| Age | Commit message (Collapse) | Author |
|---|
|
ssl servers can recognize sslv2 client hellos to interop with clients
that support higher version of SSL/TLS but also offers sslv2
Conflicts:
lib/ssl/src/tls_connection.erl
|
|
|
|
In TLS-1.2 The signature algorithm and the hash function algorithm
used to produce the digest that is used when creating the digital signature
may be negotiated through the signature algorithm extension RFC 5246.
We want to make these algorithm pairs configurable.
In connections using lower versions of TLS these algorithms are
implicit defined and can not be negotiated or configured.
DTLS is updated to not cause dialyzer errors, but needs to get a real
implementation later.
|
|
* ia/ssl/modern-timetrap:
ssl: Make init functions fail if make_certs:all fails
ssl: Avoid sleep
ssl: modernize timetrap handling
|
|
|
|
Watchdog is legacy test_server use only ct:timetrap/1
|
|
|
|
The test cases does not use any hooks and including the ts_install_cth
trips up the test case setup on some platforms cuasing the test cases
to fail with {error, enoent}
|
|
|
|
|
|
|
|
Also fix DTLS call to supply its corresponding TLS version
|
|
Negotiated version is now always passed to ssl_handshake:select_hashsign
because ssl_handshake:select_cert_hashsign has different rsa defaults on
tlsv1.2 and older versions.
|
|
|
|
When TLS client sends a Supported Elliptic Curves Client Hello Extension
containing an unknown curve enum value, a server crashes with a
function_clause instead of just ignoring specified unknown curve.
|
|
See RFC 6066 section 3
|
|
Common functions will be located in ssl_handshake.erl while
specific functions will be located in tls_handshake.erl and dtls_handshake.erl
|
|
Also phase in tls module as main API instead of ssl. To
make API clearer. As TLS is the new protocol name.
Maybe keep some API functions in ssl
|
|
|
|
|
|
TLS 1.2 changes the layout of several handshake
records. This adds the TLS version to dec_hs/2
so it can decode those.
|
|
|
