Age | Commit message (Collapse) | Author |
|
Added cache invalidation control of ssl certificates so that
sessions will not be reused if file content is changed.
There was a glitch in ssl:close that made it possible to
to get eaddrinuse even though reuseadder-option was used.
Also improved tests for better user-close handling.
|
|
|
|
For testing purposes ssl now also support some anonymous cipher suites
when explicitly configured to do so.
Also moved session cache tests to its own suite, so that timeout
of end_per_testcase when the mnesia is used as session cache will
not affect other test cases.
|
|
Handling of unkown CA certificats was changed in ssl and
public_key to work as intended.
In the process of doing this some test cases has been corrected as
they where wrong but happened to work together with the
incorrect unknown CA handling.
|
|
Changed test so that the test cases testing all different ciphers
also sends data so that that the calls to crypto cipher functions
are also tested.
|
|
* ia/public_key_api/OTP-8722:
Revise the public_key API
Resolved, version is now 0.8.
Conflicts:
lib/public_key/vsn.mk
|
|
Cleaned up and documented the public_key API to
make it useful for general use.
|
|
in client hello message when a client certificate is used
The client hello message now always include ALL available cipher suites
(or those specified by the ciphers option). Previous implementation would
filter them based on the client certificate key usage extension (such
filtering only makes sense for the server certificate).
|
|
instead of causing a case-clause.
|
|
(This is the merge of r13 version to r14_dev)
|
|
New ssl now support client/server-certificates signed by dsa keys.
|
|
Alert handling has been improved to better handle unexpected but valid
messages and the implementation is also changed to avoid timing related
issues that could cause different error messages depending on network
latency. Packet handling was sort of broken but would mostly work as
expected when socket was in binary mode. This has now been fixed.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
New ssl now properly handles ssl renegotiation, and initiates a
renegotiation if ssl/ltls-sequence numbers comes close to the max value.
|
|
packet.
|
|
|