | Fix timer issues - timer not firing when constantly receiving bad messages
- timer not reset on failed reads
- timer incorrectly restarted on resend during read | 2014-10-21 16:32:47 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | df9a0a8460 | Drop unexpected ApplicationData This is likely to happen on resumption if client speaks first at the
application level. | 2014-10-21 16:32:46 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 6b65141718 | Implement ssl_read() timeout (DTLS only for now) | 2014-10-21 16:32:46 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 2707430a4d | Fix types and comments about read_timeout | 2014-10-21 16:32:45 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 6c1fa3a184 | Fix misplaced initialisation of timeout | 2014-10-21 16:32:45 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | c8d8e97cbd | Move to milliseconds in recv_timeout() | 2014-10-21 16:32:44 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 905dd2425c | Add ssl_set_handshake_timeout() | 2014-10-21 16:32:43 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 0ac247fd88 | Implement timeout back-off (fixed range for now) | 2014-10-21 16:32:43 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 7de3c9eecb | Count timeout per flight, not per message | 2014-10-21 16:32:41 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | db2858ce96 | Preparation for timers Currently directly using timing.c, plan to use callbacks later to loosen
coupling, but first just get things working. | 2014-10-21 16:32:41 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 08a1d4bce1 | Fix bug with client auth with DTLS | 2014-10-21 16:32:39 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 23b7b703aa | Fix issue with renego & resend | 2014-10-21 16:32:38 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 2739313cea | Make anti-replay a runtime option | 2014-10-21 16:32:35 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 8464a46b6b | Make DTLS_ANTI_REPLAY depends on PROTO_DTLS | 2014-10-21 16:32:35 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 246c13a05f | Fix epoch checking | 2014-10-21 16:32:34 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | b47368a00a | Add replay detection | 2014-10-21 16:32:34 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 4956fd7437 | Test and fix anti-replay functions | 2014-10-21 16:32:34 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 7a7e140d4e | Add functions for replay protection | 2014-10-21 16:32:33 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | ea22ce577e | Rm unneeded counter increment with DTLS | 2014-10-21 16:32:33 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | abf16240dd | Add ability to resend last flight | 2014-10-21 16:32:31 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 767c69561b | Drop out-of-sequence ChangeCipherSpec messages | 2014-10-21 16:32:29 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 93017de47e | Minor optim: don't resend on duplicated HVR | 2014-10-21 16:32:29 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | c715aed744 | Fix epoch swapping | 2014-10-21 16:32:28 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 6a2bdfaf73 | Actually resend flights | 2014-10-21 16:32:28 +02:00 |  | 
			
				
					| 
							
							
								 Manuel Pégourié-Gonnard | 5d8ba53ace | Expand and fix resend infrastructure | 2014-10-21 16:32:28 +02:00 |  |