aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src
AgeCommit message (Collapse)Author
2012-08-22ssl: Enable TLS 1.2Andreas Schultz
2012-08-22ssl: Enable mac_hash for TLS 1.2Andreas Schultz
2012-08-22ssl: Implement TLS 1.2 signature supportAndreas Schultz
2012-08-22ssl: Make signature handling version dependantAndreas Schultz
TLS 1.2 introduces changes on how signatures are calculate and encoded. This makes the signature handling version aware
2012-08-22ssl: Fix PRF logicIngela Anderton Andin
2012-08-22ssl: Add TLS 1.2 cipher suitesAndreas Schultz
2012-08-22ssl: Implement and activate PRFs for TLS 1.1 and 1.2Andreas Schultz
2012-08-22ssl: make PRF function selectableAndreas Schultz
TLS 1.2 allows to negotiate the used PRF, additional the default PRF uses a different hash. This change make the PRF selectable and hardwires the PRF for TLS < 1.2
2012-08-22ssl: Add TLS version paramter to verify_dh_paramsAndreas Schultz
dh parameter verification is done differently with TLS 1.2. Prepare for that by passing the verion to verify_dh_params.
2012-08-22ssl: Add TLS version to dec_hs/2Andreas Schultz
TLS 1.2 changes the layout of several handshake records. This adds the TLS version to dec_hs/2 so it can decode those.
2012-08-22ssl: Add TLS version to ssl_handshake:key_exchange/3Andreas Schultz
TLS 1.2 changed the way digital signatures are done. key_exchange/3 needs to pass the version to it.
2012-08-22ssl: Add TLS 1.2 block cipher IV handlingAndreas Schultz
2012-08-22ssl: Consider TLS version when building cipher blocksAndreas Schultz
With TLS 1.2 the handling of the IV in cipher blocks changed. This prepares ssl_cipher:cipher/5 for that change by passing the TLS version into it and allowing generic_block_cipher_from_bin/4 to overload the IV.
2012-08-22ssl: Calculate handshake hash only when neededAndreas Schultz
TLS/SSL version before 1.2 always used a MD5/SHA combination for the handshake hashes. With TLS 1.2 the default hash is SHA256 and it is possible to negotiate a different hash. This change delays the calculation of the handshake hashes until they are really needed. At that point the hash to use should be known. For now MD5/SHA is still hard coded.
2012-06-20Merge branch 'ia/ssl/recv-bug/OTP-10118' into maintIngela Anderton Andin
* ia/ssl/recv-bug/OTP-10118: ssl: Fix bug in the handling of remote connection closure of {active,false} ssl sockets.
2012-06-19ssl: Fix pem cache bugIngela Anderton Andin
A general case clause was put before a less general so that the less general case would never match.
2012-06-15ssl: Fix bug in the handling of remote connection closure of {active,false} ↵Ingela Anderton Andin
ssl sockets.
2012-06-13Merge branch 'ia/ssl/bottlenecks/OTP-10113' into maintIngela Anderton Andin
* ia/ssl/bottlenecks/OTP-10113: ssl: Test case fixes ssl: Avoid second bottleneck in supervisor ssl: File handling optimization ssl: Simpler PEM cache ssl: Refactored for readability ssl: Use md5 as file ref id instead of filenames ssl: Move ets:select bottleneck in server ssl: Renegotiate updates session id in gen_fsm state ssl: Use ordered_set in cache ssl: Move and avoid ets:select bottleneck in client ssl: Reuse session check optimization ssl: Avoid supervior bottleneck
2012-06-08ssl: Avoid second bottleneck in supervisorIngela Anderton Andin
Do proc_lib:spawn_link instead of proc_lib:start_link as synchronized init is not used/needed anyway.
2012-06-08ssl: File handling optimizationIngela Anderton Andin
Avoid cach validation with file:file_info/2 as this i too expensive and causes a bottleneck in the file server. Instead we expose a new API function ssl:clear_pem_cache/0 to deal with the problem. As we think it will be of occasional use and the normal case is that the cache will be valid we think it is the right thing to do. Convert file paths to binary representation in the ssl API module to avoid uncessarry calls in file later on. Also add sanity checks for openssl versions in testsuite due to new openssl bugs.
2012-06-08ssl: Simpler PEM cacheIngela Anderton Andin
2012-06-08ssl: Refactored for readabilityIngela Anderton Andin
Instance of state variable that are "updated" in a function is called for example State0 and the last instance, that should be returned, is called State possible intermidiat versions are suffixed by increasing numbers. State0 may be rturned in error cases. Avoid nesting case statments.
2012-06-08ssl: Use md5 as file ref id instead of filenamesDan Gudmundsson
Aviods storing a lot of data
2012-06-08ssl: Move ets:select bottleneck in serverDan Gudmundsson
Only use ssl_manager for selecting new ids to guarantee uniqueness, but reuse check does not need to be performed by the manager.
2012-06-08ssl: Renegotiate updates session id in gen_fsm stateIngela Anderton Andin
The session id keept in the connection processes state must be updated to be the id selected by ssl_handshake:client_hello, failing to do so will cause a crash if the session is not reused.
2012-06-08ssl: Use ordered_set in cacheDan Gudmundsson
So we can use partial bound keys for matching
2012-06-08ssl: Move and avoid ets:select bottleneck in clientIngela Anderton Andin
Do not use ssl_manager process for selecting an id. It's unnecessary to involve the manager process at all on the client side.
2012-06-08ssl: Reuse session check optimizationIngela Anderton Andin
2012-06-08ssl: Avoid supervior bottleneckIngela Anderton Andin
This is done by using proc_lib and gen_fsm:enter_loop so that supervisor will not have to wait for the relative long initialization of an ssl connection process before starting another connection process.
2012-06-05Update to work with whitespace in exec pathLukas Larsson
OTP-10106 OTP-10107
2012-04-27ssl: Fix parallel make for behavioursBjörn-Egil Dahlberg
2012-03-30Update copyright yearsBjörn-Egil Dahlberg
2012-03-27Corrected dialyzer specs and exported some dialyzer specsIngela Anderton Andin
2012-03-26Merge branch 'as/ssl-tls-prf-function' into maintGustav Simonsson
* as/ssl-tls-prf-function: Some protocols (e.g. EAP-PEAP, EAP-TLS, EAP-TTLS) that use TLS as transport layer need to generate additional application specific key material One way to generate such material is to use the TLS PRF and key material from the TLS session itself OTP-10024
2012-03-21Prepare for releaseIngela Anderton Andin
Distribution fixes so no need to soft upgrade.
2012-03-05Some protocols (e.g. EAP-PEAP, EAP-TLS, EAP-TTLS) that use TLS asAndreas Schultz
transport layer need to generate additional application specific key material. One way to generate such material is to use the TLS PRF and key material from the TLS session itself. This change makes it possible to use a TLS sessions PRF either with the session internal or caller supplied key material to generate additional key material.
2012-02-14Merge branch 'pg/fix-ssl_tls_dist_proxy-setup-loop' into maintHenrik Nord
* pg/fix-ssl_tls_dist_proxy-setup-loop: Fix setup loop of SSL TLS dist proxy OTP-9915 OTP-9916
2012-02-14Merge branch 'pg/ssl_dist-fixes' into maintHenrik Nord
* pg/ssl_dist-fixes: Robustness and improvement to distribution over SSL
2012-02-14Robustness and improvement to distribution over SSLPaul Guyot
Fix a bug where the caller would timeout and ssl_tls_dist_proxy would crash. Fix a bug where a timeout from the SSL layer would block the distribution forever (typically when a non-SSL node tries to connect to an SSL node). Add this very case as a test (test_server tries to connect to SSL nodes). Run the proxy exclusively on the loopback interface.
2012-02-08User defined verify_fun is now called correctlyIngela Anderton Andin
Background from erlang-questions: > We use this test suite to verify our PKIX-path-validation code, > granted we do not yet support CRL-handling but that is on its > way. Our verify_fun will let you work around the problem that it > is not yet supported. (Not so fun for you perhaps but a possible > solution for now). this is unfortunately not the case since for versions that contain commit 4dbf3c9e4ae7cfd19b247353369166d31b8f15e5 (it is in R14B04 and R15B) the documented behaviour (verify_fun will be called for every certificate) is broken: the verify_fun will only be called, if the certificate contains unknown extensions. it is therefore not useful as a CRL workaround (anymore). best regards Stefan Grundmann
2012-01-29Fix setup loop of SSL TLS dist proxyPaul Guyot
The proxy socket or the SSL socket can be closed during the setup phase. In such situations, the proxy processes must exit nicely, to avoid any leak of processes waiting forever for data from closed sockets.
2011-12-09Update copyright yearsBjörn-Egil Dahlberg
2011-12-07Merge branch 'ia/ssl/session/cleanup-test'Ingela Anderton Andin
* ia/ssl/session/cleanup-test: Improve ssl session cleanup test
2011-12-06Improve ssl session cleanup testIngela Anderton Andin
Check last delay timer for both client and server side to avoide timing issues.
2011-12-05Fix typos in ssl_cipher.erlTuncer Ayaz
2011-12-05Merge branch 'ia/ssl/dialyzer-R15'Ingela Anderton Andin
* ia/ssl/dialyzer-R15: Callback specs now handled by -callback directive in the behaviour module.
2011-12-05Do not do the 1/n-1 split for RC4 as it is not vulnerable to the ↵Ingela Anderton Andin
Rizzo/Duong-Beast attack.
2011-12-01Callback specs now handled by -callback directive in the behaviour module.Ingela Anderton Andin
2011-11-28If a passive receive was ongoing during a renegotiation the processIngela Anderton Andin
evaluating ssl:recv could be left hanging for ever.
2011-11-28Send ssl_closed notification to active ssl user when a tcp error occursIngela Anderton Andin