Age | Commit message (Collapse) | Author |
|
Record field types have been modified due to commit 8ce35b2:
"Take out automatic insertion of 'undefined' from typed record fields".
|
|
Soft upgrade test did not work as expected due to that the upgrade
frame work keeps the control of the test case process to itself,
so we need a proxy process to receive messages from ssl test framework.
|
|
We do not want ssl_soft_upgrade_SUITE to fail, but for now
we do not know the details of these changes so we use a general
fallback for now.
|
|
* ia/ssl/register-unique-session/OTP-12980:
ssl: Correct return value of default session callback module
|
|
|
|
Add possibility to downgrade an SSL/TLS connection to a tcp connection,
and give back the socket control to a user process.
Add application setting to be able to change fatal alert shutdown
timeout, also shorten the default timeout. The fatal alert timeout is
the number of milliseconds between sending of a fatal alert and
closing the connection. Waiting a little while improves the
peers chances to properly receiving the alert so it may
shutdown gracefully.
|
|
ssl_session_cache:select_session/2 returned [sesionid(), #session{}]
instead of #session{} as the API demands.
This was wrongly compensated for in the code in one place making it
look like everything was good. But the client check for unique session
would always fail, potentially making the client session table grow
a lot and causing long setup times.
|
|
|
|
|
|
* ia/ssl/unknown-hash/OTP-12829:
ssl: Add unassigned values
ssl: Do not crash on proprietary hash_sign algorithms
|
|
* ferd/deny-client-renegotiation:
Add disable client-initiated renegotiation option
Conflicts:
lib/ssl/doc/src/ssl.xml
lib/ssl/src/ssl.erl
OTP-12815
|
|
|
|
TLS hash_sign algorithms may have proprietary values see
http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
We should add callbacks to let applications handle them.
But for now we do not want to crash if they are present and
let other algorithms be negotiated.
|
|
|
|
Client-initiated renegotiation is more costly for the server than the
client, and this feature can be abused in denial of service attempts.
Although the ssl application already takes counter-measure for these
(via cooldown periods between renegotiations), it can be useful to
disable the feature entirely.
This patch adds the `{client_renegotiation, boolean()}' option to the
server-side of the SSL application (defaulting to `true' to be
compatible with the current behaviour).
The option disables the ability to do any renegotiation at all in the
protocol's state, reusing the existing denial code, but without opening
the code path that sets up a timed message to eventually reopen it up.
|
|
* tombriden/handle_ssl_error:
TLS Dist: Handle ssl_error and close ssl socket
OTP-12799
|
|
Conflicts:
OTP_VERSION
lib/inets/test/httpd_SUITE.erl
lib/inets/vsn.mk
lib/ssh/src/ssh.erl
lib/ssh/vsn.mk
lib/ssl/src/ssl.appup.src
lib/ssl/vsn.mk
|
|
|
|
alert records needs to be thrown from
ssl_handshake:premaster_secret/[2/3] so that operations will end up in
the catch clause of the invokation of certify_client_key_exchange/3 in
ssl_connection.erl, and hence terminate gracefully and not continue to try
and calculate the master secret with invalid inputs and crash.
|
|
Dialyzer warned about the incorrect match of Packets. Code
was refactored and the problem avoided in the process.
Dialyzer warned that the empty tuple is not a function as the contract
said it should be. Changed the handling of the sni_fun default value to be
undefined and added it to the contract.
|
|
The newly added function sni_fun allows dynamic update of SSL options
like keys and certificates depending on different SNI hostname, rather
than a predefined rules of SSL options.
|
|
This commit adds a new function, ssl:connection_information/[1,2]
to retrive the connection information from a SSLSocket.
And also, this deprecates a function ssl:connection_info/1, and
reimplements connection_info/1 with the new function.
|
|
|
|
|
|
In some instances, restarting a node causes a fatal SSL error on
the other nodes which isn't handled leaving the socket open. Eventually
the nodes will net tick timeout but the node being restarted never
comes back to life
By handling the fatal error and closing the socket, the restarting
node can restart successfully even when the ssl error occurs
|
|
pre TLS 1.2 server should ignore the signature_algorithms extension.
The server code would attempt to select the signature/hash algorithm
even when using TLS 1.0 or 1.1. Instead it should simply use the default
algorithm on those versions.
|
|
|
|
4e0a5e36b38e3f15ed8f7d700d26f2424a47111c
|
|
|
|
This commit adds support for RFC7301, application-layer protocol
negotiation. ALPN is the standard based approach to the NPN
extension, and is required for HTTP/2.
ALPN lives side by side with NPN and provides an equivalent
feature but in this case it is the server that decides what
protocol to use, not the client.
When both ALPN and NPN are sent by a client, and the server is
configured with both ALPN and NPN options, ALPN will always
take precedence. This behavior can also be found in the OpenSSL
implementation of ALPN.
ALPN and NPN share the ssl:negotiated_protocol/1 function for
retrieving the negotiated protocol. The previously existing
function ssl:negotiated_next_protocol/1 still exists, but has
been deprecated and removed from the documentation.
The tests against OpenSSL require OpenSSL version 1.0.2+.
|
|
|
|
|
|
|
|
Conflicts:
lib/ssl/src/ssl_cipher.erl
lib/ssl/test/ssl_basic_SUITE.erl
|
|
|
|
Correct mistake
|
|
|
|
|
|
For comparison with file time stamps os:timestamp makes more sense
and is present in 17 as well as 18.
|
|
Conflicts:
lib/ssl/doc/src/ssl_app.xml
lib/ssl/src/ssl_manager.erl
|
|
The PEM cache is now validated by a background process, instead of
always keeping it if it is small enough and clearing it otherwhiss.
That strategy required that small caches where cleared by API function
if a file changes on disk.
However document the clearing API function as it can still be usefull.
|
|
|
|
A selfsigned trusted anchor should not be in the certifcate chain passed to
the certificate path validation.
Conflicts:
lib/ssl/src/ssl_certificate.erl
|
|
|
|
disable option
|
|
|
|
disable option
Conflicts:
lib/ssl/src/ssl_cipher.erl
lib/ssl/src/ssl_record.erl
lib/ssl/src/tls_record.erl
lib/ssl/test/ssl_cipher_SUITE.erl
|
|
|
|
|
|
|