| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Add possibility to downgrade an SSL/TLS connection to a tcp connection,
and give back the socket control to a user process.
Add application setting to be able to change fatal alert shutdown
timeout, also shorten the default timeout. The fatal alert timeout is
the number of milliseconds between sending of a fatal alert and
closing the connection. Waiting a little while improves the
peers chances to properly receiving the alert so it may
shutdown gracefully.
|
|
|
|
* ia/ssl/modern-timetrap:
ssl: Make init functions fail if make_certs:all fails
ssl: Avoid sleep
ssl: modernize timetrap handling
|
|
|
|
Watchdog is legacy test_server use only ct:timetrap/1
|
|
|
|
The test cases does not use any hooks and including the ts_install_cth
trips up the test case setup on some platforms cuasing the test cases
to fail with {error, enoent}
|
|
* ferd/deny-client-renegotiation:
Add disable client-initiated renegotiation option
Conflicts:
lib/ssl/doc/src/ssl.xml
lib/ssl/src/ssl.erl
OTP-12815
|
|
Client-initiated renegotiation is more costly for the server than the
client, and this feature can be abused in denial of service attempts.
Although the ssl application already takes counter-measure for these
(via cooldown periods between renegotiations), it can be useful to
disable the feature entirely.
This patch adds the `{client_renegotiation, boolean()}' option to the
server-side of the SSL application (defaulting to `true' to be
compatible with the current behaviour).
The option disables the ability to do any renegotiation at all in the
protocol's state, reusing the existing denial code, but without opening
the code path that sets up a timed message to eventually reopen it up.
|
|
connection_info -> connection_information
|
|
Adjust time to make sure "enough" time has elapsed. Will have to do
for now.
|
|
|
|
Conflicts:
lib/ssl/src/ssl_cipher.erl
lib/ssl/test/ssl_basic_SUITE.erl
|
|
|
|
Conflicts:
lib/ssl/doc/src/ssl_app.xml
lib/ssl/src/ssl_manager.erl
|
|
The PEM cache is now validated by a background process, instead of
always keeping it if it is small enough and clearing it otherwhiss.
That strategy required that small caches where cleared by API function
if a file changes on disk.
However document the clearing API function as it can still be usefull.
|
|
|
|
|
|
Even though in the most common case an erlang node will not be both client
and server, it may happen (for instance when running the erlang ditribution
over TLS).
Also try to mitigate the affect of dumb clients that could cause a
very lagre session cache on the client side that can cause long delays
in the client. The server will have other means to handle a large
session table and will not do any select operations on it anyhow.
|
|
|
|
* RoadRunnr/ssl/fix-tests:
SSL: fix OpenSSL known renegotiation bug detection
SSL: in tests, filter ssl client ciphers for version compatibility
|
|
Some psk and some not yet supported anonymous suites are only supported
with TLS version >= 1.2. This adds them to the tests and makes sure
that they are not tested on TLS versions that do not support them.
|
|
|
|
|
|
* ia/ssl/inherit/OTP-11897:
ssl: Handle socket option inheritance when pooling of accept sockets is used
|
|
Implement a listen socket tracker process that holds the emulated socket
options so that it is possible to implement a destructive ssl:setopts
on SSL/TLS listen sockets without changing the options of the internal
socket as we want that socket to have the internal socket option values.
|
|
|
|
If a client sends some garbage in ssl record instead of
valid fragment, server crashes with function_clause while
receiving next record from client.
This patch makes server raise handshake failure instead of
crashing and exposing internal state to user code.
|
|
* ia/ssl/recv/OTP-11878:
ssl: recv shall ruturn {error, einval} on active socket
|
|
|
|
When selecting the available cipher suites for the server all cipher suites
for the highest supported SSL/TLS-version would be selected, and not
all supported for the negotiated SSL/TLS-version. This could lead
to that faulty clients could negotiate cipher suites that they
can not support. This change will enable the faulty client to negotiate
another cipher suite that it can support.
|
|
|
|
unexpected alerts.
Add recognitions of RFC 4366 alerts and handle possible
unimplementd alerts in a gracefully way.
|
|
Avoid puzzling behavior due to options being disregarded if they
are not key value tuples.
|
|
* schlagert/fix_basic_appups:
Dynamically configure typer_SUITE according to environment
Disable hipe_SUITE when environment doesn't support it
Make hipe non-upgradable by setting appup file empty
Fix missing module on hipe app file template
Add test suites performing app and appup file checks
Introduce appup test utility
Fix library application appup files
Fix non-library appup files according to issue #240
OTP-11744
|
|
Add the mentioned test suites for *all* library and touched
non-library applications.
|
|
|
|
|
|
* ia/Vagabond/adt-honor-cipher-order/OTP-11621:
Implement 'honor_cipher_order' SSL server-side option
|
|
did not support secure renegotiation
|
|
HonorCipherOrder as implemented in Apache, nginx, lighttpd, etc. This
instructs the server to prefer its own cipher ordering rather than the
client's and can help protect against things like BEAST while
maintaining compatability with clients which only support older ciphers.
This code is mostly written by Andrew Thompson, only the test case was
added by Andreas Schultz.
|
|
|
|
|
|
Make sure that test cases does not fail due to timing circumstances,
use selective receive even if it means we can not use test library functions
in some cases. TCP does not have delivery guarantee to application layer,
so sometimes a error message {error, Msg} or {error, closed} can be acceptable.
|
|
New design : ssl - Main
tls - Reflect tls specific semantics
dtls - Reflect dtls specific semantics
|
|
with proper defaults
Added ssl_ECC_SUITE
|
|
As the ASN-1 application relies on a nif in R16 for decodeing (that
was not the case in R15), public_key currently has a runtime
dependency on ASN-1. Hopefully we will be able to remove this
dependency again in the future.
|
|
Also phase in tls module as main API instead of ssl. To
make API clearer. As TLS is the new protocol name.
Maybe keep some API functions in ssl
|
|
|
