Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-12-07 | Update copyright-year | Erlang/OTP | |
2016-05-31 | Improve SSL diagnostics | Alexey Lebedeff | |
There are a lot of cases where `ssl` application just returns unhelpful `handshake failure` or `internal error`. This patch tries to provide better diagnostics so operator can debug his SSL misconfiguration without doing hardcore erlang debugging. Here is an example escript that incorrectly uses server certificate as a client one: https://gist.github.com/binarin/35c34c2df7556bf04c8a878682ef3d67 With the patch it is properly reported as an error in "extended key usage". | |||
2015-06-18 | Change license text to APLv2 | Bruce Yinhe | |
2015-03-17 | ssl: Add TLS-ALPN support | Loïc Hoguin | |
This commit adds support for RFC7301, application-layer protocol negotiation. ALPN is the standard based approach to the NPN extension, and is required for HTTP/2. ALPN lives side by side with NPN and provides an equivalent feature but in this case it is the server that decides what protocol to use, not the client. When both ALPN and NPN are sent by a client, and the server is configured with both ALPN and NPN options, ALPN will always take precedence. This behavior can also be found in the OpenSSL implementation of ALPN. ALPN and NPN share the ssl:negotiated_protocol/1 function for retrieving the negotiated protocol. The previously existing function ssl:negotiated_next_protocol/1 still exists, but has been deprecated and removed from the documentation. The tests against OpenSSL require OpenSSL version 1.0.2+. | |||
2015-03-02 | ssl: Implement support for TLS_FALLBACK_SCSV | Ingela Anderton Andin | |
2014-04-30 | ssl: Add checks to avoid processing of illegal alerts | Ingela Anderton Andin | |
2014-03-25 | ssl: Handle SNI alert unrecognized_name and gracefully deal with | Ingela Anderton Andin | |
unexpected alerts. Add recognitions of RFC 4366 alerts and handle possible unimplementd alerts in a gracefully way. | |||
2013-03-28 | SSL: add TLS PSK (RFC 4279 and RFC 5487) cipher suites | Andreas Schultz | |
2012-08-22 | ssl: Add missing sslv3 alert | Ingela Anderton Andin | |
2009-11-20 | The R13B03 release.OTP_R13B03 | Erlang/OTP | |