Introduce a read_epoch to be used during the handshake.
Increment that, when the ccs is handled.
Drop received none matching records.
Signed-off-by: Achim Kraus <achim.kraus@bosch.io>
Needed to enable EC interopability with GnuTLS and Californium.
crypto.h:
Track extended_master_secret in dtls_handshake_parameters_t.
state.h:
Extended master secret hash info in dtls_hs_state_t.
global.h:
Add in #define for TLS_EXT_EXTENDED_MASTER_SECRET.
dtls.c:
Send out signature/hash algorithm in client hello so gnutls does not choose
SHA1. Verify signature/hash algorithm is supported in client hello.
Add in support for extended master secret as per RFC7627.
Allow server not to include client certificate type in server hello.
Define p before buf in stack so assert checking of buf overflow works.
Support servers that do not send back a hello verify request triggering
a second client hello.
Signed-off-by: Jon Shallow <supjps-libcoap@jpshallow.com>