Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-01-21 | Implement 'honor_cipher_order' SSL server-side option | Andrew Thompson | |
HonorCipherOrder as implemented in Apache, nginx, lighttpd, etc. This instructs the server to prefer its own cipher ordering rather than the client's and can help protect against things like BEAST while maintaining compatability with clients which only support older ciphers. This code is mostly written by Andrew Thompson, only the test case was added by Andreas Schultz. | |||
2014-01-21 | Merge branch 'ia/ssl/openssl-reneogtiation-bug' | Ingela Anderton Andin | |
* ia/ssl/openssl-reneogtiation-bug: ssl: Add versions to check for sane OpenSSL version for renegotiation | |||
2014-01-21 | Fix (unicode) debug info in test cases | Dan Gudmundsson | |
2014-01-14 | ssl: Add missing options validation of server_name_indication | Ingela Anderton Andin | |
2014-01-14 | ssl: Add versions to check for sane OpenSSL version for renegotiation | Ingela Anderton Andin | |
2013-12-02 | ssl: Refactor connetion handling | Ingela Anderton Andin | |
2013-12-02 | ssl: Test case enhancement | Ingela Anderton Andin | |
Make sure that test cases does not fail due to timing circumstances, use selective receive even if it means we can not use test library functions in some cases. TCP does not have delivery guarantee to application layer, so sometimes a error message {error, Msg} or {error, closed} can be acceptable. | |||
2013-12-02 | ssl: Refactor API | Ingela Anderton Andin | |
New design : ssl - Main tls - Reflect tls specific semantics dtls - Reflect dtls specific semantics | |||
2013-12-02 | ssl: Refactor connection and handshake handling | Ingela Anderton Andin | |
2013-11-06 | Add SSL Server Name Indication (SNI) client support | Julien Barbot | |
See RFC 6066 section 3 | |||
2013-09-10 | ssl: Refactor to provide common handshake functions for TLS/DTLS | Ingela Anderton Andin | |
Common functions will be located in ssl_handshake.erl while specific functions will be located in tls_handshake.erl and dtls_handshake.erl | |||
2013-09-02 | ssl: Handle signature_algorithm field in digitally_signed properly | Ingela Anderton Andin | |
with proper defaults Added ssl_ECC_SUITE | |||
2013-08-08 | ssl: Revert faulty header option fix | Ingela Anderton Andin | |
The code was changed in the belife that it made it inet compatible. However the testing is a bit hairy as the inet option is acctualy broken, now the tests are corrected and the header option should work in the same broken way as inet again, preferably use the bitsyntax instead. | |||
2013-06-07 | public_key & ssl: Add ASN-1 dependency | Ingela Anderton Andin | |
As the ASN-1 application relies on a nif in R16 for decodeing (that was not the case in R15), public_key currently has a runtime dependency on ASN-1. Hopefully we will be able to remove this dependency again in the future. | |||
2013-06-04 | ssl: Structural perarparation to support DTLS | Ingela Anderton Andin | |
Also phase in tls module as main API instead of ssl. To make API clearer. As TLS is the new protocol name. Maybe keep some API functions in ssl | |||
2013-05-28 | ssl: Do not advertise EC ciphers if crypto support is insufficient | Ingela Anderton Andin | |
2013-05-24 | crypto, public_key & ssl: Make more functions accept integer keys | Sverker Eriksson | |
2013-05-20 | crypto,public_key,ssl: Change return value of crypto:generate_key(ecdh,..) | Sverker Eriksson | |
to conform with the return value of the other types. | |||
2013-05-20 | ssl, public_key, crypto: crypto:algorithms/0 -> crypto:supports/0 | Ingela Anderton Andin | |
2013-05-20 | ssl, public_key & inets: Remove use of deprecated crypto functions from | Ingela Anderton Andin | |
test code | |||
2013-05-20 | ssl: Remove use of deprecated crypto functions | Ingela Anderton Andin | |
2013-05-08 | ssl: Only send ECC-hello extension if ECC-cipher suites are advertised | Ingela Anderton Andin | |
2013-05-08 | ssl, crypto: Eliminate remaining mpint and EC resource key from API | Ingela Anderton Andin | |
2013-05-08 | ssl, public_key, crypto: General generate_key and compute_key functions | Ingela Anderton Andin | |
2013-05-08 | ssl: test case fix | Ingela Anderton Andin | |
2013-05-08 | public_key: use new crypto | Ingela Anderton Andin | |
2013-05-08 | crypto, public_key & ssl: Change API to hide resource format for EC KEY | Sverker Eriksson | |
2013-05-08 | ssl: Filter out ECC cipher suites when openssl is buggy | Ingela Anderton Andin | |
Even in "normal" (not explicitly ECC tests) cases we need to filter out ECC ciper suites as they are preferd. | |||
2013-05-08 | ssl & public_key: Improved handling ECDH keys | Ingela Anderton Andin | |
2013-05-08 | ssl: ct:print -> ct:log and assert port_command | Ingela Anderton Andin | |
2013-05-08 | ssl: Skip ECC cipher tests on versions of openssl pre 0.9.9 | Ingela Anderton Andin | |
EEC is not fully supported before 0.9.9. Also skip tests on opensslversions with known bugs in ECC support | |||
2013-05-08 | SSL: add Elliptic Curve ciphers unit tests | Andreas Schultz | |
2013-05-08 | SSL: add Elliptic Curve support for ssl app | Andreas Schultz | |
2013-05-08 | SSL: filter TLS cipher suites for supported algorithms | Andreas Schultz | |
2013-04-29 | Merge branch 'as/fix-srp-psk-anon/OTP-11071' into maint | Fredrik Gustafsson | |
* as/fix-srp-psk-anon/OTP-11071: fix srp_anon ciphers suites requiring certificates to work. | |||
2013-04-17 | Encode Erlang source files with non-ascii characters in UTF-8 | Björn Gustavsson | |
To ensure that 'master' compiles when we merge 'maint' to it, regardless of which encoding is default in 'master', all source files with non-ascii characters *must* have the encoding specified. | |||
2013-04-12 | fix srp_anon ciphers suites requiring certificates to work. | Andreas Schultz | |
This problem was not caught by the test suites since all PSK and SRP suites where always tested with certificates. Split those tests into test with and without certificates. | |||
2013-03-28 | SSL: add tests for PSK and SRP ciphers | Andreas Schultz | |
2013-03-13 | ssl: Add missing configuration in test case | Ingela Anderton Andin | |
2013-03-06 | ssl: Handle next protocol negotiation when reusing a session. | Ingela Anderton Andin | |
2013-03-05 | ssl: Check that negotiated version is a supported version. | Ingela Anderton Andin | |
2013-03-01 | ssl: correct test case | Ingela Anderton Andin | |
2013-02-22 | ssl: Add missing group clause and correct parameters to packet/7 | Ingela Anderton Andin | |
2013-02-20 | ssl: Fatal close alert makes more sense than handshake failiure at econnaborted | Ingela Anderton Andin | |
2013-02-18 | ssl: Further error handling enhancments | Ingela Anderton Andin | |
follow up enhancments done in commit e56167dd6ca8d37d26ea7f19933691a3bda41113 Make sure format_error return good strings. Replace confusing legacy atoms with more descriptive atoms. | |||
2013-02-12 | ssl: Generalize cb_info option | Ingela Anderton Andin | |
2013-01-25 | Update copyright years | Björn-Egil Dahlberg | |
2013-01-25 | Merge branch 'ia/ssl/test-case-timeout' | Ingela Anderton Andin | |
* ia/ssl/test-case-timeout: ssl: Too short timeout in test case | |||
2013-01-23 | ssl: Too short timeout in test case | Ingela Anderton Andin | |
2013-01-22 | Merge branch 'ia/ssl/incompatible-error-msg/OTP-10451' | Ingela Anderton Andin | |
* ia/ssl/incompatible-error-msg/OTP-10451: ssl: Enhance error handling |