| Age | Commit message (Collapse) | Author |
|---|
|
The ssl application uses the new function in many of its test cases.
|
|
Otherwhise test can be wrongly initialized and will fail as they try to run
with a broken setup.
This is an addition to b3ca5727169deaa38917edca8288dcaff9a36800 that accidently
was the wrong version of that branch.
|
|
|
|
With the new help functions for creating test data we can simplify the
code. And sometimes corrections have been made so that the test actually
perform the test intended.
|
|
|
|
|
|
|
|
ECC certs should preferably use SHA2, this is what we want to be
testing. Also assembling of all available test suites must consider TLS version.
|
|
|
|
Tests in ECC_SUITE did not always use the certs implied by the
name. Variable naming also confused the intent.
ssl_certificate_verify_SUITE did not clean up properly and tests could
fail due to cache problems.
|
|
Consolidate code that logs TLS/DTLS version during testing
into ssl_test_lib.
|
|
|
|
* ingela/ssl-gen-statem/OTP-13464:
ssl: Adapt DTLS to gen_statem
ssl: Use gen_statem instead of gen_fsm
|
|
Active option was not handled correctly in all places. Dead code has
been removed.
|
|
Also reduce timing issues in tests
|
|
|
|
* legoscia/critical-extension-verify-none:
ssl: with verify_none, accept critical extensions
OTP-13377
|
|
When establishing a TLS connection with {verify, verify_none}, if the
server has a certificate with a critical extension, for example a
"Netscape Cert Type" extension, certificate verification would fail,
which is surprising given that the name of the option suggests that no
verification would be performed.
With this change, certificate extensions marked as critical are
ignored when using verify_none.
|
|
When searching for a certificate's issuer in the `CertDB`, verify the signature
against the original DER certificate from the handshake instead of a re-encoding
of the parsed certificate. This avoids false negatives due to differences
between DER encoding implementations of OTP and other platforms.
|
|
* ia/ssl/modern-timetrap:
ssl: Make init functions fail if make_certs:all fails
ssl: Avoid sleep
ssl: modernize timetrap handling
|
|
|
|
Watchdog is legacy test_server use only ct:timetrap/1
|
|
|
|
The test cases does not use any hooks and including the ts_install_cth
trips up the test case setup on some platforms cuasing the test cases
to fail with {error, enoent}
|
|
A selfsigned trusted anchor should not be in the certifcate chain passed to
the certificate path validation.
Conflicts:
lib/ssl/src/ssl_certificate.erl
|
|
|
|
Check that the certificate chain ends with a trusted ROOT CA e.i. a
self-signed certificate, but provide an option partial_chain to
enable the application to define an intermediat CA as trusted.
TLS RFC says:
"unknown_ca
A valid certificate chain or partial chain was received, but the
certificate was not accepted because the CA certificate could not
be located or couldn't be matched with a known, trusted CA. This
message is always fatal."
and also states:
"certificate_list
This is a sequence (chain) of certificates. The sender's
certificate MUST come first in the list. Each following
certificate MUST directly certify the one preceding it. Because
certificate validation requires that root keys be distributed
independently, the self-signed certificate that specifies the root
certificate authority MAY be omitted from the chain, under the
assumption that the remote end must already possess it in order to
validate it in any case."
X509 RFC says:
"The selection of a trust anchor is a matter of policy: it could be
the top CA in a hierarchical PKI, the CA that issued the verifier's
own certificate(s), or any other CA in a network PKI. The path
validation procedure is the same regardless of the choice of trust
anchor. In addition, different applications may rely on different
trust anchors, or may accept paths that begin with any of a set of
trust anchors."
|
|
Make sure that test cases does not fail due to timing circumstances,
use selective receive even if it means we can not use test library functions
in some cases. TCP does not have delivery guarantee to application layer,
so sometimes a error message {error, Msg} or {error, closed} can be acceptable.
|
|
As the ASN-1 application relies on a nif in R16 for decodeing (that
was not the case in R15), public_key currently has a runtime
dependency on ASN-1. Hopefully we will be able to remove this
dependency again in the future.
|
|
Also phase in tls module as main API instead of ssl. To
make API clearer. As TLS is the new protocol name.
Maybe keep some API functions in ssl
|
|
|
|
follow up enhancments done in commit
e56167dd6ca8d37d26ea7f19933691a3bda41113
Make sure format_error return good strings. Replace confusing legacy atoms
with more descriptive atoms.
|
|
Remove filter mechanisms that made error messages backwards compatible
with old ssl but hid information about what actually happened.
This does not break the documented API however other reason
terms may be returned, so code that matches on the reason part of
{error, Reason} may fail.
|
|
|
