Age | Commit message (Collapse) | Author |
|
|
|
Could cause connection processes not terminate when they should
|
|
* ingela/ssl/continue-optimize/OTP-15445:
ssl: If possible assemble several received application data records
|
|
|
|
We want to decrease the size of the outer state tuple, and gain
ease of understanding by better grouping. This is the first step
of creating a hs_env (handshake environment) part of the state.
This change will be performed gradually to reduce merge conflicts
complexity and risk of introducing errors.
|
|
|
|
Could cause ssl to claim to support 3des_ede_cbc when cryptolib does not
|
|
We want to be able to save a specific session to reuse, and make sure
it is reusable immediatly when the connection has been established.
Add client option {reuse_session, SessionID::binary()}
We also do not want clients to save sessions that it did not verify.
Additionaly change behaviour of the client and server to not save sessions
if reuse_session is set to false.
|
|
Modernize test case option handling
|
|
|
|
* peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477:
ssl: Fix encoding/decoding of the SRP extension
Change-Id: Iee3276a60041a2c04c89385b2de2edb1cd81babd
|
|
ssl: Fix two invalid gen_statem returns
OTP-15505
|
|
The encoded value of the SRP extension length was bigger than the
actual length of the extension. This could cause interoperability
problems with third party SSL implementations.
This commit corrects the encoding and decoding of the SRP extension
length.
Change-Id: I78d118faab7f5d02b755a7d1e2e8561b86f5a15c
|
|
ssl: Guarantee active once data delivery
OTP-15504
|
|
New internal active N changed timing, and
new check is needed.
|
|
|
|
Use throw stratgy for erro handling in extension handling. Makes code consistent and easier to refactor.
Also fixes bug that an incorrect return value for gen_statem could be created when alert was a result
of handling renegotiation info extension.
|
|
Wtite connection state was not synchronized when peer initiated renegotiation
|
|
As the stop wrapper functions are no longer needed after tls_sender
that altered the behaviour of the TLS distribution code.
|
|
Both test case and code needed updates to work as intended. Code needed update due to
new tls_sender process and the test case gave false positive reusult erarlier probably
due to beeing to sloopy in order to avoid timeouts.
|
|
|
|
|
|
|
|
Rename Connection:handle_common_event Connection:handle_protocol_record
removing use of unnecessary argument and making code easier to understand.
|
|
State values created at init
|
|
Wtite connection state was not synchronized when peer initiated renegotiation
|
|
|
|
As the stop wrapper functions are no longer needed after tls_sender
that altered the behaviour of the TLS distribution code.
|
|
Both test case and code needed updates to work as intended. Code needed update due to
new tls_sender process and the test case gave false positive reusult erarlier probably
due to beeing to sloopy in order to avoid timeouts.
|
|
|
|
|
|
|
|
Rename Connection:handle_common_event Connection:handle_protocol_record
removing use of unnecessary argument and making code easier to understand.
|
|
State values created at init
|
|
* raimo/ssl/tls_dist-optimization:
Handle socket close in state downgrade
Handle dead sender at terminate
Handle tls_sender exit properly
Optimize split_bin
Improve dist send throughput
|
|
|
|
Also avoid code duplication
Conflicts:
lib/ssl/src/dtls_connection.erl
lib/ssl/src/tls_connection.erl
|
|
When internaly using active N, bugs in shutdown implementation where reveled.
|
|
Make next_record an internal help function to next_event and avoid
duplicate calls to tls_socket:setopts for setting the active option.
|
|
|
|
|
|
|
|
|
|
* ingela/ssl/rsa-kex-engine/ERIERL-268/OTP-15420:
ssl: Add engine handling clause to RSA key exchange
|
|
|
|
Could cause renegotiation to fail
|
|
with handshake
Fix of commit 68d9244ae33e5eea36250c3bb9ffe046a4db5647
|
|
|
|
* ingela/ssl/deliver-all-data-at-close/ERL-731/OTP-15412:
ssl: Extend check for undelivered data at closing
|
|
This is a timing related bug that alas is hard to test
|