David Garske
|
73dbc873bd
Merge pull request #5586 from julek-wolfssl/dtls-misc-security
|
2 years ago |
Daniel Pouzzner
|
02cc7bf82e
fix whitespace/linelength/indentation.
|
2 years ago |
Juliusz Sosinowicz
|
1941fb2b35
Keep a separate drop counter for each epoch
|
2 years ago |
Juliusz Sosinowicz
|
67473bac28
Code review fixes
|
2 years ago |
Juliusz Sosinowicz
|
4e9106c355
Enforce maximum amount of failed decryptions in DTLS 1.3
|
2 years ago |
Juliusz Sosinowicz
|
112fc540bb
Fix build errors and warnings for MSVC with DTLS 1.3
|
2 years ago |
Juliusz Sosinowicz
|
28895ed0cd
Use a union and struct for padding in DtlsFragBucket
|
2 years ago |
Juliusz Sosinowicz
|
8bf3e0829e
Don't over-allocate memory for DTLS fragments
|
2 years ago |
Juliusz Sosinowicz
|
54bd786707
DTLS limit fragments
|
2 years ago |
Marco Oliverio
|
cfbd061625
add initial support for ConnectionID DTLS extension
|
2 years ago |
Juliusz Sosinowicz
|
fd1e8c49eb
Reset timeout when reading a valid DTLS message
|
2 years ago |
Marco Oliverio
|
163acb89af
dtls13: consider certificate_request processed on WC_PENDING_E
|
2 years ago |
Marco Oliverio
|
aca83b42d7
fix: dtls13: send immediately post-handshake certificate request
|
2 years ago |
David Garske
|
964ea85d3d
Fix typos for dynamic types in dtls13.c.
|
2 years ago |
Marco Oliverio
|
dce63fdfb3
async: fix issue with DTLSv1.3
|
2 years ago |
Marco Oliverio
|
07afc594a8
dtls13: aesthetic only changes
|
2 years ago |
Marco Oliverio
|
3850e6b554
fix: dtls13: use aes for record numbers encryption if using aes-ccm
|
2 years ago |
Marco Oliverio
|
066f17faad
fix: dtls13: hello_retry_request type isn't an encrypted message
|
2 years ago |
Marco Oliverio
|
c0fc87342c
tls13: avoid spurious state advances in connect/accept state machine
|
2 years ago |
Marco Oliverio
|
6711756b03
dtls13: support stream-based medium
|
2 years ago |
Kareem
|
44a49aeefa
Fix potentially uninitialized variables in Dtls13SetRecordNumberKeys.
|
2 years ago |
David Garske
|
b2d1bf96ed
Merge pull request #5276 from rizlik/dtls13_client_downgrade
|
2 years ago |
Marco Oliverio
|
8fe3f51ecb
dtls13: client: recompute transcript hash on downgrade
|
2 years ago |
David Garske
|
00391a5ace
Rename callback to `wolfDTLS_SetChGoodCb` and add doxygen for it. Clarify `DTLS_CTX.connected`. Fix build errors for `./configure --enable-dtls --enable-dtls13 --disable-examples CFLAGS="-DNO_WOLFSSL_SERVER"`.
|
2 years ago |
Juliusz Sosinowicz
|
c6aa4fc526
DTLS 1.3: allow the server to operate without maintaining state
|
2 years ago |
David Garske
|
aa8df1af78
Fixes for building without DTLS v1.2 and TLS v1.2. Fixes for explicit cast warnings.
|
2 years ago |
Marco Oliverio
|
ca05ad2dc0
dtls13: introduce wolfSSL_dtls_13_has_pending_msg() API
|
2 years ago |
Marco Oliverio
|
dfc9873c0f
dtls13: support KeyUpdate messages
|
2 years ago |
Marco Oliverio
|
d1924928c0
dtls13: support retransmission
|
2 years ago |
Marco Oliverio
|
d079662765
dtls13: support fragmentation, sending and receiving
|
2 years ago |