Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-01-23 | ssl: Reenable padding check for TLS-1.0 and provide backwards compatible | Ingela Anderton Andin | |
disable option | |||
2014-09-10 | ssl: Prepare for release - soft upgrade | Ingela Anderton Andin | |
2014-06-11 | ssl: Make sure change cipher spec is correctly handled | Ingela Anderton Andin | |
2014-06-03 | ssl: Workaround that gen_fsm does not call CB:format_status when CB:terminate | Ingela Anderton Andin | |
crashes. | |||
2014-05-27 | ssl: Add format_status function to ssl connection process | Ingela Anderton Andin | |
2014-05-26 | ssl: Add ssl options to listen options tracker | Ingela Anderton Andin | |
2014-05-26 | ssl: Move init | Ingela Anderton Andin | |
2014-04-30 | ssl: Add checks to avoid processing of illegal alerts | Ingela Anderton Andin | |
2014-04-23 | ssl: Fix crash on garbage during handshake | Danil Zagoskin | |
If a client sends some garbage in ssl record instead of valid fragment, server crashes with function_clause while receiving next record from client. This patch makes server raise handshake failure instead of crashing and exposing internal state to user code. | |||
2014-04-23 | ssl: always pass negotiated version when selecting hashsign | Danil Zagoskin | |
Negotiated version is now always passed to ssl_handshake:select_hashsign because ssl_handshake:select_cert_hashsign has different rsa defaults on tlsv1.2 and older versions. | |||
2014-04-17 | ssl: Graceful handling of warning alerts | Ingela Anderton Andin | |
Generalize last warning alert function clause | |||
2014-01-14 | ssl: fix elliptic curve selection in server mode | Andreas Schultz | |
The server code erroneously took the list of curves supported by the client from it's own hello extension, effectively breaking curve selection all together. Also the default fallback secp256k1 curve is not supported by all clients. secp256r1 is recommended as part of the NIST Suite B cryptographic suites. The chances are much better that all clients support it, so use that as fallback. | |||
2013-12-02 | ssl: Trap exits | Ingela Anderton Andin | |
2013-12-02 | ssl: Refactor connetion handling | Ingela Anderton Andin | |
2013-12-02 | ssl: API and supervisor | Ingela Anderton Andin | |
2013-12-02 | ssl: Dialyzer fixes | Ingela Anderton Andin | |
2013-12-02 | ssl: Refactor API | Ingela Anderton Andin | |
New design : ssl - Main tls - Reflect tls specific semantics dtls - Reflect dtls specific semantics | |||
2013-12-02 | ssl: Refactor connection and handshake handling | Ingela Anderton Andin | |
2013-10-14 | ssl: Honor TLS client ECC extension | Ingela Anderton Andin | |
Also the server should only send ECC point formats extension not ECC curve extension. | |||
2013-09-10 | ssl: Refactor TLS/DTLS record handling | Ingela Anderton Andin | |
2013-09-10 | ssl: Solve rebase issues | Ingela Anderton Andin | |
2013-09-10 | ssl: Refactor to provide common handshake functions for TLS/DTLS | Ingela Anderton Andin | |
Common functions will be located in ssl_handshake.erl while specific functions will be located in tls_handshake.erl and dtls_handshake.erl | |||
2013-09-02 | ssl: Handle signature_algorithm field in digitally_signed properly | Ingela Anderton Andin | |
with proper defaults Added ssl_ECC_SUITE | |||
2013-08-28 | ssl: Make the ssl manager name for erlang distribution over SSL/TLS | Ingela Anderton Andin | |
relative to the module name of the ssl_manager. This can be beneficial when making tools that rename modules for internal processing in the tool. | |||
2013-08-23 | Merge branch 'maint-r16' into maint | Fredrik Gustafsson | |
2013-08-23 | Merge branch 'maint-r15' into maint-r16 | Fredrik Gustafsson | |
Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/http_lib/http_transport.erl lib/inets/src/inets_app/inets.appup.src lib/inets/vsn.mk lib/ssl/doc/src/notes.xml lib/ssl/src/ssl.appup.src lib/ssl/src/ssl.erl lib/ssl/src/ssl_internal.hrl lib/ssl/src/tls_connection.erl lib/ssl/vsn.mk | |||
2013-08-12 | Merge branch 'ia/ssl/header-bug/OTP-11230' into maint | Ingela Anderton Andin | |
* ia/ssl/header-bug/OTP-11230: ssl: Revert faulty header option fix | |||
2013-08-08 | ssl: Revert faulty header option fix | Ingela Anderton Andin | |
The code was changed in the belife that it made it inet compatible. However the testing is a bit hairy as the inet option is acctualy broken, now the tests are corrected and the header option should work in the same broken way as inet again, preferably use the bitsyntax instead. | |||
2013-08-07 | ssl: Setopts during renegotiation caused the renegotiation to be unsuccessful. | Ingela Anderton Andin | |
If calling setopts during a renegotiation the FSM state might change during the handling of the setopts messages, this is now handled correctly. | |||
2013-06-07 | ssl: Correct rebase mistakes | Ingela Anderton Andin | |
2013-06-04 | ssl: Structural perarparation to support DTLS | Ingela Anderton Andin | |
Also phase in tls module as main API instead of ssl. To make API clearer. As TLS is the new protocol name. Maybe keep some API functions in ssl |