Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-03-31 | ssl: Add possibility to specify ssl options when calling ssl:ssl_accept | Ingela Anderton Andin | |
2014-03-26 | ssl, pubkey: Code and test adjustments | Hans Nilsson | |
2014-03-26 | Rework IDP validation according to the RFC, fix public_key tests | Andrew Thompson | |
2014-03-26 | Various improvements to CRL handling | Andrew Thompson | |
* Handle v1 CRLs, with no extensions. * Compare the IDP on a CRL correctly, if present * Don't try to double-decode altnames Tests are also included, and the make_certs testing tool in the SSL application has been greatly extended. | |||
2014-03-25 | ssl: Handle SNI alert unrecognized_name and gracefully deal with | Ingela Anderton Andin | |
unexpected alerts. Add recognitions of RFC 4366 alerts and handle possible unimplementd alerts in a gracefully way. | |||
2014-03-14 | Add test for unknown elliptic curve supported by client | Danil Zagoskin | |
When TLS client sends a Supported Elliptic Curves Client Hello Extension containing an unknown curve enum value, a server crashes with a function_clause instead of just ignoring specified unknown curve. | |||
2014-03-04 | ssl: Add input sanity check | Ingela Anderton Andin | |
Avoid puzzling behavior due to options being disregarded if they are not key value tuples. | |||
2014-02-24 | Merge branch 'schlagert/fix_basic_appups' | Siri Hansen | |
* schlagert/fix_basic_appups: Dynamically configure typer_SUITE according to environment Disable hipe_SUITE when environment doesn't support it Make hipe non-upgradable by setting appup file empty Fix missing module on hipe app file template Add test suites performing app and appup file checks Introduce appup test utility Fix library application appup files Fix non-library appup files according to issue #240 OTP-11744 | |||
2014-02-24 | Add test suites performing app and appup file checks | Tobias Schlager | |
Add the mentioned test suites for *all* library and touched non-library applications. | |||
2014-02-21 | ssl: Add test that memory is not leeked | Ingela Anderton Andin | |
2014-02-14 | ssl: Add test for avoiding a version and chipher suite missmatch | Ingela Anderton Andin | |
2014-01-29 | ssl: Add workaround in test code for openssl s_client bug | Ingela Anderton Andin | |
2014-01-28 | Merge branch 'ia/ssl/tests' | Ingela Anderton Andin | |
* ia/ssl/tests: ssl: Avoid test case timing issues | |||
2014-01-28 | Merge branch 'ia/Vagabond/adt-honor-cipher-order/OTP-11621' | Ingela Anderton Andin | |
* ia/Vagabond/adt-honor-cipher-order/OTP-11621: Implement 'honor_cipher_order' SSL server-side option | |||
2014-01-27 | ssl: Avoid test case timing issues | Ingela Anderton Andin | |
2014-01-24 | Merge branch 'maint' | Ingela Anderton Andin | |
Conflicts: otp_build | |||
2014-01-22 | ssl: Incorrect inputed cipherlist lead server to think that the client | Ingela Anderton Andin | |
did not support secure renegotiation | |||
2014-01-22 | Merge branch 'dgud/test_unicode/OTP-10877' | Dan Gudmundsson | |
* dgud/test_unicode/OTP-10877: sasl test: Quote executable paths (can contain spaces) rt_tools: Handle unicode chars in printouts kernel: code_SUITE fix unicode option Fix (unicode) debug info in test cases stdlib: Fix format if module resides in a unicode directory Fix testing with unicode paths test_server: Fix ts write unicode in config files | |||
2014-01-21 | Implement 'honor_cipher_order' SSL server-side option | Andrew Thompson | |
HonorCipherOrder as implemented in Apache, nginx, lighttpd, etc. This instructs the server to prefer its own cipher ordering rather than the client's and can help protect against things like BEAST while maintaining compatability with clients which only support older ciphers. This code is mostly written by Andrew Thompson, only the test case was added by Andreas Schultz. | |||
2014-01-21 | Merge branch 'ia/ssl/openssl-reneogtiation-bug' | Ingela Anderton Andin | |
* ia/ssl/openssl-reneogtiation-bug: ssl: Add versions to check for sane OpenSSL version for renegotiation | |||
2014-01-21 | Fix (unicode) debug info in test cases | Dan Gudmundsson | |
2014-01-14 | ssl: Add missing options validation of server_name_indication | Ingela Anderton Andin | |
2014-01-14 | ssl: Add versions to check for sane OpenSSL version for renegotiation | Ingela Anderton Andin | |
2013-12-02 | ssl: Refactor connetion handling | Ingela Anderton Andin | |
2013-12-02 | ssl: Test case enhancement | Ingela Anderton Andin | |
Make sure that test cases does not fail due to timing circumstances, use selective receive even if it means we can not use test library functions in some cases. TCP does not have delivery guarantee to application layer, so sometimes a error message {error, Msg} or {error, closed} can be acceptable. | |||
2013-12-02 | ssl: Refactor API | Ingela Anderton Andin | |
New design : ssl - Main tls - Reflect tls specific semantics dtls - Reflect dtls specific semantics | |||
2013-12-02 | ssl: Refactor connection and handshake handling | Ingela Anderton Andin | |
2013-11-06 | Add SSL Server Name Indication (SNI) client support | Julien Barbot | |
See RFC 6066 section 3 | |||
2013-09-10 | ssl: Refactor to provide common handshake functions for TLS/DTLS | Ingela Anderton Andin | |
Common functions will be located in ssl_handshake.erl while specific functions will be located in tls_handshake.erl and dtls_handshake.erl | |||
2013-09-02 | ssl: Handle signature_algorithm field in digitally_signed properly | Ingela Anderton Andin | |
with proper defaults Added ssl_ECC_SUITE | |||
2013-08-08 | ssl: Revert faulty header option fix | Ingela Anderton Andin | |
The code was changed in the belife that it made it inet compatible. However the testing is a bit hairy as the inet option is acctualy broken, now the tests are corrected and the header option should work in the same broken way as inet again, preferably use the bitsyntax instead. | |||
2013-06-07 | public_key & ssl: Add ASN-1 dependency | Ingela Anderton Andin | |
As the ASN-1 application relies on a nif in R16 for decodeing (that was not the case in R15), public_key currently has a runtime dependency on ASN-1. Hopefully we will be able to remove this dependency again in the future. | |||
2013-06-04 | ssl: Structural perarparation to support DTLS | Ingela Anderton Andin | |
Also phase in tls module as main API instead of ssl. To make API clearer. As TLS is the new protocol name. Maybe keep some API functions in ssl | |||
2013-05-28 | ssl: Do not advertise EC ciphers if crypto support is insufficient | Ingela Anderton Andin | |
2013-05-24 | crypto, public_key & ssl: Make more functions accept integer keys | Sverker Eriksson | |
2013-05-20 | crypto,public_key,ssl: Change return value of crypto:generate_key(ecdh,..) | Sverker Eriksson | |
to conform with the return value of the other types. | |||
2013-05-20 | ssl, public_key, crypto: crypto:algorithms/0 -> crypto:supports/0 | Ingela Anderton Andin | |
2013-05-20 | ssl, public_key & inets: Remove use of deprecated crypto functions from | Ingela Anderton Andin | |
test code | |||
2013-05-20 | ssl: Remove use of deprecated crypto functions | Ingela Anderton Andin | |
2013-05-08 | ssl: Only send ECC-hello extension if ECC-cipher suites are advertised | Ingela Anderton Andin | |
2013-05-08 | ssl, crypto: Eliminate remaining mpint and EC resource key from API | Ingela Anderton Andin | |
2013-05-08 | ssl, public_key, crypto: General generate_key and compute_key functions | Ingela Anderton Andin | |
2013-05-08 | ssl: test case fix | Ingela Anderton Andin | |
2013-05-08 | public_key: use new crypto | Ingela Anderton Andin | |
2013-05-08 | crypto, public_key & ssl: Change API to hide resource format for EC KEY | Sverker Eriksson | |
2013-05-08 | ssl: Filter out ECC cipher suites when openssl is buggy | Ingela Anderton Andin | |
Even in "normal" (not explicitly ECC tests) cases we need to filter out ECC ciper suites as they are preferd. | |||
2013-05-08 | ssl & public_key: Improved handling ECDH keys | Ingela Anderton Andin | |
2013-05-08 | ssl: ct:print -> ct:log and assert port_command | Ingela Anderton Andin | |
2013-05-08 | ssl: Skip ECC cipher tests on versions of openssl pre 0.9.9 | Ingela Anderton Andin | |
EEC is not fully supported before 0.9.9. Also skip tests on opensslversions with known bugs in ECC support | |||
2013-05-08 | SSL: add Elliptic Curve ciphers unit tests | Andreas Schultz | |