diff options
| author | Ingela Anderton Andin <[email protected]> | 2012-08-23 15:27:27 +0200 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2012-08-23 15:27:27 +0200 |
| commit | 2272217e87122fbb44e1e74fe74283b82282a94f (patch) | |
| tree | 15abcc4ece9bb5bd09154486e81ed0feb1a0b15d /lib/ssl/src/ssl_internal.hrl | |
| parent | 5b51ee7f109b4492870958d86338e216288a4a37 (diff) | |
| parent | f5c54053e4d99c7c6eb1163047632d16c1fd5f19 (diff) | |
| download | otp-2272217e87122fbb44e1e74fe74283b82282a94f.tar.gz otp-2272217e87122fbb44e1e74fe74283b82282a94f.tar.bz2 otp-2272217e87122fbb44e1e74fe74283b82282a94f.zip | |
Merge branch 'ia/ssl/tls1.1and1.2' into maint
* ia/ssl/tls1.1and1.2: (46 commits)
ssl: Clean up of code thanks to dialyzer
ssl: Test suite adjustments
ssl & public_key: Prepare for release
ssl: Use crypto:strong_rand_bytes if possible
ssl & public_key: Add use of more "sha-rsa oids"
ssl: Fix inet header option to behave as in inet
ssl: TLS 1.2: fix hash and signature handling
ssl: TLS 1.2: fix Certificate Request list of Accepted Signatur/Hash combinations
ssl: Add Signature Algorithms hello extension from TLS 1.2
ssl: Fix rizzo tests to run as intended
ssl: TLS-1.1 and TLS-1.2 support should not be default until R16
ssl: Signture type bug
ssl: Add crypto support check (TLS 1.2 require sha256 support)
ssl: Dialyzer fixes
ssl: IDEA cipher is deprecated by TLS 1.2
ssl: Run relevant tests for all SSL/TLS versions
ssl: Add TLS version switches to openssl tests
ssl: Enable TLS 1.2
ssl: Enable mac_hash for TLS 1.2
ssl: Implement TLS 1.2 signature support
...
Diffstat (limited to 'lib/ssl/src/ssl_internal.hrl')
| -rw-r--r-- | lib/ssl/src/ssl_internal.hrl | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/lib/ssl/src/ssl_internal.hrl b/lib/ssl/src/ssl_internal.hrl index 18cfcdcd68..b8f2ae3b51 100644 --- a/lib/ssl/src/ssl_internal.hrl +++ b/lib/ssl/src/ssl_internal.hrl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2007-2011. All Rights Reserved. +%% Copyright Ericsson AB 2007-2012. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -34,7 +34,7 @@ -type host() :: inet:ip_address() | inet:hostname(). -type session_id() :: 0 | binary(). -type tls_version() :: {integer(), integer()}. --type tls_atom_version() :: sslv3 | tlsv1. +-type tls_atom_version() :: sslv3 | tlsv1 | 'tlsv1.1' | 'tlsv1.2'. -type certdb_ref() :: reference(). -type db_handle() :: term(). -type key_algo() :: null | rsa | dhe_rsa | dhe_dss | dh_anon. @@ -69,11 +69,11 @@ -define(TRUE, 0). -define(FALSE, 1). --define(DEFAULT_SUPPORTED_VERSIONS, [tlsv1, sslv3]). % TODO: This is temporary -%-define(DEFAULT_SUPPORTED_VERSIONS, ['tlsv1.1', tlsv1, sslv3]). +-define(DEFAULT_SUPPORTED_VERSIONS, [tlsv1, sslv3]). %% Add 'tlsv1.1' in R16 +-define(ALL_SUPPORTED_VERSIONS, ['tlsv1.2', 'tlsv1.1', tlsv1, sslv3]). -record(ssl_options, { - versions, % 'tlsv1.1' | tlsv1 | sslv3 + versions, % 'tlsv1.2' | 'tlsv1.1' | tlsv1 | sslv3 verify, % verify_none | verify_peer verify_fun, % fun(CertVerifyErrors) -> boolean() fail_if_no_peer_cert, % boolean() |