Age | Commit message (Collapse) | Author | |
---|---|---|---|
2018-03-16 | Merge branch 'maint' | Ingela Anderton Andin | |
* maint: Updated OTP version Update release notes ssl: Prepare for release ssl: Remove duplicate release note ssl: Fix filter function to not discard AEAD cipher suites Conflicts: OTP_VERSION | |||
2018-03-15 | ssl: Prepare for release | Ingela Anderton Andin | |
2018-03-15 | ssl: Fix filter function to not discard AEAD cipher suites | Ingela Anderton Andin | |
2018-03-14 | Merge branch 'ingela/ssl/no-sslv2-hello-support/OTP-14824' | Ingela Anderton Andin | |
* ingela/ssl/no-sslv2-hello-support/OTP-14824: ssl: Remove interoperability option v2_hello_compatible | |||
2018-03-13 | Merge branch 'hasse/dialyzer/extra-range/OTP-14970' | Hans Bolinder | |
* hasse/dialyzer/extra-range/OTP-14970: ssl: Correct some specs os_mon: Correct a spec Fix broken spec in beam_asm Dialyzer should not throw away spec information because of overspec | |||
2018-03-13 | ssl: Correct some specs | Hans Bolinder | |
2018-03-09 | Merge branch 'peterdmv/use_uri_string/OTP-14902' | Péter Dimitrov | |
* peterdmv/use_uri_string/OTP-14902: common_test: Use uri_string ssl: Use uri_string public_key: Use uri_string observer: Use uri_string Change-Id: I4beac2289db039cc7d566807727c5aaf7fadf942 | |||
2018-03-09 | ssl: Remove interoperability option v2_hello_compatible | Ingela Anderton Andin | |
2018-03-08 | ssl: Use uri_string | Péter Dimitrov | |
Change-Id: I1249b93b1e4a971cf1af2cb96a65563e23117e2b | |||
2018-03-08 | Merge branch 'ingela/ssl/no-automated-fallback/OTP-14789' | Ingela Anderton Andin | |
2018-03-08 | ssl: Increase security with safer default | Ingela Anderton Andin | |
The interoperability option to fallback to insecure renegotiation now has to be explicitly turned on. | |||
2018-03-06 | Merge branch 'maint' | Ingela Anderton Andin | |
2018-03-06 | ssl: Fix anonymous suites regression and protocol error | Bram Verburg | |
Anonymous cipher suites were broken altogether, and there was an earlier issue where the server would send a signature in the server key exchange if a certificate was configured, even if an anonymous suite was actually negotiated. Backport of PR-1729 | |||
2018-03-05 | Merge branch 'maint' | Ingela Anderton Andin | |
2018-03-05 | ssl: Correct AEAD handling | Ingela Anderton Andin | |
Cipher suite handling improvments missed to make a few changes for AEAD to be handled correctly see ERL-568 | |||
2018-02-12 | Merge branch 'maint' | Ingela Anderton Andin | |
2018-02-12 | Merge pull request #1709 from ↵ | Ingela Andin | |
dumbbell/dumbbell/ssl/fix-active-once-dropped-when-handling-alert/ERL-562 ssl: Fix alert handling so that unexpected messages are logged and alerted correctly | |||
2018-02-09 | ssl: Add the unexpected message to #alert{} | Jean-Sébastien Pédron | |
... in handle_common_event(), instead of passing it to handle_own_alert() after wrapping it in a tuple with `StateName` (i.e. `{StateName, Msg}`). The `StateName` is passed to handle_normal_shutdown() and to alert_user(). The latter has a clause matching it against `connection`. Unfortunately, when the argument was in fact `{StateName, Msg}`, another clause was executed which dropped the `active` flag value and forced it to `false`, even if the state was actually `connection`. It meant that later in send_or_reply(), the alert was not propagated to the user, even though it should (`active` set to `true` or `once`). Now that handle_common_event() always passes the actual `StateName`, the problem is fixed. ERL-562 | |||
2018-02-07 | Merge branch 'maint' | Ingela Anderton Andin | |
Conflicts: lib/ssl/doc/src/ssl.xml lib/ssl/src/ssl.erl lib/ssl/src/ssl_cipher.erl lib/ssl/test/ssl_basic_SUITE.erl lib/ssl/test/ssl_test_lib.erl | |||
2018-02-07 | ssl: Make sure anonymous suites are handled separately | Ingela Anderton Andin | |
Preferably customized cipher suites will be based on the default value. But all may be used as base and hence it will be good to handle anonymous suites separately as they are intended for testing purposes. | |||
2018-02-05 | ssl: Uses aead as mac value in AEAD cipher suites | Ingela Anderton Andin | |
Authenticated encryption (AE) and authenticated encryption with associated data (AEAD, variant of AE) is a form of encryption which simultaneously provides confidentiality, integrity, and authenticity assurances on the data. This is more logical value then null that was used, this happened to work as the AEAD property was derived form other data, but it is confusing! | |||
2018-02-05 | ssl: Add new API functions for cipher suite handling | Ingela Anderton Andin | |
2018-01-25 | Merge branch 'ingela/DTLS-supported' | Ingela Anderton Andin | |
* ingela/DTLS-supported: ssl: Fix typo dtls: Add DTLS handling to utility functions ssl: Document enhancment ssl: Document DTLS | |||
2018-01-24 | Merge branch 'maint' | Ingela Anderton Andin | |
2018-01-23 | ssl: Add record version sanity check | Ingela Anderton Andin | |
2018-01-22 | Merge branch 'ingela/ssl/no-chacha-default-for-now/ERL-538/OTP-14882' | Ingela Anderton Andin | |
* ingela/ssl/no-chacha-default-for-now/ERL-538/OTP-14882: ssl: Remove chacha ciphers form default for now | |||
2018-01-22 | ssl: Remove chacha ciphers form default for now | Ingela Anderton Andin | |
We have discovered interoperability problems, ERL-538, that we believe needs to be solved in crypto. | |||
2018-01-19 | ssl: Remove 3DES cipher suites from default | Ingela Anderton Andin | |
2018-01-17 | dtls: Add DTLS handling to utility functions | Ingela Anderton Andin | |
2018-01-16 | ssl: RSA key exchange is considered broken do not support by default | Ingela Anderton Andin | |
2018-01-12 | Merge branch 'maint' | Ingela Anderton Andin | |
2018-01-11 | ssl: Correct function for listing RC4 suites | Ingela Anderton Andin | |
2018-01-09 | Merge branch 'maint' | Ingela Anderton Andin | |
2018-01-07 | dtls: Filter out rc4 for DTLS psk suites | Ingela Anderton Andin | |
Stream ciphers are not valid fro DTLS | |||
2018-01-04 | Merge branch 'maint' | Ingela Anderton Andin | |
Conflicts: lib/ssl/src/tls_connection.erl | |||
2018-01-04 | ssl: Prevent error handling race condition | Ingela Anderton Andin | |
ERL-539 | |||
2017-12-20 | Merge branch 'maint' | Ingela Anderton Andin | |
2017-12-20 | dtls: Add handling of lost key exchange in cipher state | Ingela Anderton Andin | |
2017-12-20 | ssl: Correct DTLS client close handling | Ingela Anderton Andin | |
2017-12-20 | Merge branch 'maint' | Ingela Anderton Andin | |
2017-12-20 | Merge branch 'ingela/dtls-cuddling' into maint | Ingela Anderton Andin | |
* ingela/dtls-cuddling: dtls: Correct UDP listener cleanup dtls: Correct return value in UDP listener initialization | |||
2017-12-20 | Merge branch 'maint' | Ingela Anderton Andin | |
2017-12-20 | Merge branch 'ingela/DTLS/retransmission-timers' into maint | Ingela Anderton Andin | |
* ingela/DTLS/retransmission-timers: dtls: Use repeat_state to make sure retransmission timer is reset | |||
2017-12-20 | Merge branch 'maint' | Ingela Anderton Andin | |
2017-12-19 | remove duplicate operation for decode certificate | Jxck | |
completely deprecated operation with no effect. | |||
2017-12-18 | dtls: Use repeat_state to make sure retransmission timer is reset | Ingela Anderton Andin | |
2017-12-15 | dtls: Correct UDP listener cleanup | Ingela Anderton Andin | |
2017-12-15 | dtls: Correct return value in UDP listener initialization | Ingela Anderton Andin | |
2017-12-14 | Merge branch 'maint' | Ingela Anderton Andin | |
2017-12-14 | ssl: Align (with DTLS) and correct TLS_FALLBACK_SCSV handling | Ingela Anderton Andin | |