aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl_connection.hrl
AgeCommit message (Collapse)Author
2019-03-19Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/src/ssl.erl lib/ssl/src/tls_connection.erl
2019-03-11ssl: Fix transport transparancyIngela Anderton Andin
2019-02-22Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/doc/src/ssl.xml lib/ssl/src/ssl.erl
2019-02-22Merge branch 'ingela/ssl/doc-enhancements' into maintIngela Anderton Andin
* ingela/ssl/doc-enhancements: ssl: Enhance documentation after "use-spec-rewrite"
2019-02-22ssl: Enhance documentation after "use-spec-rewrite"Ingela Anderton Andin
2019-02-21Merge branch 'maint'Raimo Niskanen
* maint: Inline local function Optimize binary matching Clean up module boundaries Remove redundant return of CipherState Use iovec() internally in send path Small binary handling optimizations Optimize read_application_data with Okasaki queue Try to optimize decode_cipher_text/3 Optimize application data aggregation Optimize TLS record parsing with Okasaki queue Cache strong_random_bytes for IV Optimize padding Produce less garbage in encrypt loop Reorganize #data{} Tidy up state machine Add server GC info to bench results Conflicts: lib/ssl/src/ssl_cipher.erl lib/ssl/src/ssl_connection.erl lib/ssl/src/ssl_connection.hrl lib/ssl/src/ssl_logger.erl lib/ssl/src/ssl_record.erl lib/ssl/src/ssl_record.hrl lib/ssl/src/tls_connection.erl lib/ssl/src/tls_record.erl lib/ssl/src/tls_sender.erl
2019-02-18Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/src/dtls_connection.erl lib/ssl/src/ssl_connection.erl lib/ssl/src/ssl_connection.hrl lib/ssl/src/tls_connection.erl
2019-02-14Clean up module boundariesRaimo Niskanen
Improve the abstraction between the ssl_connection module and dtls_connection, tls_connection and tls_sender, as well as towards the lower level tls_record and ssl_record modules. Remove some dead code.
2019-02-13ssl: Use gen_statem named timers to handle connection and recv timeoutsIngela Anderton Andin
2019-02-08ssl: Move and rename diffie_hellman_keys and srp_keys to kex_keysIngela Anderton Andin
2019-02-08ssl: Move key_algorithm to handshake_envIngela Anderton Andin
2019-02-08ssl: srpIngela Anderton Andin
2019-02-08ssl: RenameIngela Anderton Andin
2019-02-08ssl: Move diffie_hellman_params to handshake_envIngela Anderton Andin
2019-02-08ssl: Move and rename psk_identity state record fieldIngela Anderton Andin
2019-02-08ssl: Move premaster_secret to handshake_envIngela Anderton Andin
2019-02-08ssl: Make flight_state DTLS specificIngela Anderton Andin
flight_state is used to handle retransmission timers for DTLS over udp
2019-02-08ssl: Add private_key to connection_envIngela Anderton Andin
2019-02-08ssl: Add erl_dist_handle to connection_envIngela Anderton Andin
2019-02-08ssl: Add negotiated_version to connection_envIngela Anderton Andin
2019-02-08ssl: Add key exchange items to handshake_envIngela Anderton Andin
2019-02-08ssl: Add hashsign_algorithm and cert_hashsign_algorithm to handshake_envIngela Anderton Andin
2019-02-08ssl: Add downgrade handling to connection_envIngela Anderton Andin
Remove duplicate handsake history handling form ssl_config function. Later we might refactor to avoid duplication in TLS and DTLS code, but handshake history does not belong in ssl_config function.
2019-02-08ssl: Create connection_envIngela Anderton Andin
2019-02-08ssl: Handle renegotiation and extensions in handshake_envIngela Anderton Andin
2019-02-05Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/doc/src/ssl.xml lib/ssl/src/ssl.erl lib/ssl/src/ssl_cipher_format.erl lib/ssl/src/tls_handshake.erl
2019-02-05ssl: Use specs to generate type documentationIngela Anderton Andin
2019-01-22Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/src/ssl_connection.erl lib/ssl/src/ssl_connection.hrl lib/ssl/src/tls_connection.erl
2019-01-22ssl: Create hs_envIngela Anderton Andin
We want to decrease the size of the outer state tuple, and gain ease of understanding by better grouping. This is the first step of creating a hs_env (handshake environment) part of the state. This change will be performed gradually to reduce merge conflicts complexity and risk of introducing errors.
2019-01-11ssl: Comment usage of 'state' in TLS 1.3Péter Dimitrov
Change-Id: I284faa415c97eb533df0a7e5777fe5d929010e56
2018-12-14Merge branch 'maint'Raimo Niskanen
Conflicts: lib/ssl/src/ssl_connection.hrl lib/ssl/src/tls_connection.erl
2018-12-14Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/src/dtls_connection.erl lib/ssl/src/ssl_connection.erl lib/ssl/src/ssl_connection.hrl lib/ssl/src/tls_connection.erl lib/ssl/src/tls_record.erl
2018-12-13Tighten dist app data receiveRaimo Niskanen
2018-12-13ssl: Fix downgradeIngela Anderton Andin
Both test case and code needed updates to work as intended. Code needed update due to new tls_sender process and the test case gave false positive reusult erarlier probably due to beeing to sloopy in order to avoid timeouts.
2018-12-12ssl: Add static_env recordIngela Anderton Andin
State values created at init
2018-11-16ssl: Implement the 'key_share' extensionPéter Dimitrov
Change-Id: Ie7409675dd7a35825f32822df259286bbb95fd62
2018-08-27ssl: Adopt distribution over TLS to use new sender processIngela Anderton Andin
2018-08-27ssl: Add new sender process for TLS state machineIngela Anderton Andin
Separate sending and receiving when using TCP as transport as prim_inet:send may block which in turn may result in a deadlock between two Erlang processes communicating over TLS, this is especially likely to happen when running Erlang distribution over TLS.
2018-08-23ssl: Correct dialyzer specsIngela Anderton Andin
2018-06-18Update copyright yearHenrik Nord
2018-04-26ssl: Proper handling of clients that choose to send an emptyIngela Anderton Andin
answer to a certificate request Solves ERL-599
2018-04-24ssl: Add new API functionsIngela Anderton Andin
2017-11-09ssl: Countermeasurements for Bleichenbacher attackIngela Anderton Andin
2017-05-04Update copyright yearRaimo Niskanen
2017-03-30dtls: Implement DTLS cookie secret generationIngela Anderton Andin
2016-12-07Update copyright-yearErlang/OTP
2016-12-05ssl: Implement DTLS state machineIngela Anderton Andin
Beta DTLS, not production ready. Only very basically tested, and not everything in the SPEC is implemented and some things are hard coded that should not be, so this implementation can not be consider secure. Refactor "TLS connection state" and socket handling, to facilitate DTLS implementation. Create dtls "listner" (multiplexor) process that spawns DTLS connection process handlers. Handle DTLS fragmentation. Framework for handling retransmissions. Replay Detection is not implemented yet. Alerts currently always handled as in TLS.
2016-09-28Merge branch 'ingela/ssl/ECC-selection-fix/OTP-13918' into maint-19Erlang/OTP
* ingela/ssl/ECC-selection-fix/OTP-13918: ssl: Correct ECC curve selection, the error could cause default to always be selected.
2016-09-28ssl: Correct ECC curve selection, the error could cause default to always be ↵Ingela Anderton Andin
selected.
2016-09-27ssl: Avoid event reorderingIngela Anderton Andin
Several handshake events may be received in the same TLS packet. Then there will be several events pushed to the gen_statems internal queue. New events already in the socket-buffer should not be processed if there are more unprocessed handshake events in next_event queue. We need to handle this in the next_record/1 function.