aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src
AgeCommit message (Collapse)Author
2019-01-17ssl: Correct 3des_ede_cbc checkIngela Anderton Andin
Could cause ssl to claim to support 3des_ede_cbc when cryptolib does not
2019-01-14ssl: Add value 'save' to reuse_sessions and reuse_session client optionIngela Anderton Andin
We want to be able to save a specific session to reuse, and make sure it is reusable immediatly when the connection has been established. Add client option {reuse_session, SessionID::binary()} We also do not want clients to save sessions that it did not verify. Additionaly change behaviour of the client and server to not save sessions if reuse_session is set to false.
2019-01-14ssl: Client shall only save verified sessionsIngela Anderton Andin
Modernize test case option handling
2019-01-14ssl: Modernize test suiteIngela Anderton Andin
2019-01-08Merge branch 'peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477' into maintPéter Dimitrov
* peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477: ssl: Fix encoding/decoding of the SRP extension Change-Id: Iee3276a60041a2c04c89385b2de2edb1cd81babd
2019-01-08Merge pull request #2070 from essen/fix-ssl-shutdown-crashIngela Andin
ssl: Fix two invalid gen_statem returns OTP-15505
2019-01-08ssl: Fix encoding/decoding of the SRP extensionPéter Dimitrov
The encoded value of the SRP extension length was bigger than the actual length of the extension. This could cause interoperability problems with third party SSL implementations. This commit corrects the encoding and decoding of the SRP extension length. Change-Id: I78d118faab7f5d02b755a7d1e2e8561b86f5a15c
2019-01-08Merge pull request #2076 from IngelaAndin/ingela/ssl/active-once/ERL-371Ingela Andin
ssl: Guarantee active once data delivery OTP-15504
2018-12-27ssl: Gurantee active once data deliveryIngela Anderton Andin
New internal active N changed timing, and new check is needed.
2018-12-22ssl: Fix two invalid gen_statem returnsLoïc Hoguin
2018-12-21ssl: Clean up extension handlingIngela Anderton Andin
Use throw stratgy for erro handling in extension handling. Makes code consistent and easier to refactor. Also fixes bug that an incorrect return value for gen_statem could be created when alert was a result of handling renegotiation info extension.
2018-12-20ssl: Fix renegotiation with new TLS senderIngela Anderton Andin
Wtite connection state was not synchronized when peer initiated renegotiation
2018-12-20ssl: Remove no longer needed functionsIngela Anderton Andin
As the stop wrapper functions are no longer needed after tls_sender that altered the behaviour of the TLS distribution code.
2018-12-20ssl: Fix downgradeIngela Anderton Andin
Both test case and code needed updates to work as intended. Code needed update due to new tls_sender process and the test case gave false positive reusult erarlier probably due to beeing to sloopy in order to avoid timeouts.
2018-12-20ssl: Remove checks and conversions not neededIngela Anderton Andin
2018-12-20ssl: Use binary:copy/2 to avoid list overheadIngela Anderton Andin
2018-12-20ssl: Remove unnecessary internal eventIngela Anderton Andin
2018-12-20ssl: Clean codeIngela Anderton Andin
Rename Connection:handle_common_event Connection:handle_protocol_record removing use of unnecessary argument and making code easier to understand.
2018-12-20ssl: Add static_env recordIngela Anderton Andin
State values created at init
2018-12-19ssl: Fix renegotiation with new TLS senderIngela Anderton Andin
Wtite connection state was not synchronized when peer initiated renegotiation
2018-12-13Tighten dist app data receiveRaimo Niskanen
2018-12-13ssl: Remove no longer needed functionsIngela Anderton Andin
As the stop wrapper functions are no longer needed after tls_sender that altered the behaviour of the TLS distribution code.
2018-12-13ssl: Fix downgradeIngela Anderton Andin
Both test case and code needed updates to work as intended. Code needed update due to new tls_sender process and the test case gave false positive reusult erarlier probably due to beeing to sloopy in order to avoid timeouts.
2018-12-12ssl: Remove checks and conversions not neededIngela Anderton Andin
2018-12-12ssl: Use binary:copy/2 to avoid list overheadIngela Anderton Andin
2018-12-12ssl: Remove unnecessary internal eventIngela Anderton Andin
2018-12-12ssl: Clean codeIngela Anderton Andin
Rename Connection:handle_common_event Connection:handle_protocol_record removing use of unnecessary argument and making code easier to understand.
2018-12-12ssl: Add static_env recordIngela Anderton Andin
State values created at init
2018-12-04Merge branch 'raimo/ssl/tls_dist-optimization' into maintRaimo Niskanen
* raimo/ssl/tls_dist-optimization: Handle socket close in state downgrade Handle dead sender at terminate Handle tls_sender exit properly Optimize split_bin Improve dist send throughput
2018-12-04Handle socket close in state downgradeRaimo Niskanen
2018-12-03ssl: Fix error handling in function passive_receiveIngela Anderton Andin
Also avoid code duplication Conflicts: lib/ssl/src/dtls_connection.erl lib/ssl/src/tls_connection.erl
2018-12-03ssl: Correct ssl:shutdownIngela Anderton Andin
When internaly using active N, bugs in shutdown implementation where reveled.
2018-12-03ssl: Internaly use {active, N}Ingela Anderton Andin
Make next_record an internal help function to next_event and avoid duplicate calls to tls_socket:setopts for setting the active option.
2018-11-30Handle dead sender at terminateRaimo Niskanen
2018-11-30Handle tls_sender exit properlyRaimo Niskanen
2018-11-23Optimize split_binRaimo Niskanen
2018-11-23Improve dist send throughputRaimo Niskanen
2018-11-12Merge branch 'ingela/ssl/rsa-kex-engine/ERIERL-268/OTP-15420' into maintIngela Anderton Andin
* ingela/ssl/rsa-kex-engine/ERIERL-268/OTP-15420: ssl: Add engine handling clause to RSA key exchange
2018-11-09ssl: Add engine handling clause to RSA key exchangeIngela Anderton Andin
2018-11-07ssl: Correct gen_statem return valueIngela Anderton Andin
Could cause renegotiation to fail
2018-11-05ssl: controlling_process should be allowed on transpor_accept sockets alongIngela Anderton Andin
with handshake Fix of commit 68d9244ae33e5eea36250c3bb9ffe046a4db5647
2018-11-02ssl: Correct filter functionIngela Anderton Andin
2018-11-02Merge branch 'ingela/ssl/deliver-all-data-at-close/ERL-731/OTP-15412' into maintIngela Anderton Andin
* ingela/ssl/deliver-all-data-at-close/ERL-731/OTP-15412: ssl: Extend check for undelivered data at closing
2018-11-02ssl: Extend check for undelivered data at closingIngela Anderton Andin
This is a timing related bug that alas is hard to test
2018-11-01ssl: Return error to user that tries to use a "transport accepted" socket forIngela Anderton Andin
other purposes than handshaking
2018-11-01Merge pull request #1990 from max-au/ssl_pem_cache_timezone_fixIngela Andin
ssl: fix timezone-related bug in ssl_pem_cache OTP-15402
2018-10-29Merge pull request #1983 from binaryseed/bug-default-address_please/OTP-15388Lukas Larsson
Fix the default implementation of address_please
2018-10-26ssl: fix timezone-related bug in ssl_pem_cacheMaxim Fedorov
Caught with unit test in ssl_pem_cache_SUITE. When local timezone is PST (Pacific Standard Time), PEM cache was not evicting expired entries due to file time converstion was done using calendar:now_to_datetime, while file modification time is actually in local time. Use os:system_time() to align with file_info modified time.
2018-10-23ssl: Correct length to be used in additional data in CHACHA20_POLY1305 cipherIngela Anderton Andin
2018-10-19ssl: Refactor AEAD ciphersIngela Anderton Andin
TLS-1.3 needs to handle AEAD inputs diffrently than previous versions. Refactor code to facilitate TLS-1.3 additions. Change CHACHA20_POLY1305 NONCE to match RFC 7905. This will be important later when we fix interop with TLS compatible crypto invocation.