diff options
| -rw-r--r-- | lib/ssl/doc/src/new_ssl.xml | 14 | ||||
| -rw-r--r-- | lib/ssl/doc/src/notes.xml | 67 | ||||
| -rw-r--r-- | lib/ssl/vsn.mk | 7 |
3 files changed, 84 insertions, 4 deletions
diff --git a/lib/ssl/doc/src/new_ssl.xml b/lib/ssl/doc/src/new_ssl.xml index 4ffaa9d96a..69298759bd 100644 --- a/lib/ssl/doc/src/new_ssl.xml +++ b/lib/ssl/doc/src/new_ssl.xml @@ -22,7 +22,6 @@ The Initial Developer of the Original Code is Ericsson AB. </legalnotice> - <title>ssl</title> <prepared>Ingela Anderton Andin</prepared> <responsible>Ingela Anderton Andin</responsible> @@ -83,7 +82,7 @@ meaningless pid.</item> <item>New API functions are ssl:shutdown/2, ssl:cipher_suites/[0,1] and - ssl:versions/0</item> + ssl:versions/0, ssl:renegotiate/1</item> <item>CRL and policy certificate extensions are not supported yet. </item> <item>Supported SSL/TLS-versions are SSL-3.0 and TLS-1.0 </item> @@ -408,6 +407,17 @@ end </desc> </func> + <func> + <name>format_error(Reason) -> string()</name> + <fsummary>Return an error string.</fsummary> + <type> + <v>Reason = term()</v> + </type> + <desc> + <p>Presents the error returned by an ssl function as a printable string.</p> + </desc> + </func> + <func> <name>getopts(Socket) -> </name> <name>getopts(Socket, OptionNames) -> diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 9d13427677..8028e94484 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -30,6 +30,73 @@ </header> <p>This document describes the changes made to the SSL application. </p> + + <section><title>SSL 3.11.1</title> + + <section><title>Fixed Bugs and Malfunctions</title> + <list> + <item> + <p> + Fixed handling of several ssl/tls packets arriving at the + same time. This was broken during a refactoring of the + code.</p> + <p> + Own Id: OTP-8679</p> + </item> + </list> + </section> + + <section><title>Improvements and New Features</title> + <list> + <item> + <p> + Added missing checks for padding and Mac value. Removed + code for export ciphers and DH certificates as we decided + not to support them.</p> + <p> + Own Id: OTP-7047</p> + </item> + <item> + <p> + New ssl will no longer return esslerrssl to be backwards + compatible with old ssl as this hids infomation from the + user. format_error/1 has been updated to support new ssl.</p> + <p> + *** POTENTIAL INCOMPATIBILITY ***</p> + <p> + Own Id: OTP-7049</p> + </item> + <item> + <p> + New ssl now supports secure renegotiation as described by + RFC 5746.</p> + <p> + Own Id: OTP-8568</p> + </item> + <item> + <p> + New ssl now support client/server-certificates signed by + dsa keys.</p> + <p> + Own Id: OTP-8587</p> + </item> + <item> + <p> + Alert handling has been improved to better handle + unexpected but valid messages and the implementation is + also changed to avoid timing related issues that could + cause different error messages depending on network + latency. Packet handling was sort of broken but would + mostly work as expected when socket was in binary mode. + This has now been fixed.</p> + <p> + Own Id: OTP-8588</p> + </item> + </list> + </section> + +</section> + <section><title>SSL 3.11</title> <section><title>Fixed Bugs and Malfunctions</title> diff --git a/lib/ssl/vsn.mk b/lib/ssl/vsn.mk index e3db7008e3..5d8be1cd0b 100644 --- a/lib/ssl/vsn.mk +++ b/lib/ssl/vsn.mk @@ -19,9 +19,12 @@ SSL_VSN = 3.11.1 -TICKETS = OTP-8588 \ +TICKETS = OTP-8679 \ + OTP-7047 \ + OTP-7049 \ OTP-8568 \ - OTP-7049 + OTP-8587 \ + OTP-8588 #TICKETS_3.11 = OTP-8517 \ # OTP-7046 \ |