aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src
AgeCommit message (Collapse)Author
2013-12-02ssl: Refactor premaster secret handlingIngela Anderton Andin
2013-12-02ssl: Refactor connection and handshake handlingIngela Anderton Andin
2013-12-02ssl: Refactor handshake and record handlingIngela Anderton Andin
2013-11-06Add a new server_name_indication option to ssl:connectJulien Barbot
- Set to disable to explicitly disable SNI support. - Set to a hostname when upgrading from TCP to TLS.
2013-11-06Add SSL Server Name Indication (SNI) client supportJulien Barbot
See RFC 6066 section 3
2013-10-31Remove extraneous dev debug code left in the close function.Ken Key
We do not need a traceback on every close in inet_tls_dist and this breaks using nodetool in control scripts on SSL clustered nodes
2013-10-14ssl: Fix dialyzer specIngela Anderton Andin
2013-10-14ssl: Honor TLS client ECC extensionIngela Anderton Andin
Also the server should only send ECC point formats extension not ECC curve extension.
2013-09-10ssl: Prepare for releaseIngela Anderton Andin
2013-09-10ssl: Refactor TLS/DTLS record handlingIngela Anderton Andin
2013-09-10ssl: Dialyzer fixesIngela Anderton Andin
2013-09-10ssl: Solve rebase issuesIngela Anderton Andin
2013-09-10ssl: DTLS record handlingIngela Anderton Andin
Also refactor so that TLS and DTLS can have common functions when possible.
2013-09-10ssl: Add DTLS record primitivesAndreas Schultz
This code is to 99 % written by Andreas Schultz only some small changes to start integrating with OTPs DTLS solution.
2013-09-10ssl: Refactor to provide common handshake functions for TLS/DTLSIngela Anderton Andin
Common functions will be located in ssl_handshake.erl while specific functions will be located in tls_handshake.erl and dtls_handshake.erl
2013-09-10ssl: Add DTLS handshake primitivs.Andreas Schultz
This code is to 99 % written by Andreas Schultz only some small changes to start integrating with OTPs DTLS solution.
2013-09-02ssl: Do not advertise support for algorithms not supported by cryptoIngela Anderton Andin
2013-09-02ssl: Skip second length indicator in EC extensionsIngela Anderton Andin
We have no need to care about the value of this length indicator so we do not need to match it or verify it, it is unnecessary work.
2013-09-02ssl: Handle signature_algorithm field in digitally_signed properlyIngela Anderton Andin
with proper defaults Added ssl_ECC_SUITE
2013-08-28ssl: Make the ssl manager name for erlang distribution over SSL/TLSIngela Anderton Andin
relative to the module name of the ssl_manager. This can be beneficial when making tools that rename modules for internal processing in the tool.
2013-08-23Merge branch 'maint-r16' into maintFredrik Gustafsson
2013-08-23Merge branch 'maint-r15' into maint-r16Fredrik Gustafsson
Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/http_lib/http_transport.erl lib/inets/src/inets_app/inets.appup.src lib/inets/vsn.mk lib/ssl/doc/src/notes.xml lib/ssl/src/ssl.appup.src lib/ssl/src/ssl.erl lib/ssl/src/ssl_internal.hrl lib/ssl/src/tls_connection.erl lib/ssl/vsn.mk
2013-08-21[inets, ssl]: make log_alert configurable as option in ssl, SSLLogLevel ↵Fredrik Gustafsson
added as option to inets conf file
2013-08-12Merge branch 'ia/ssl/header-bug/OTP-11230' into maintIngela Anderton Andin
* ia/ssl/header-bug/OTP-11230: ssl: Revert faulty header option fix
2013-08-08ssl: Revert faulty header option fixIngela Anderton Andin
The code was changed in the belife that it made it inet compatible. However the testing is a bit hairy as the inet option is acctualy broken, now the tests are corrected and the header option should work in the same broken way as inet again, preferably use the bitsyntax instead.
2013-08-07ssl: Setopts during renegotiation caused the renegotiation to be unsuccessful.Ingela Anderton Andin
If calling setopts during a renegotiation the FSM state might change during the handling of the setopts messages, this is now handled correctly.
2013-06-10Merge branch 'ia/public_key/crypto/prepare-for-release' into maintIngela Anderton Andin
* ia/public_key/crypto/prepare-for-release: public_key & ssl: Add ASN-1 dependency crypto & public_key: prepare for release
2013-06-10Merge branch 'ia/ssl/public_key/warnings' into maintIngela Anderton Andin
* ia/ssl/public_key/warnings: ssl: Correct rebase mistakes
2013-06-07public_key & ssl: Add ASN-1 dependencyIngela Anderton Andin
As the ASN-1 application relies on a nif in R16 for decodeing (that was not the case in R15), public_key currently has a runtime dependency on ASN-1. Hopefully we will be able to remove this dependency again in the future.
2013-06-07ssl: Fix dialyzer warningsIngela Anderton Andin
2013-06-07ssl: Correct rebase mistakesIngela Anderton Andin
2013-06-05ssl: Prepare for releaseIngela Anderton Andin
2013-06-04ssl: Structural perarparation to support DTLSIngela Anderton Andin
Also phase in tls module as main API instead of ssl. To make API clearer. As TLS is the new protocol name. Maybe keep some API functions in ssl
2013-06-04ssl: Rename ssl_certificate_db to ssl_pkix_db for clarityIngela Anderton Andin
Conflicts: lib/ssl/src/ssl.app.src lib/ssl/src/ssl_manager.erl
2013-05-28ssl: Do not advertise EC ciphers if crypto support is insufficientIngela Anderton Andin
2013-05-24ssl: Remove unused `srp_parameters` type specKlaus Trainer
As the file 'lib/ssl/src/ssl_srp_primes.hrl' only contains a specification of a `srp_parameters` type that isn't exported and also isn't referenced anywhere (neither in the code nor in the documentation), the type specification (and hence the file as well) can be removed.
2013-05-20ssl, public_key, crypto: crypto:algorithms/0 -> crypto:supports/0Ingela Anderton Andin
2013-05-20ssl: Remove use of deprecated crypto functionsIngela Anderton Andin
2013-05-08ssl: Fix dialyzer specIngela Anderton Andin
2013-05-08ssl: Only send ECC-hello extension if ECC-cipher suites are advertisedIngela Anderton Andin
2013-05-08ssl & public_key: Use standard nameIngela Anderton Andin
2013-05-08ssl & crypto: Generalize the remaining crypto APIIngela Anderton Andin
2013-05-08ssl & public_key: Use new crypto API functionsIngela Anderton Andin
2013-05-08crypto: Deprecate functions, update doc and specsIngela Anderton Andin
2013-05-08ssl: Fix Curve selectionIngela Anderton Andin
2013-05-08ssl, crypto: Eliminate remaining mpint and EC resource key from APIIngela Anderton Andin
2013-05-08ssl, public_key, crypto: General generate_key and compute_key functionsIngela Anderton Andin
2013-05-08ssl: Improve extention handlingIngela Anderton Andin
2013-05-08ssl & public_key: API refinementIngela Anderton Andin
Change API so public_key:generate_key/compute_key are only called with "public_key arguments" otherwhise crypto functions can be called explicitly.
2013-05-08ssl: Remove dependency on internal public_key functionIngela Anderton Andin
Avoid unneccessary conversion as the input format is an oid (according to ASN1 spec) we do not need to handle it as an atom in ssl.