Use GNUtls because it is GPL compatible and instead of mbedTLS seems
to have a working non-blocking I/O integration. GNUtls has various
issues that could not be resolved easily:
* Pick spdy as sub protocol
* gmt_time not randomized
* private key loaded to RAM (but not verified)
This is the beginning and not the end. Client support might need more
work with actual tls verification. Maybe more manual x509 cert
verification is needed and maybe client certs don't work at all. I try
to ignore renegotiation as I threw away the key.
Reload x509 creds and keys as they might have changed from one
connection to another.
Change-Id: I9128e14084da1fc2705f858393f98b8133996172
Allow to inspect UDP messages and check for GPRS, NS, BSSGP
and then filter LLC frames. Parsing the vL datastructure with
the libpcap syntax is a pain. It could be done using BPF but
we do not want to use bpf asm to specify the entire ruleset.
I looked into using libepan/libwireshark but this has memory
issues and is painful too. So let's parse UDP, NS, BSSGP using
the info we already have. I tried a bit of editcap to generate
a bit of broken data. The length check might still be bad.
I used my crash_20100602.pcap file to count the LLC frames we
detect and compare that to wireshark it ended with the right
number.
pcap add-filter gprs
can be used to enable the new filtering option after the OS
has received the packet.
Fixes: ONW#1314
Holger Hans Peter Freyther
Sylvain Munaut