aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src
AgeCommit message (Collapse)Author
2019-04-24ssl: Enable additional ciphers for TLS 1.3Péter Dimitrov
Enable TLS_CHACHA20_POLY1305_SHA256 and TLS_AES_128_CCM_SHA256. Change-Id: I04e32bcbf0683bb517f235a3e352facffc674692
2019-04-23Merge branch 'peterdmv/ssl/doc-types-and-specs/OTP-15746'Péter Dimitrov
* peterdmv/ssl/doc-types-and-specs/OTP-15746: ssl: Add type specs for http_packet() ssl: Fix type specs of ssl_internal.hrl ssl: Fix type specs of internal handshake functions ssl: Fix dialyzer warnings eldap: Fix dialyzer warnings ssl: Fix missing anchor warning public_key: Accept digest types 'sha1' and 'sha' inet: Document type inet:stat_option() ssl: Changed function specs and ssl.xml ssl: Update standards_compliance.xml OTP-15775 OTP-15776 OTP-15777 Change-Id: Ibe8e8263d6557eaa40cc0681a7ce3fcb373a4120
2019-04-18ssl: Add type specs for http_packet()Péter Dimitrov
Change-Id: I07231ceab14d49c740967a0edfc9494328b96a62
2019-04-18ssl: Fix type specs of ssl_internal.hrlPéter Dimitrov
Change 'term()' to 'any()'. Allow 'undefined' for all fields of #ssl_options{}. Change-Id: I00632bfd2b172974a99680a82f326f25b92b9974
2019-04-18ssl: Fix type specs of internal handshake functionsPéter Dimitrov
Change-Id: I99cd0bebd80b3e55fd522457fa126e5bc198657b
2019-04-18Merge branch 'maint'Raimo Niskanen
* maint: Do not create empty binaries when splitting iovec
2019-04-18ssl: Fix dialyzer warningsPéter Dimitrov
Change-Id: Ic4895195569073916f158a06b95061939f15cfc0
2019-04-17ssl: Changed function specs and ssl.xmlKenneth Lundin
Changed function specs and ssl.xml for generation of documentation according to the new way. Change-Id: I17b59b80f9072c3d2c20aea1b102f1e9c86987a0
2019-04-17Do not create empty binaries when splitting iovecRaimo Niskanen
2019-04-12Merge branch 'ingela/ssl/cipher-suite-conversions'Ingela Anderton Andin
* ingela/ssl/cipher-suite-conversions: ssl: Add functions to convert between diffrent cipher suite formats
2019-04-12ssl: Add functions to convert between diffrent cipher suite formatsIngela Anderton Andin
2019-04-11ssl: Fix faulty match of Socket in handle_info/3Péter Dimitrov
Fix dtls_connection:handle_info/3 to correctly match the Socket in static_env. Change-Id: Iddaad0514c2413abac6d9a06292556e07acc7729
2019-04-11Merge branch 'peterdmv/ssl/fix-tls13-handshake/ERL-908/OTP-15759'Péter Dimitrov
* peterdmv/ssl/fix-tls13-handshake/ERL-908/OTP-15759: ssl: Add chacha ciphers to openssl_suite_name/1 ssl: Filter signature_schemes before usage ssl: Handle legacy algorithms in signature_scheme/1 Change-Id: I4caa0fb21324aceb1d3502d33e61e99bd915d9c4
2019-04-10ssl: Add chacha ciphers to openssl_suite_name/1Péter Dimitrov
Change-Id: I2f2cc8c64f02b50773eb455770336b159da7b9f9
2019-04-10ssl: Filter signature_schemes before usagePéter Dimitrov
Filter unassigned and legacy elements from signature_scheme_list before further processing. Change-Id: I0a2623e53c21cebe6e736e7eee6bb6354fc698b7
2019-04-10ssl: Handle legacy algorithms in signature_scheme/1Péter Dimitrov
Handle legacy signature algorithms in TLS 1.3 ClientHello to improve debug logging. Change-Id: If5548c828aabab83a2b147dffa7e937bd98916c6
2019-04-09ssl: Fix ssl:getstat/2Péter Dimitrov
Change-Id: I03d8bb7b45fc48b3d5b0232c4c3a286fb36aad5c
2019-04-09ssl: Implement {active,N} for DTLSPéter Dimitrov
Change-Id: I559624bedf3b9b9ed0316af5262f59bcad8de926
2019-04-09ssl: Fix function merge_fragments/2Péter Dimitrov
Change-Id: Icc99d5f3b8c667107926603e9d546d7198bd098d
2019-04-09ssl: Remove excessive calls to next_record/1Péter Dimitrov
Change-Id: Ic6606206b9c48489ead46bf2f8a982cf06ccc2e3
2019-04-09Merge branch 'peterdmv/ssl/fix-chacha-ciphers'Péter Dimitrov
* peterdmv/ssl/fix-chacha-ciphers: ssl: Fix Chacha20 IV length and nonce calculation Change-Id: I69b88bcfe0e9a6b9157884e9df049e15f4a35b95
2019-04-02Merge branch 'peterdmv/ssl/fix-key-share-decoding'Péter Dimitrov
* peterdmv/ssl/fix-key-share-decoding: ssl: Fix decoding of the key_share extension Change-Id: I2b772bb1e50b841f9154206b1170330d51c7ba94
2019-04-02Merge branch 'peterdmv/ssl/update-chacha-ciphers'Péter Dimitrov
* peterdmv/ssl/update-chacha-ciphers: ssl: Update Chacha20-Poly1305 cipher suite codes Change-Id: I0a3c48d7eb30d7c8fae2afdc4eaa68e909a474ea
2019-04-02ssl: Fix Chacha20 IV length and nonce calculationPéter Dimitrov
This commit fixes the IV length (12 bytes) and the calculation of the nonce for the Chacha20-Poly1305 ciphers. Change-Id: I4c9efc0bf012bc287c84c7b62c252ecf49ffe32f
2019-04-01ssl: Fix decoding of the key_share extensionPéter Dimitrov
Change-Id: I4764b5f2172f000d13c267e9002789fa6e09c58c
2019-04-01ssl: Update Chacha20-Poly1305 cipher suite codesPéter Dimitrov
Update the cipher suite codes of the Chacha20-Poly1305 ciphers to align them with RFC7905. Change-Id: I85aa8dfd8a3782d61304b7f74b48f7a09f15a033
2019-04-01Merge branch 'peterdmv/ssl/dtls-fix'Péter Dimitrov
* peterdmv/ssl/dtls-fix: ssl: Fix dtls queue handling ssl: Fix retransmission timeout Change-Id: Ic3312e46e56dca096318a5a6b2eefa6cc0e34863
2019-04-01Merge branch 'raimo/ssl/tls-dist-fun-day/OTP-14792'Raimo Niskanen
* raimo/ssl/tls-dist-fun-day/OTP-14792: Skip all benchmark groups Benchmark report relative core load Improve printouts Polish sched util benchmark Improve printouts Dist handshake with nodelay Implement inet_crypto_dist benchmark example
2019-04-01Merge branch 'ingela/ssl/AES-CCM/OTP-15626'Ingela Anderton Andin
* ingela/ssl/AES-CCM/OTP-15626: ssl: Adapt DTLS code to optimizations ssl: Add support AES_CCM cipher suites form RFC 6655
2019-03-29ssl: Fix dtls queue handlingPéter Dimitrov
Change-Id: I6956eb9c7036cfe72bb1b8cb3e02e22bd71c4c36
2019-03-29ssl: Fix retransmission timeoutPéter Dimitrov
Set the upper limit of the retransmission timeout to 60 seconds instead of 60 milliseconds. Change-Id: I17168a015f352d2526935ea77a8aea686944ebcd
2019-03-29 ssl: Add missing tuple in shutdown reasonIngela Anderton Andin
2019-03-29ssl: Adapt DTLS code to optimizationsIngela Anderton Andin
2019-03-29ssl: Add support AES_CCM cipher suites form RFC 6655Ingela Anderton Andin
2019-03-28Dist handshake with nodelayRaimo Niskanen
2019-03-22Merge branch 'ingela/ssl/default-supported-versions/OTP-14865'Ingela Anderton Andin
* ingela/ssl/default-supported-versions/OTP-14865: ssl: Remove default support for legacy versions
2019-03-21Merge branch 'peterdmv/ssl/tls13-conn-info'Péter Dimitrov
* peterdmv/ssl/tls13-conn-info: ssl: Fix ssl:connection_information/1 in TLS 1.3 Change-Id: I492b0973bb4ee44354edf22ed3bc2a6e5c7b90c5
2019-03-21Revert "ssl: Correct handling of crypto exception handling."Ingela Anderton Andin
This reverts commit 884503bc69157d2a3c6bd72389b4e2a800f97fb6.
2019-03-21ssl: Remove default support for legacy versionsIngela Anderton Andin
TLS-1.0, TLS-1.1 and DTLS-1.0 are now considered legacy
2019-03-20ssl: Correct handling of crypto exception handling.Ingela Anderton Andin
Documentation was incorrect, and new specs provided dialyzer errors.
2019-03-19Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/src/ssl.erl lib/ssl/src/tls_connection.erl
2019-03-19Merge branch 'ingela/ssl/transport-transparance/ERL-861/OTP-15679' into maintIngela Anderton Andin
* ingela/ssl/transport-transparance/ERL-861/OTP-15679: ssl: Fix transport transparancy
2019-03-18Merge branch 'ingela/ssl/recv-timeout-bug/ERL-884/ERL-883/OTP-14701' into ↵Erlang/OTP
maint-21 * ingela/ssl/recv-timeout-bug/ERL-884/ERL-883/OTP-14701: ssl: Cancel recv timer in all places
2019-03-18Merge branch 'ingela/ssl/transport-transparance/ERL-861/OTP-15679' into maint-21Erlang/OTP
* ingela/ssl/transport-transparance/ERL-861/OTP-15679: ssl: Fix transport transparancy
2019-03-18ssl: Fix ssl:connection_information/1 in TLS 1.3Péter Dimitrov
Store cipher suite information in session record. Test ssl:connection_information/1 in a TLS 1.3 connection. Change-Id: I7193e6dd2544540e446b5777b5768806cecf2bd3
2019-03-18Merge branch 'peterdmv/ssl/client-auth/OTP-15591'Péter Dimitrov
* peterdmv/ssl/client-auth/OTP-15591: ssl: Improve ssl logging ssl: Test handling of signature algorithms ssl: Handle unencrypted Alert (Illegal Parameter) ssl: Improve verification of received Certificate ssl: Fix Alert logging ssl: Fix get_handshake_context/2 ssl: Test HelloRetryRequest with client auth ssl: Verify signature algorithm in CV ssl: Verify CertificateVerify ssl: Test client authentication with certificate ssl: Validate client certificates (TLS 1.3) ssl: Test client authentication (empty cert) ssl: Implement state 'wait_cert' ssl: Add ssl logger support for CertificateRequest ssl: Fix ssl alerts Change-Id: Id4ba14d373f116038a7cb3ff9fc33faed23031c8
2019-03-16ssl: Cancel recv timer in all placesIngela Anderton Andin
Would cause connection to crash although all data was delivered to ssl:recv
2019-03-14ssl: Improve ssl loggingPéter Dimitrov
Remove function ssl:set_log_level/1. Its functionality is already implemented by logger:set_application_level/2. Set log level for ssl modules to debug at application start. Former implementation required an extra call to logger:set_application_level/2 (beside setting ssl option {log_level, debug}) to enable debug logging. Change-Id: Id21be7fd58915e11124cc136bb92d8a7526b8a74
2019-03-14ssl: Handle unencrypted Alert (Illegal Parameter)Péter Dimitrov
Handle unencrypted 'Illegal Parameter' Alerts from openssl s_client when the server's connection states are already stepped into traffic encryption. Change-Id: I10951a9061e6f4b13d8ddb8ab99f8a812a483113
2019-03-14ssl: Improve verification of received CertificatePéter Dimitrov
Validate peer certificate against supported signature algorithms. Send 'Hanshake Failure' Alert if signature algorithm is not supported by the server. Change-Id: Iad428aad337f0f9764d23404c203f966664c4555
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-18 17:43:33 +0000