aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src
AgeCommit message (Collapse)Author
2019-07-26ssl: Enable TLS 1.3 test groups in FTPéter Dimitrov
2019-07-25ssl: Fix handshake pause in TLS 1.3Péter Dimitrov
2019-07-25ssl: Implement option honor_cipher_order in TLS 1.3Péter Dimitrov
2019-07-25ssl: Document option supported_groupsPéter Dimitrov
2019-07-25ssl: Implement pre_shared_key extensionPéter Dimitrov
Implement encode/decode of pre_shared_key.
2019-07-25ssl: Implement psk_key_exchange_modes extensionPéter Dimitrov
Implement encode/decode of psk_key_exchange_modes.
2019-07-22Merge branch 'peterdmv/ssl/fix-tls13-alpn' into maintPéter Dimitrov
* peterdmv/ssl/fix-tls13-alpn: ssl: Fix handling of ALPN in TLS 1.3
2019-07-18ssl: Correct RSP/PSK and ALPN handlingIngela Anderton Andin
Extention handling need some fixes to work correctly for ALPN and SSL-3.0 only client/servers do not support extensions
2019-07-18ssl: Better grouping of testIngela Anderton Andin
Regroup testes after functionality making it easier to test all variants (all protocols, all cert types etc). Also extend OpenSSL interop
2019-07-17ssl: Fix handling of ALPN in TLS 1.3Péter Dimitrov
2019-07-12Merge branch ↵Raimo Niskanen
'raimo/ssl/fix-zero-fragment-buffer-handling/ERIERL-379/OTP-15328' into maint * raimo/ssl/fix-zero-fragment-buffer-handling/ERIERL-379/OTP-15328: Do not call dist_ctrl_put_data with empty binaries Refine the queue code Fix extracting 0 bytes from queue
2019-07-05Do not call dist_ctrl_put_data with empty binariesRaimo Niskanen
2019-07-03Refine the queue codeRaimo Niskanen
2019-07-03Merge branch 'ingela/ssl/alert-error-enhancment/OTP-15943' into maintIngela Anderton Andin
* ingela/ssl/alert-error-enhancment/OTP-15943: ssl: Enhance error handling
2019-07-02Fix extracting 0 bytes from queueRaimo Niskanen
2019-07-01ssl: Enhance error handlingIngela Anderton Andin
Handle the ILLEGAL_PARAMETER alert that may be returned from ssl_alert:decode/3 for gracefull shutdown, try of ...catch will/should not handle this case it is only handles the case that TM should not happen!
2019-07-01Merge pull request #2286 from peterdmv/ssl/tls13-ecdsa/OTP-15854Péter Dimitrov
Implement support for ECDSA certificates in TLS 1.3
2019-06-24Merge branch 'peterdmv/ssl/fix-cert-error-handling/OTP-15900' into maintPéter Dimitrov
* peterdmv/ssl/fix-cert-error-handling/OTP-15900: ssl: Fix handling of certificate decoding problems
2019-06-19ssl: Fix handling of certificate decoding problemsPéter Dimitrov
2019-06-19Merge branch 'ingela/ssl/TLS-hibernate-bug/OTP-15910' into maintIngela Anderton Andin
* ingela/ssl/TLS-hibernate-bug/OTP-15910: ssl: Fix hibernation bug
2019-06-18ssl: Fix hibernation bugIngela Anderton Andin
2019-06-17Merge branch 'peterdmv/ssl/fix-handshake-hello/ERL-975/OTP-15888' into maint-22Erlang/OTP
* peterdmv/ssl/fix-handshake-hello/ERL-975/OTP-15888: ssl: Fix negative tests in ssl_basic_SUITE ssl: Fix run_client_error/1 in ssl_test_lib ssl: Fix ssl_handshake:extension_value/1
2019-06-17Merge branch 'peterdmv/ssl/tls12-java11-interop/ERL-973/OTP-15887' into maint-22Erlang/OTP
* peterdmv/ssl/tls12-java11-interop/ERL-973/OTP-15887: ssl: Add interop test ssl: Improve handling of signature algorithms
2019-06-17Merge branch 'ingela/ssl/handshake-handling/ERL-968/OTP-15879' into maint-22Erlang/OTP
* ingela/ssl/handshake-handling/ERL-968/OTP-15879: ssl: Correct handshake handling
2019-06-17Merge branch 'peterdmv/ssl/fix-handshake-hello/ERL-975/OTP-15888' into maintPéter Dimitrov
* peterdmv/ssl/fix-handshake-hello/ERL-975/OTP-15888: ssl: Fix negative tests in ssl_basic_SUITE ssl: Fix run_client_error/1 in ssl_test_lib ssl: Fix ssl_handshake:extension_value/1
2019-06-17ssl: Fix ssl_handshake:extension_value/1Péter Dimitrov
Handle new TLS 1.2/1.3 extensions.
2019-06-17Merge branch 'peterdmv/ssl/tls12-java11-interop/ERL-973/OTP-15887' into maintPéter Dimitrov
* peterdmv/ssl/tls12-java11-interop/ERL-973/OTP-15887: ssl: Add interop test ssl: Improve handling of signature algorithms
2019-06-14ssl: Improve handling of signature algorithmsPéter Dimitrov
TLS 1.2 ClientHello caused handshake failure in the TLS 1.2 server if the signature_algorithms_cert extension contained legacy algorithms. Update TLS 1.2 server to properly handle legacy signature algorithms in the signature_algorithms_cert extension. Update TLS 1.3 client so that it can send legacy algorithms in its signature_algorithms_cert extension.
2019-06-13Merge branch 'ingela/ssl/handshake-handling/ERL-968/OTP-15879' into maintIngela Anderton Andin
* ingela/ssl/handshake-handling/ERL-968/OTP-15879: ssl: Correct handshake handling
2019-06-13ssl: Correct handshake handlingIngela Anderton Andin
Solves ERL-968, a refactoring bug could cause part of a server key exchange message to be appended, to an incorrectly duplicated, certificate handshake message. In the end causing an ASN1 decoding error. That in turn did not end up the correct error handling branch.
2019-06-13ssl: Handle ECDSA signatures in TLS 1.3Péter Dimitrov
2019-06-12Merge branch 'ingela/ssl/dtls-multiplxor/ERL-962/OTP-15864' into maint-22Erlang/OTP
* ingela/ssl/dtls-multiplxor/ERL-962/OTP-15864: ssl: Add missing gen_server return value in DTLS packet demux process
2019-06-12Merge branch 'ingela/ssl/ret-ext/ERL-951/OTP-15862' into maint-22Erlang/OTP
* ingela/ssl/ret-ext/ERL-951/OTP-15862: ssl: Fix broken return value
2019-06-11Merge pull request #2277 from mattludwigs/fix-ssl-passive-flag-defaultIngela Andin
Fix SSL cb_info missing underscore in default OTP-15887
2019-06-11Merge pull request #2276 from peterdmv/ssl/tls13-alpnPéter Dimitrov
Implement ALPN in TLS 1.3
2019-06-10Merge branch 'ingela/ssl/dtls-multiplxor/ERL-962/OTP-15864' into maintIngela Anderton Andin
* ingela/ssl/dtls-multiplxor/ERL-962/OTP-15864: ssl: Add missing gen_server return value in DTLS packet demux process
2019-06-07Fix SSL cb_info missing underscore in defaultMatt Ludwigs
2019-06-07ssl: Add missing gen_server return value in DTLS packet demux processIngela Anderton Andin
2019-06-07ssl: Fix alert handling (TLS 1.3)Péter Dimitrov
Server and client use different secrets when sending certificate related alerts. This is due to a change to the TLS protocol where clients send their 'certificate' message after they have received the server's 'finished' message.
2019-06-07ssl: Implement ALPN in TLS 1.3Péter Dimitrov
2019-06-05ssl: Fix broken return valueIngela Anderton Andin
2019-06-04ssl: Returned "alert error string" should be same as logged alert stringIngela Anderton Andin
2019-06-04Merge branch 'ingela/ssl/PR-2235/OTP-15851' into maintIngela Anderton Andin
* ingela/ssl/PR-2235/OTP-15851: Export sign_scheme/0 types
2019-06-04Merge pull request #2268 from IngelaAndin/ingela/ssl/DTLS-version-check/ERL-920Ingela Andin
ssl: Change check of DTLS record version OTP-15807 Merged as it is an confirmed improvement, however more work needs to be done on DTLS test framework.
2019-05-31ssl: Fix broken return valueIngela Anderton Andin
2019-05-29ssl: Change check of DTLS record versionIngela Anderton Andin
Retransmissions mechanism for upd makes it possible for handshakes and possible alerts to have another record version then the negotiated one in the states certify and abbreviated without beeing invalid messages.
2019-05-28Export sign_scheme/0 typesjuhlig
The types named_curve/0 and sign_scheme/0 consist of many options and may also change with time. Since they are not exported, users must either repeat and maintain their specs, or use a general type like any() if they want to refer to them.
2019-05-28Merge branch 'ingela/ssl/alert-strings/OTP-15844' into maintIngela Anderton Andin
2019-05-28Export named_curve/0juhlig
The types named_curve/0 consist of many options and may also change with time. Since they are not exported, users must either repeat and maintain their specs, or use a general type like any() if they want to refer to them.
2019-05-28ssl: Export type that user may want to useIngela Anderton Andin