aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/test
AgeCommit message (Collapse)Author
2018-04-24Parse cert primarily for host namesRaimo Niskanen
2018-04-20Create plug-in for distro cert nodesRaimo Niskanen
2018-04-19Rewrite TLS dist to handle node names in certsRaimo Niskanen
2018-03-27ssl: Cleaner test setup to avoid unintentional test case dependenciesIngela Anderton Andin
2018-03-27ssl: Correct ECC suite and DTLS ECC handlingIngela Anderton Andin
When test handling was corrected it was obvious that DTLS ECC handling was not compleated.
2018-03-09ssl: Remove interoperability option v2_hello_compatibleIngela Anderton Andin
2018-03-08Merge branch 'ingela/ssl/no-automated-fallback/OTP-14789'Ingela Anderton Andin
2018-03-08ssl: Increase security with safer defaultIngela Anderton Andin
The interoperability option to fallback to insecure renegotiation now has to be explicitly turned on.
2018-03-06Merge branch 'maint'Ingela Anderton Andin
2018-03-06ssl: Fix anonymous suites regression and protocol errorBram Verburg
Anonymous cipher suites were broken altogether, and there was an earlier issue where the server would send a signature in the server key exchange if a certificate was configured, even if an anonymous suite was actually negotiated. Backport of PR-1729
2018-03-06Merge branch 'maint'Anders Svensson
2018-03-05[ssl] Fix hanging test case on outdated lab machineLars Thorsen
2018-02-07Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/doc/src/ssl.xml lib/ssl/src/ssl.erl lib/ssl/src/ssl_cipher.erl lib/ssl/test/ssl_basic_SUITE.erl lib/ssl/test/ssl_test_lib.erl
2018-02-07ssl: Make sure anonymous suites are handled separatelyIngela Anderton Andin
Preferably customized cipher suites will be based on the default value. But all may be used as base and hence it will be good to handle anonymous suites separately as they are intended for testing purposes.
2018-02-05ssl: Add new API functions for cipher suite handlingIngela Anderton Andin
2018-01-26Merge branch 'maint'Ingela Anderton Andin
2018-01-25Merge branch 'ingela/DTLS-supported'Ingela Anderton Andin
* ingela/DTLS-supported: ssl: Fix typo dtls: Add DTLS handling to utility functions ssl: Document enhancment ssl: Document DTLS
2018-01-25ssl: Check OpenSSL version for DSS (DSA) supportIngela Anderton Andin
LibreSSL-2.6.3 dropped DSS (DSA) support
2018-01-24Merge branch 'maint'Ingela Anderton Andin
2018-01-23ssl: Add record version sanity checkIngela Anderton Andin
2018-01-22Merge branch 'ingela/ssl/no-chacha-default-for-now/ERL-538/OTP-14882'Ingela Anderton Andin
* ingela/ssl/no-chacha-default-for-now/ERL-538/OTP-14882: ssl: Remove chacha ciphers form default for now
2018-01-22ssl: Remove chacha ciphers form default for nowIngela Anderton Andin
We have discovered interoperability problems, ERL-538, that we believe needs to be solved in crypto.
2018-01-19ssl: Remove 3DES cipher suites from defaultIngela Anderton Andin
2018-01-17dtls: Add DTLS handling to utility functionsIngela Anderton Andin
2018-01-16Merge branch 'ingela/ssl/remove-rsa-keyexchange-from-default/OTP-14769'Ingela Anderton Andin
* ingela/ssl/remove-rsa-keyexchange-from-default/OTP-14769: ssl: RSA key exchange is considered broken do not support by default
2018-01-16ssl: RSA key exchange is considered broken do not support by defaultIngela Anderton Andin
2018-01-15Merge branch 'maint'Ingela Anderton Andin
* maint: ssl: Call clean version function
2018-01-15ssl: Call clean version functionIngela Anderton Andin
Make sure tests are run with intended version settings.
2018-01-11Merge branch 'maint'Ingela Anderton Andin
2018-01-11Merge branch 'ingela/ssl/timeout-cuddle' into maintIngela Anderton Andin
* ingela/ssl/timeout-cuddle: ssl: Tune timeouts
2018-01-11ssl: Tune timeoutsIngela Anderton Andin
2018-01-09Merge branch 'maint'Ingela Anderton Andin
2018-01-07dtls: Filter out rc4 for DTLS psk suitesIngela Anderton Andin
Stream ciphers are not valid fro DTLS
2018-01-06dtls: We do not need to wait for DTLS over UDP serverIngela Anderton Andin
Client will retransmit until server becomes responsive
2017-12-20Merge branch 'raimo/ssl-dist-bench/OTP-14657'Raimo Niskanen
* raimo/ssl-dist-bench/OTP-14657: Skip ssl_bench_SUITE, normally
2017-12-12Skip ssl_bench_SUITE, normallyRaimo Niskanen
2017-12-05Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/src/ssl_cipher.erl lib/ssl/src/ssl_handshake.erl
2017-12-05ssl: Use maps for cipher suites internallyIngela Anderton Andin
This is a preparation for improvements to come in option handling and support for TLS-1.3
2017-12-04Write SSL distribution benchmarksRaimo Niskanen
2017-11-10Merge branch 'maint'Ingela Anderton Andin
2017-11-08ssl: Add private key configuration for crypto engineIngela Anderton Andin
2017-10-18Merge branch 'maint'Ingela Anderton Andin
2017-10-18Merge branch 'ingela/dtls/no-packet-upd/OTP-14664' into maintIngela Anderton Andin
* ingela/dtls/no-packet-upd/OTP-14664: ssl: No support for packet option over unreliable transport
2017-10-17Merge branch 'maint'Ingela Anderton Andin
2017-10-17ssl: No support for packet option over unreliable transportIngela Anderton Andin
2017-10-16ssl: Fix test cases to work on all test platformsIngela Anderton Andin
Use hradcoded rsa keys as this will work on all legacy platforms. In test case dns_name_reuse only do the relevant client check in the final test.
2017-10-13ssl: Sessions must be registered with SNI if existsIngela Anderton Andin
2017-10-13ssl: Extend hostname check to fallback to checking IP-addressIngela Anderton Andin
If no SNI is available and the hostname is an IP-address also check for IP-address match. This check is not as good as a DNS hostname check and certificates using IP-address are not recommended.
2017-10-12public_key, ssl: Handles keys so that APIs are preserved correctlyIngela Anderton Andin
2017-10-02Merge branch 'maint'Ingela Anderton Andin