aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl_record.hrl
AgeCommit message (Collapse)Author
2019-02-21Merge branch 'maint'Raimo Niskanen
* maint: Inline local function Optimize binary matching Clean up module boundaries Remove redundant return of CipherState Use iovec() internally in send path Small binary handling optimizations Optimize read_application_data with Okasaki queue Try to optimize decode_cipher_text/3 Optimize application data aggregation Optimize TLS record parsing with Okasaki queue Cache strong_random_bytes for IV Optimize padding Produce less garbage in encrypt loop Reorganize #data{} Tidy up state machine Add server GC info to bench results Conflicts: lib/ssl/src/ssl_cipher.erl lib/ssl/src/ssl_connection.erl lib/ssl/src/ssl_connection.hrl lib/ssl/src/ssl_logger.erl lib/ssl/src/ssl_record.erl lib/ssl/src/ssl_record.hrl lib/ssl/src/tls_connection.erl lib/ssl/src/tls_record.erl lib/ssl/src/tls_sender.erl
2019-02-13Optimize TLS record parsing with Okasaki queueRaimo Niskanen
2018-10-24ssl: TLS-1.3 TLS record protocol handlingIngela Anderton Andin
2018-07-27Change "can not" into "cannot"Raimo Niskanen
I did not find any legitimate use of "can not", however skipped changing e.g RFCs archived in the source tree.
2016-09-05ssl: Refactor to use maps for the connection statesIngela Anderton Andin
2016-06-13dtls: add implementation for msg sequenceAndreas Schultz
Conflicts: lib/ssl/src/dtls_connection.erl lib/ssl/src/ssl_record.erl
2016-05-26ssl: Add BEAST mitigation selection optionKenneth Lakin
Some legacy TLS 1.0 software does not tolerate the 1/n-1 content split BEAST mitigation technique. This commit adds a beast_mitigation SSL option (defaulting to one_n_minus_one) to select or disable the BEAST mitigation technique. Valid option values are (one_n_minus_one | zero_n | disabled).
2016-03-15update copyright-yearHenrik Nord
2015-06-18Change license text to APLv2Bruce Yinhe
2014-09-03ssl: add draft-agl-tls-chacha20poly1305-04 Chacha20/Poly1305 SuitesAndreas Schultz
2014-09-03ssl: implement AES128-GCM suitesAndreas Schultz
2014-05-10ssl: fix max sequence number so it does not overflowDanil Zagoskin
The old value of 18446744073709552000 was calculated using math:pow which returns float therefore isn't precise. And it would overflow: erlang:integer_to_list(18446744073709552000, 16) = "10000000000000180" This patch changes MAX_SEQENCE_NUMBER to value calculated with bitwise shift: (1 bsl 64) - 1 = 18446744073709551615
2014-03-25ssl: Improve type specsIngela Anderton Andin
Conflicts: lib/ssl/src/dtls_record.erl
2013-09-10ssl: Refactor TLS/DTLS record handlingIngela Anderton Andin
2013-09-10ssl: DTLS record handlingIngela Anderton Andin
Also refactor so that TLS and DTLS can have common functions when possible.
2013-09-10ssl: Add DTLS record primitivesAndreas Schultz
This code is to 99 % written by Andreas Schultz only some small changes to start integrating with OTPs DTLS solution.
2013-06-04ssl: Structural perarparation to support DTLSIngela Anderton Andin
Also phase in tls module as main API instead of ssl. To make API clearer. As TLS is the new protocol name. Maybe keep some API functions in ssl
2012-08-22ssl: Fix PRF logicIngela Anderton Andin
2012-08-22ssl: make PRF function selectableAndreas Schultz
TLS 1.2 allows to negotiate the used PRF, additional the default PRF uses a different hash. This change make the PRF selectable and hardwires the PRF for TLS < 1.2
2012-08-22ssl: Consider TLS version when building cipher blocksAndreas Schultz
With TLS 1.2 the handling of the IV in cipher blocks changed. This prepares ssl_cipher:cipher/5 for that change by passing the TLS version into it and allowing generic_block_cipher_from_bin/4 to overload the IV.
2011-11-23Implementation of 1/n-1 splitting countermeasure Rizzo/Duong-BeastIngela Anderton Andin
The code is refactored and improved to make it easier to insert the 1/n-1 splitting countermeasure Rizzo/Duong-Beast that is really done in one function clause in ssl:record_split_bin/3
2010-05-11OTP-8568 RFC -5746Ingela Anderton Andin
New ssl now supports secure renegotiation as described by RFC 5746.
2010-03-25OTP-8517 RenegotiationIngela Anderton Andin
New ssl now properly handles ssl renegotiation, and initiates a renegotiation if ssl/ltls-sequence numbers comes close to the max value.
2009-11-20The R13B03 release.OTP_R13B03Erlang/OTP