Dr. Stephen Henson
a47577164c
Since DTLS 1.0 is based on TLS 1.1 we should never return a decryption_failed
...
alert.
2011-01-04 19:34:20 +00:00
Dr. Stephen Henson
44959ee456
PR: 1833
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Support for abbreviated handshakes when renegotiating.
2010-08-26 14:23:52 +00:00
Ben Laurie
c8bbd98a2b
Fix warnings.
2010-06-12 14:13:23 +00:00
Dr. Stephen Henson
3122d1d382
PR: 2229
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Don't drop DTLS connection if mac or decryption failed.
2010-04-14 00:10:05 +00:00
Dr. Stephen Henson
b7463c8818
PR: 2228
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix DTLS buffer record MAC failure bug.
2010-04-14 00:03:27 +00:00
Dr. Stephen Henson
ff12f88b8e
PR: 2218
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fixes for DTLS replay bug.
2010-04-06 12:45:04 +00:00
Dr. Stephen Henson
47e6a60e42
PR: 2219
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fixes for DTLS buffering bug.
2010-04-06 12:40:19 +00:00
Dr. Stephen Henson
04f9095d9e
Fix unitialized warnings
2009-10-04 16:52:51 +00:00
Dr. Stephen Henson
e9f613acea
PR: 2039
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS listen bug fix,
2009-09-15 22:48:57 +00:00
Dr. Stephen Henson
480b9e5d29
PR: 2006
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Do not use multiple DTLS records for a single user message
2009-08-26 11:51:57 +00:00
Dr. Stephen Henson
b972fbaa8f
PR: 1997
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS timeout handling fix.
2009-08-12 13:19:54 +00:00
Dr. Stephen Henson
0f65d5eba5
PR: 1993
...
Fix from 0.9.8-stable.
2009-07-24 11:52:55 +00:00
Dr. Stephen Henson
5c168710ac
Update from 1.0.0-stable.
2009-07-13 11:44:30 +00:00
Dr. Stephen Henson
fc007d021e
Fix warnings.
2009-07-04 12:04:06 +00:00
Dr. Stephen Henson
baacd8d4e5
PR: 1981
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS record header bugfix.
2009-07-04 11:38:40 +00:00
Dr. Stephen Henson
9458530d45
Update from 1.0.0-stable
2009-07-01 11:29:25 +00:00
Dr. Stephen Henson
58f41a926a
Updates from 1.0.0-stable
2009-06-05 14:59:26 +00:00
Dr. Stephen Henson
8d932f6fd7
Update from 1.0.0-stable
2009-05-16 16:18:19 +00:00
Dr. Stephen Henson
eb38b26dbc
Update from 1.0.0-stable.
2009-05-15 22:58:40 +00:00
Dr. Stephen Henson
ef236ec3b2
Merge from 1.0.0-stable branch.
2009-04-23 16:32:42 +00:00
Dr. Stephen Henson
8711efb498
Updates from 1.0.0-stable branch.
2009-04-20 11:33:12 +00:00
Dr. Stephen Henson
e5fa864f62
Updates from 1.0.0-stable.
2009-04-15 15:27:03 +00:00
Ben Laurie
0eab41fb78
If we're going to return errors (no matter how stupid), then we should
...
test for them!
2008-12-29 16:11:58 +00:00
Ben Laurie
fe1c7fecf1
Reverse incorrect earlier fix.
2008-12-29 11:47:08 +00:00
Ben Laurie
9b9cb004f7
Deal with the unlikely event that EVP_MD_CTX_size() returns an error.
...
(Coverity ID 140).
2008-12-27 02:09:24 +00:00
Lutz Jänicke
570006f3a2
Half of the commit for 0.9.8 as the bitmap handling has changed.
...
(Firstly... ommitted)
Secondly, it wasn't even _dropping_ the offending packets, in the
non-blocking case. It was just returning garbage instead.
PR: #1752
Submitted by: David Woodhouse <dwmw2@infradead.org>
2008-10-13 06:43:03 +00:00
Andy Polyakov
51ec776b7d
dtls1_write_bytes consumers expect amount of bytes written per call, not
...
overall.
PR: 1604
2008-09-14 17:56:15 +00:00
Andy Polyakov
d493899579
DTLS didn't handle alerts correctly.
...
PR: 1632
2008-09-13 18:24:38 +00:00
Andy Polyakov
659f7f3168
Don't let DTLS ChangeCipherSpec increment handshake sequence number.
...
PR: 1587
2007-10-17 21:15:48 +00:00
Andy Polyakov
d527834a1d
Basic idea behind explicit IV is to make it unpredictable for attacker.
...
Until now it was xor between CBC residue and 1st block from last datagram,
or in other words still predictable.
2007-09-30 22:01:36 +00:00
Andy Polyakov
89c333e3e5
Make ChangeCipherSpec compliant with DTLS RFC4347.
2007-09-30 21:19:30 +00:00
Andy Polyakov
7432d073af
Switch to RFC-compliant version encoding in DTLS.
2007-09-30 18:53:54 +00:00
Dr. Stephen Henson
b948e2c59e
Update ssl library to support EVP_PKEY MAC API. Include generic MAC support.
2007-06-04 17:04:40 +00:00
Bodo Möller
1e24b3a09e
fix support for receiving fragmented handshake messages
2006-11-29 14:45:50 +00:00
Dr. Stephen Henson
89c9c66736
Submitted by: Brad Spencer <spencer@jacknife.org>
...
Reviewed by: steve
2006-09-23 17:29:49 +00:00
Nils Larsch
8c5a2bd6bb
add additional checks + cleanup
...
Submitted by: David Hartman <david_hartman@symantec.com>
2006-01-29 23:12:22 +00:00
Bodo Möller
01c76c6606
There's no such things as DTLS1_AD_MISSING_HANDSHAKE_MESSAGE.
...
For now, anyway.
2006-01-07 20:44:29 +00:00
Richard Levitte
b2a9d36a7f
bytes_to_long_long isn't used anywhere any more, so let's remove it
...
entirely.
2005-07-26 05:10:50 +00:00
Richard Levitte
04f15edb91
I'm reversing this change, as it seems the error is somewhere else.
2005-07-26 04:53:21 +00:00
Geoff Thorpe
a384002724
Fix 64-bit compilation when PQ_64BIT_IS_INTEGER isn't defined.
2005-07-26 04:01:50 +00:00
Andy Polyakov
44eff497e8
Fix typo in ssl/d1_pkt.c.
2005-06-20 19:36:34 +00:00
Andy Polyakov
50ec3951dc
Handle wrap-arounds and revive missing assignment.
2005-06-20 12:40:37 +00:00
Andy Polyakov
dffdb56b7f
"Liberate" dtls from BN dependency. Fix bug in replay/update.
2005-06-07 22:21:14 +00:00
Richard Levitte
d1acb9b44f
Further change pq_compat.h to generate the flag macros PQ_64BIT_IS_INTEGER
...
and PQ_64BIT_IS_BIGNUM with the values 0 (for false) and 1 (for true),
depending on which is true. Use those flags everywhere else to provide
the correct implementation for handling certain operations in q PQ_64BIT.
2005-06-06 00:32:11 +00:00
Richard Levitte
188b05792f
pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't
...
have a uniform representation for those over all architectures, so a
little bit of hackery is needed.
Contributed by nagendra modadugu <nagendra@cs.stanford.edu>
2005-05-30 22:34:37 +00:00
Dr. Stephen Henson
6c61726b2a
Lots of Win32 fixes for DTLS.
...
1. "unsigned long long" isn't portable changed: to BN_ULLONG.
2. The LL prefix isn't allowed in VC++ but it isn't needed where it is used.
2. Avoid lots of compiler warnings about signed/unsigned mismatches.
3. Include new library directory pqueue in mk1mf build system.
4. Update symbols.
2005-04-27 16:27:14 +00:00
Bodo Möller
beb056b303
fix SSLerr stuff for DTLS1 code;
...
move some functions from exported header <openssl/dtl1.h> into "ssl_locl.h";
fix silly indentation (a TAB is *not* always 4 spaces)
2005-04-26 18:08:00 +00:00
Dr. Stephen Henson
4e321ffaff
Fixes for signed/unsigned warnings and shadows.
2005-04-26 17:43:53 +00:00
Ben Laurie
36d16f8ee0
Add DTLS support.
2005-04-26 16:02:40 +00:00