otp.git/lib/ssl, branch OTP-21.1.3

Prepare release

2018-10-12T15:12:09+00:00

ssl: TLS sender process needs to get updates of the socket option packet

2018-10-11T09:38:48+00:00

If the socket option is set to {packet, 1|2|3|4}  sender process needs to
add a packet length header. If packet is changed with ssl:setopts/2 this needs
to be communicated to tls_sender.

ssl: ERL-738 - Correct alert handling with new TLS sender process

2018-10-10T08:28:59+00:00

With the new TLS sender process, solving ERL-622, TLS ALERTs sent in
the connection state must be encrypted and sent by the TLS sender
process. This to make sure that the correct encryption state is used
to encode the ALERTS. Care must also be taken to ensure a graceful
close down behavior both for normal shutdown and downgrading from TLS
to TCP.

The original TR ERL-738 is verified by cowboy tests, and close down
behavior by our tests. However we alas have not been able to yet
create a minimal test case for the originating problem.

Also it seems it has become less likely that we run in to the TCP
delivery problem, that is the guarantee is only on transport level,
not application level. Keep work around function in ssl_test_lib but
we can have better test as long as we do not get to much wobbling
tests.

Prepare release

2018-09-24T09:32:41+00:00

Update copyright year

2018-09-21T10:23:25+00:00

ssl: Improve interop checks

2018-09-20T13:27:51+00:00

ssl: Move link to correct process

2018-09-20T08:54:59+00:00

The link should be between the connection process and the tls_sender
process. But the start of the tls_sender process needs to be done
by the process that also starts the connection process in order to
correctly create the opaque #ssl_socket{}.

ssl: Handle incomplete and unorded chains

2018-09-12T08:51:03+00:00

If the peer sends an incomplete chain that we can reconstruct with
our known CA-certs it will be accepted.

We will assume that the peer honors the protocol and sends an orded
chain, however if validation fails we will try to order the chain in
case it was unorded. Will also handle that extraneous cert where present.

See Note form RFC 8446

Note: Prior to TLS 1.3, "certificate_list" ordering required each
certificate to certify the one immediately preceding it; however,
some implementations allowed some flexibility.  Servers sometimes
send both a current and deprecated intermediate for transitional
purposes, and others are simply configured incorrectly, but these
cases can nonetheless be validated properly.  For maximum
compatibility, all implementations SHOULD be prepared to handle
potentially extraneous certificates and arbitrary orderings from any
TLS version, with the exception of the end-entity certificate which
MUST be first.

ssl: Correct handling of all PSK cipher suites

2018-09-11T08:49:32+00:00

Before only some PSK suites would be correctly negotiated and most PSK
ciphers suites would fail the connection.

PSK cipher suites are anonymous in the sense that they do not use
certificates except for rsa_psk.

Fixed ssl_options typespec for key

2018-09-04T10:37:00+00:00