Simple client side implementation indicates support and uses the cid of
the server, when negotiated by that.
Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
The previous version ignores the option for the local port. That may be
caused by issues using the same default local port for the server and
client.
This enables the use of an specific local port and changes the default
to an ephemeral free port, similar to quite a lot of other UDP clients.
The DEFAULT_PORT is therefore only used for the destination.
Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
Use empty client certificate, if a certificate is requested but no
certificate is available.
Issue #186
Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
Do not calculate the cookie using the Extensions as these are
different between DTLS1.2 and DTLS1.3
https://datatracker.ietf.org/doc/html/rfc6347#section-4.2.1
When responding to a HelloVerifyRequest, the client MUST use the same
parameter values (version, random, session_id, cipher_suites,
compression_method) as it did in the original ClientHello. The
server SHOULD use those values to generate its cookie and verify that
they are correct upon cookie receipt.
https://www.rfc-editor.org/rfc/rfc9147.html#section-5.3
The ClientHello up to, but not including the Extensions is the same for
DTLS1.2 and DTLS1.3
Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
Supports RFC5746 minimal version without renegotiation.
Add detailed documentation about the message length calculations.
Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV to DTLS_CH_LENGTH_MAX.
Remove eclipse_curves from ServerHello length.
Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
This change replaces the pre-processor symbol _GNU_SOURCE set in
the Makefile with _POSIX_C_SOURCE to provide support for kill(2)
and getaddrinfo(3).
Change-Id: Ib4c9ade28b663d86a182ee34cbf262526240cd7d
NI_MAXSERV is defined automatically when _GNU_SOURCE is provided.
This change sets the value to 32 (the default on Linux) when undefined.
Change-Id: I37bb5509383cb53b6e35cefa635f4647a3e2c721
Setting NDEBUG already replaces dtls_dsrv_hexdump_log(), dtls_dsrv_log_addr()
etc with dummy implementations.
This extends this to also replace dsrv_log() and dtls_{get,set}_log_level()
with a no-op implementation.
Some compilers complain that index is already defined in <strings.h>.
Replace index with lindex.
Signed-off-by: Jon Shallow <supjps-libcoap@jpshallow.com>
string.h is required for memcmp() that is used in session.c and
dtls_debug.c. Therefore, the header file needs to be included
only in these two files.
Change-Id: I11db1c37a7cc13d8fa2826f6d3e38d3765f4a4ec
Use of random() requires that _GNU_SOURCE is defined.
Cannot use variables named rand.
Make sure that dtls_prng.o is rebuilt whenever any of the
platform-specific/dtls_prng_*.c files are updated.
Signed-off-by: Jon Shallow <supjps-libcoap@jpshallow.com>
Every unsupported tls extension is logged using dtls_warn(), and the default
logging level is set to DTLS_LOG_WARN.
Update logging call to dtls_notice(), to reduce logging output noise.
Signed-off-by: Jon Shallow <supjps-libcoap@jpshallow.com>
Use cipher_suite_param_t for cipher-suite specific mac_len and
key_exchange_algorithm. Introduce dtls_cipher_index_t for simplified
cipher-suite parameter lookup. Cleanup old functions.
Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
Replace the "sizeof(buf)" with passed in size.
Drop received messages exceeding the buffer size.
Introduced "buf_ready", true, if last character in "buf" is a newline.
Use "strstr" to detect command.
Add "client:exit" command.
Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
