otp.git/lib/ssl/src/ssl_session.erl, branch R16B02_yielding_binary_to_term Mirror of Erlang/OTP repository. ssl: Consider new server options when resuming a session 2012-11-27T07:59:10+00:00 Ingela Anderton Andin ingela@erlang.org 2012-11-23T14:19:28+00:00 3aadbfeab5eaf4b5c932c576b79d96247ae00aeb If an ssl server is restarted with new options and a client tries to reuse a session the server must make sure that it complies to the new options before agreeing to reuse it. 
If an ssl server is restarted with new options and a client
tries to reuse a session the server must make sure that it complies
to the new options before agreeing to reuse it.
ssl: Move ets:select bottleneck in server 2012-06-08T14:52:05+00:00 Dan Gudmundsson dgud@erlang.org 2012-04-20T11:03:52+00:00 eaa2564532d6ac87fda2aa9a1d6bce0ac9d35829 Only use ssl_manager for selecting new ids to guarantee uniqueness, but reuse check does not need to be performed by the manager. 
Only use ssl_manager for selecting new ids to guarantee uniqueness,
but reuse check does not need to be performed by the manager.
ssl: Reuse session check optimization 2012-06-08T14:52:05+00:00 Ingela Anderton Andin ingela@erlang.org 2012-05-08T12:11:55+00:00 a0981bf885a99cce1dee1775378d56eb661eec27 






Improved session cleanup handling
2011-11-15T10:07:11+00:00

Ingela Anderton Andin
ingela@erlang.org

2011-11-15T09:21:25+00:00

93c099b6a02ba8c98392a69d6224e3bfe3c69c8e

Added session status "new" to mark sessions that are
in the session database to reserve the session id
but not resumable yet and that we want to separate from
sessions that has been invalidated for further reuse.





Added session status "new" to mark sessions that are
in the session database to reserve the session id
but not resumable yet and that we want to separate from
sessions that has been invalidated for further reuse.







Corrected spec name errors: ip_adress -> ip_address port_num -> port_number
2011-09-05T08:26:29+00:00

Ingela Anderton Andin
ingela@erlang.org

2011-09-05T08:26:29+00:00

eff93daf5f3f8d917414b89335ab4c8af5afe686












Use inet and gen_* dialyzer specs
2011-08-31T09:31:48+00:00

Ingela Anderton Andin
ingela@erlang.org

2011-08-22T14:59:36+00:00

4b0b4d1b8f61886182e93c546de59d08ff7b7caf












Removed global name from the certificate tabel
2011-06-29T09:50:35+00:00

Ingela Anderton Andin
ingela@erlang.org

2011-06-15T09:39:27+00:00

5f50de5893c26038933d4e1d1f91426e0f23fb15

We want the certificate table to be handled the same way as the
session table and not have a global name, so that we may easier
create a separate ssl-manager to handle erlang distribution over ssl.





We want the certificate table to be handled the same way as the
session table and not have a global name, so that we may easier
create a separate ssl-manager to handle erlang distribution over ssl.







Cache invaldation first version does not break old test cases
2010-12-16T09:39:38+00:00

Ingela Anderton Andin
ingela@erlang.org

2010-12-01T22:42:26+00:00

5224310c3975d5d5abf78914ecb63007a299ebae












Handling of path validation errors by the application
2010-09-06T12:52:50+00:00

Ingela Anderton Andin
ingela@erlang.org

2010-09-03T13:04:49+00:00

71e720e56888faa6da3856d5c5e08c8e983c9d5d

Changed the behavior of the verify_fun option so that
the application can be responsible for handling path validation
errors even on the server side. Also replaced the not yet
documented validate_extensions_fun to be handled by the
verify_fun instead.

If the verify callback fun returns {fail, Reason}, the verification process is
immediately stopped and an alert is sent to the peer and the TLS/SSL
handshake is terminated. If the verify callback fun returns {valid,
UserState}, the verification process is continued.  If the verify callback
fun always returns {valid, UserState}, the TLS/SSL handshake will not be
terminated with respect to verification failures and the connection
will be established. The verify callback fun will also be
able to verify application specific extensions.





Changed the behavior of the verify_fun option so that
the application can be responsible for handling path validation
errors even on the server side. Also replaced the not yet
documented validate_extensions_fun to be handled by the
verify_fun instead.

If the verify callback fun returns {fail, Reason}, the verification process is
immediately stopped and an alert is sent to the peer and the TLS/SSL
handshake is terminated. If the verify callback fun returns {valid,
UserState}, the verification process is continued.  If the verify callback
fun always returns {valid, UserState}, the TLS/SSL handshake will not be
terminated with respect to verification failures and the connection
will be established. The verify callback fun will also be
able to verify application specific extensions.







Revise the public_key API
2010-08-23T10:09:41+00:00

Ingela Anderton Andin
ingela@erlang.org

2010-07-05T15:24:40+00:00

12dfe961aeaf1a826d851361a24519e54d8ef119

Cleaned up and documented the public_key API to
make it useful for general use.





Cleaned up and documented the public_key API to
make it useful for general use.