aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl_connection.erl
AgeCommit message (Collapse)Author
2019-05-28ssl: Returned "alert error string" should be same as logged alert stringIngela Anderton Andin
2019-05-08ssl: Remove legacy calls to next_recordIngela Anderton Andin
2019-04-30ssl: Fix dialyzer warningsPéter Dimitrov
Change-Id: Ic4895195569073916f158a06b95061939f15cfc0 Conflicts: lib/ssl/doc/src/ssl.xml lib/ssl/src/ssl.erl
2019-03-08ssl: Correct active once emulationIngela Anderton Andin
Conflicts: lib/ftp/test/ftp_SUITE.erl
2019-02-22Merge branch ssl-active-n of essen:erlang/otp into essen/ssl-active-nRaimo Niskanen
* essen:erlang/otp: fixup! ssl: Add support for {active,N} ssl: Use common fonction to update {active,N} ssl: Document {active,N} ssl: Add support for {active,N} Conflicts: lib/ssl/src/ssl_connection.erl
2019-02-19fixup! ssl: Add support for {active,N}Loïc Hoguin
2019-02-19ssl: Add support for {active,N}Loïc Hoguin
2019-02-18Optimize binary matchingRaimo Niskanen
2019-02-14Clean up module boundariesRaimo Niskanen
Improve the abstraction between the ssl_connection module and dtls_connection, tls_connection and tls_sender, as well as towards the lower level tls_record and ssl_record modules. Remove some dead code.
2019-02-13Use iovec() internally in send pathRaimo Niskanen
2019-02-13Optimize read_application_data with Okasaki queueRaimo Niskanen
To avoid degenerate case with quadratic complexity that shows up when sending large messages since the the fragment concatenation was done by binary append. An Okasaki queue is much more efficient.
2019-02-13ssl: Use gen_statem named timers to handle connection and recv timeoutsIngela Anderton Andin
2019-02-08ssl: Move and rename diffie_hellman_keys and srp_keys to kex_keysIngela Anderton Andin
2019-02-08ssl: Move key_algorithm to handshake_envIngela Anderton Andin
2019-02-08ssl: srpIngela Anderton Andin
2019-02-08ssl: RenameIngela Anderton Andin
2019-02-08ssl: Move diffie_hellman_params to handshake_envIngela Anderton Andin
2019-02-08ssl: Move and rename psk_identity state record fieldIngela Anderton Andin
2019-02-08ssl: Move premaster_secret to handshake_envIngela Anderton Andin
2019-02-08ssl: Add private_key to connection_envIngela Anderton Andin
2019-02-08ssl: Add erl_dist_handle to connection_envIngela Anderton Andin
2019-02-08ssl: Add negotiated_version to connection_envIngela Anderton Andin
2019-02-08ssl: Add key exchange items to handshake_envIngela Anderton Andin
2019-02-08ssl: Add hashsign_algorithm and cert_hashsign_algorithm to handshake_envIngela Anderton Andin
2019-02-08ssl: Add downgrade handling to connection_envIngela Anderton Andin
Remove duplicate handsake history handling form ssl_config function. Later we might refactor to avoid duplication in TLS and DTLS code, but handshake history does not belong in ssl_config function.
2019-02-08ssl: Create connection_envIngela Anderton Andin
2019-02-08ssl: Handle renegotiation and extensions in handshake_envIngela Anderton Andin
2019-02-05ssl: Use specs to generate type documentationIngela Anderton Andin
2019-01-22ssl: Create hs_envIngela Anderton Andin
We want to decrease the size of the outer state tuple, and gain ease of understanding by better grouping. This is the first step of creating a hs_env (handshake environment) part of the state. This change will be performed gradually to reduce merge conflicts complexity and risk of introducing errors.
2019-01-22ssl: Remove unnecessary iolist_to_binaryIngela Anderton Andin
2019-01-14ssl: Add value 'save' to reuse_sessions and reuse_session client optionIngela Anderton Andin
We want to be able to save a specific session to reuse, and make sure it is reusable immediatly when the connection has been established. Add client option {reuse_session, SessionID::binary()} We also do not want clients to save sessions that it did not verify. Additionaly change behaviour of the client and server to not save sessions if reuse_session is set to false.
2019-01-14ssl: Client shall only save verified sessionsIngela Anderton Andin
Modernize test case option handling
2019-01-14ssl: Modernize test suiteIngela Anderton Andin
2018-12-22ssl: Fix two invalid gen_statem returnsLoïc Hoguin
2018-12-19ssl: Fix renegotiation with new TLS senderIngela Anderton Andin
Wtite connection state was not synchronized when peer initiated renegotiation
2018-12-13Tighten dist app data receiveRaimo Niskanen
2018-12-13ssl: Remove no longer needed functionsIngela Anderton Andin
As the stop wrapper functions are no longer needed after tls_sender that altered the behaviour of the TLS distribution code.
2018-12-13ssl: Fix downgradeIngela Anderton Andin
Both test case and code needed updates to work as intended. Code needed update due to new tls_sender process and the test case gave false positive reusult erarlier probably due to beeing to sloopy in order to avoid timeouts.
2018-12-12ssl: Remove unnecessary internal eventIngela Anderton Andin
2018-12-12ssl: Clean codeIngela Anderton Andin
Rename Connection:handle_common_event Connection:handle_protocol_record removing use of unnecessary argument and making code easier to understand.
2018-12-12ssl: Add static_env recordIngela Anderton Andin
State values created at init
2018-12-04Merge branch 'raimo/ssl/tls_dist-optimization' into maintRaimo Niskanen
* raimo/ssl/tls_dist-optimization: Handle socket close in state downgrade Handle dead sender at terminate Handle tls_sender exit properly Optimize split_bin Improve dist send throughput
2018-12-04Handle socket close in state downgradeRaimo Niskanen
2018-12-03ssl: Fix error handling in function passive_receiveIngela Anderton Andin
Also avoid code duplication Conflicts: lib/ssl/src/dtls_connection.erl lib/ssl/src/tls_connection.erl
2018-12-03ssl: Correct ssl:shutdownIngela Anderton Andin
When internaly using active N, bugs in shutdown implementation where reveled.
2018-12-03ssl: Internaly use {active, N}Ingela Anderton Andin
Make next_record an internal help function to next_event and avoid duplicate calls to tls_socket:setopts for setting the active option.
2018-11-30Handle tls_sender exit properlyRaimo Niskanen
2018-11-05ssl: controlling_process should be allowed on transpor_accept sockets alongIngela Anderton Andin
with handshake Fix of commit 68d9244ae33e5eea36250c3bb9ffe046a4db5647
2018-11-01ssl: Return error to user that tries to use a "transport accepted" socket forIngela Anderton Andin
other purposes than handshaking
2018-10-08ssl: ERL-738 - Correct alert handling with new TLS sender processIngela Anderton Andin
With the new TLS sender process, solving ERL-622, TLS ALERTs sent in the connection state must be encrypted and sent by the TLS sender process. This to make sure that the correct encryption state is used to encode the ALERTS. Care must also be taken to ensure a graceful close down behavior both for normal shutdown and downgrading from TLS to TCP. The original TR ERL-738 is verified by cowboy tests, and close down behavior by our tests. However we alas have not been able to yet create a minimal test case for the originating problem. Also it seems it has become less likely that we run in to the TCP delivery problem, that is the guarantee is only on transport level, not application level. Keep work around function in ssl_test_lib but we can have better test as long as we do not get to much wobbling tests.
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-11 22:53:58 +0000