otp.git - Mirror of Erlang/OTP repository.

Age	Commit message (Collapse)	Author
2010-04-19	Prepare for release	Dan Gudmundsson

2010-04-17	Reset inet options	Dan Gudmundsson
	Temporary set the inet options on listen socket before doing accept so that the correct options will be inherited by the accept socket. Reset the options afterwards so that repeated use of listen socket get user set values.
2010-04-16	Avoid race condition of early handshake messages, when socket is active mode ↵	Dan Gudmundsson
	is not false.
2010-04-14	Enhanced error handling	Ingela Anderton Andin

2010-04-13	We currently do not support fixed DH. Removal of dead code.	Ingela Anderton Andin

2010-04-13	Fixed dialyzer warning	Ingela Anderton Andin

2010-04-13	OTP-8554 Certificate extensions	Ingela Anderton Andin

2010-04-13	Fixed spelling error	Dan Gudmundsson

2010-04-12	OTP-8517 Renegotiation	Ingela Anderton Andin
	New ssl now properly handles ssl renegotiation, and initiates a renegotiation if ssl/ltls-sequence numbers comes close to the max value.
2010-04-09	Merge branch 'rb/ssl-fix-http-packet-decoding' into dev	Erlang/OTP
	* rb/ssl-fix-http-packet-decoding: Fix ssl to decode http packets in the same way as gen_tcp OTP-8545 rb/ssl-fix-http-packet-decoding
2010-04-07	Fix ssl to decode http packets in the same way as gen_tcp	Rory Byrne
	When gen_tcp is configured with the {packet,http} option, it automatically switches to expect HTTP Headers after a HTTP Request/Response line has been received. This update fixes ssl to behave in the same way.
2010-04-07	Fix ssl:transport_accept/2 to return properly when socket is closed	Rory Byrne
	A badmatch exception is thrown from ssl:transport_accept/2 when ssl:close/1 is called on the socket. This fixes it to return {error,closed} as expected.
2010-04-07	To preserve coding style of this module	Ingela Anderton Andin

2010-04-05	Fix verification of ssl client when fail_if_no_peer_cert	Rory Byrne
	The SSL handshake fails when an ssl server is configured with the 'fail_if_no_peer_cert' option and a valid client sends its certificate as instructed. On the server-side ssl:ssl_accept/2 will return {error,esslerrssl}, and it will send an "Unexpected Message" SSL Alert (type 10) to the client.
2010-04-05	Fix mishandling of valid ssl options	Rory Byrne
	Using certain valid options in the new ssl implementation results in badarg exceptions. This happens for one documented option 'fail_if_no_peer_cert' and two undocumented options 'verify_client_once' and 'cb_info'.
2010-03-31	Fixed arguments to queue:in_r in clause that is very unlikly to happen and ↵	Ingela Anderton Andin
	hence not covered by test cases.
2010-03-31	Corrected merge errors	Ingela Anderton Andin

2010-03-25	OTP-7046 Support for Diffie-Hellman keyexchange	Ingela Anderton Andin

2010-03-25	OTP-8517 Renegotiation	Ingela Anderton Andin
	New ssl now properly handles ssl renegotiation, and initiates a renegotiation if ssl/ltls-sequence numbers comes close to the max value.
2010-03-16	OTP-8510 ssl crash	Dan Gudmundsson
	Fixed a crash in the certificate certification part.
2010-02-18	Avoid crash when trying to alert the user.	Dan Gudmundsson

2010-02-17	ssl: Prepare release	Dan Gudmundsson

2010-02-17	OTP-8459 Do a controlled shutdown if a non ssl packet arrives as the first	Dan Gudmundsson
	packet.
2010-02-12	Merge branch 'yh/packet_option_for_new_ssl_send' into ccase/r13b04_dev	Erlang/OTP
	* yh/packet_option_for_new_ssl_send: Fixed ssl:setopts(Socket, binary) which was didn't work for 'new' ssl. Fixed bug file cache bug and improved the error messages. Allow <c>ssl:listen/2</c> to be called with option {ssl_imp, old}. prepend packet size bytes in ssl:send() in new_ssl implementation OTP-8441 ssl:send/2 ignored packet option, fix provided by YAMASHINA Hio. Fixed a file cache bug which caused problems when the same file was used for both cert and cacert. Allow ssl:listen/2 to be called with option {ssl_imp, old}. Fixed ssl:setopts(Socket, binary) which didn't work for 'new' ssl..
2010-02-12	Fixed ssl:setopts(Socket, binary) which was didn't work for 'new' ssl.	Dan Gudmundsson

2010-02-12	Fixed bug file cache bug and improved the error messages.	Dan Gudmundsson

2010-02-12	Allow <c>ssl:listen/2</c> to be called with option {ssl_imp, old}.	Dan Gudmundsson

2010-02-12	prepend packet size bytes in ssl:send() in new_ssl implementation	YAMASHINA Hio
	With the {ssl_imp,new} option enabled, {packet,PacketType} only works when receiving. When sending, {packet,0} is always used.
2010-01-19	Merge branch 'dgud/ssl-patches-from-Wil' into ccase/r13b04_dev	Erlang/OTP
	* dgud/ssl-patches-from-Wil: Added a public_key:pkix_transform/2 instead and used it from ssl. Minor code cleanup new_ssl fix session reuse Code cleanup Send CA list during Certificate Request in new_ssl OTP-8372 Fixed session reuse (in new_ssl), thanks Wil Tan. Send CA list during Certificate Request (in new_ssl) , thanks Wil Tan.
2010-01-13	Added a public_key:pkix_transform/2 instead and used it from ssl.	Dan Gudmundsson

2010-01-12	Minor code cleanup	Dan Gudmundsson

2010-01-12	new_ssl fix session reuse	Wil Tan
	When an SSL client presents a previous session ID, the server should either honour the request to reuse the parameters previously negotiated for the given session ID, or ignore the request and generate a new session ID. In this situation, new_ssl tries to complete the handshake by sending the client a "Finished" handshake message, which violates the SSL/TLS specs. It should instead send a ChangeCipherSpec message before sending the FInished message. This patch fixes it.
2010-01-12	Code cleanup	Dan Gudmundsson

2010-01-12	Send CA list during Certificate Request in new_ssl	Wil Tan
	When requesting for client certificate, an SSL/TLS server may send a list of the distinguished names of acceptable certificate authorities. OpenSSL does this by default.
2009-11-20	The R13B03 release.OTP_R13B03	Erlang/OTP