Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
New design : ssl - Main
tls - Reflect tls specific semantics
dtls - Reflect dtls specific semantics
|
|
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/http_lib/http_transport.erl
lib/inets/src/inets_app/inets.appup.src
lib/inets/vsn.mk
lib/ssl/doc/src/notes.xml
lib/ssl/src/ssl.appup.src
lib/ssl/src/ssl.erl
lib/ssl/src/ssl_internal.hrl
lib/ssl/src/tls_connection.erl
lib/ssl/vsn.mk
|
|
added as option to inets conf file
|
|
|
|
Also phase in tls module as main API instead of ssl. To
make API clearer. As TLS is the new protocol name.
Maybe keep some API functions in ssl
|
|
As the file 'lib/ssl/src/ssl_srp_primes.hrl' only contains a
specification of a `srp_parameters` type that isn't exported and also
isn't referenced anywhere (neither in the code nor in the
documentation), the type specification (and hence the file as well) can
be removed.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
follow up enhancments done in commit
e56167dd6ca8d37d26ea7f19933691a3bda41113
Make sure format_error return good strings. Replace confusing legacy atoms
with more descriptive atoms.
|
|
|
|
|
|
Conflicts:
erts/emulator/sys/vxworks/sys.c
erts/vsn.mk
lib/ssl/src/ssl_connection.erl
lib/ssl/test/ssl_basic_SUITE.erl
|
|
|
|
Conflicts:
lib/ssl/src/ssl_connection.erl
|
|
The absence of the active default values could cause a process leak
|
|
A #sslsocket{} contains the fsm pid and value that was previously set to
old_ssl or new_ssl to make the transition period smoother. Now that old
ssl is not supported any more we use this field to store the inet socket
reference instead. This enables some API functions to return quicker
as they do not need to communicate with the fsm-process.
|
|
same as in gen_tcp.
Made error handling of listen sockets as arguments to funtions
expecting a connected socket more inet/gen_tcp like.
|
|
Also shorten test cases names to workaround test framework problems
on windows
|
|
more "sense" (be true to the specification).
|
|
* http://technotes.googlecode.com/git/nextprotoneg.html
|
|
|
|
|
|
|
|
TLS 1.2 allows to negotiate the used PRF,
additional the default PRF uses a different
hash. This change make the PRF selectable
and hardwires the PRF for TLS < 1.2
|
|
Avoid cach validation with file:file_info/2 as this i too expensive and
causes a bottleneck in the file server. Instead we expose a new API function
ssl:clear_pem_cache/0 to deal with the problem. As we think it will be
of occasional use and the normal case is that the cache will be valid we think
it is the right thing to do.
Convert file paths to binary representation in the ssl API module to
avoid uncessarry calls in file later on.
Also add sanity checks for openssl versions in testsuite due to new
openssl bugs.
|
|
|
|
transport layer need to generate additional application specific
key material. One way to generate such material is to use the TLS
PRF and key material from the TLS session itself.
This change makes it possible to use a TLS sessions PRF either with
the session internal or caller supplied key material to generate
additional key material.
|
|
|
|
I accidentally removed a little too much, only peercert/2 was deprecated.
|
|
* ia/ssl/remove-old-ssl/OTP-7048:
Remove old ssl implementation and deprecated function ssl:peercert/1
Conflicts:
lib/ssl/test/Makefile
|
|
Conflicts:
erts/aclocal.m4
erts/include/internal/ethread_header_config.h.in
|
|
|
|
|
|
* ia/ssl/dist/OTP-7053:
First fully working version
Use ssl instead of being a proxy command
Connect from both sides works now
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Filipe David Manana
OTP-9114: [ftp] Added (type) spec for all exported functions.
OTP-9123: mod_esi:deliver/2 made to accept binary data.
Bernard Duggan
OTP-9124: [httpd] Prevent XSS in error pages.
Michael Santos
OTP-9131: [httpd] Wrong security property names used in documentation.
Garrett Smith
OTP-9157: [httpd] Improved error messages.
Ricardo Catalinas Jim�nez
OTP-9158: [httpd] Fix timeout message generated by mod_esi.
Bernard Duggan
OTP-9202: [httpd] Extended support for file descriptors.
Attila Rajmund Nohl
OTP-9230: The default ssl kind has now been changed to essl.
OTP-9246: [httpc] httpc manager crash because of a handler retry
race condition.
Merge branch 'bmk/inets/inet56_integration' into dev
|
|
reason badarg. Neither SSL nor INETS catches this, resulting in crashes
with incomprehensible reasons.
OTP-9289
|