aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/test
AgeCommit message (Collapse)Author
2019-04-02Merge branch 'ingela/ssl/upgrade-cuddle'Ingela Anderton Andin
* ingela/ssl/upgrade-cuddle: ssl: Upgrade cert generation for upgrade test
2019-04-02ssl: Upgrade cert generation for upgrade testIngela Anderton Andin
2019-04-01Merge branch 'raimo/ssl/tls-dist-fun-day/OTP-14792'Raimo Niskanen
* raimo/ssl/tls-dist-fun-day/OTP-14792: Skip all benchmark groups Benchmark report relative core load Improve printouts Polish sched util benchmark Improve printouts Dist handshake with nodelay Implement inet_crypto_dist benchmark example
2019-03-29Skip all benchmark groupsRaimo Niskanen
2019-03-29ssl: Add support AES_CCM cipher suites form RFC 6655Ingela Anderton Andin
2019-03-29Benchmark report relative core loadRaimo Niskanen
2019-03-29Improve printoutsRaimo Niskanen
2019-03-29Polish sched util benchmarkRaimo Niskanen
2019-03-29ssl: Correct test caseIngela Anderton Andin
Optimization to concatenate small user data packages recived closely after each other has invalidated assumptions in the test case.
2019-03-29ssl: Remove test cases from ssl_basic_SUITEIngela Anderton Andin
The test are moved to ssl_cipher_suite_SUITE
2019-03-29ssl: Remove basic test group from ssl_to_openssl_SUITEIngela Anderton Andin
This group has started to fail as our default has diverged from OpenSSL defaults and we are not really interested in testing OpenSSL defaults.
2019-03-28Improve printoutsRaimo Niskanen
2019-03-28Implement inet_crypto_dist benchmark exampleRaimo Niskanen
This is a simplistic distribution protocol module for encrypted distribution using a shared secret and only the crypto module, and AEAD ciphers. It is intended to be a benchmark reference for how fast encrypted distribution may get. How secure it would be and also how useful, for actual production use, remains to be investigated.
2019-03-24ssl: Enhance testingIngela Anderton Andin
2019-03-22Merge branch 'ingela/ssl/default-supported-versions/OTP-14865'Ingela Anderton Andin
* ingela/ssl/default-supported-versions/OTP-14865: ssl: Remove default support for legacy versions
2019-03-21Merge branch 'peterdmv/ssl/tls13-conn-info'Péter Dimitrov
* peterdmv/ssl/tls13-conn-info: ssl: Fix ssl:connection_information/1 in TLS 1.3 Change-Id: I492b0973bb4ee44354edf22ed3bc2a6e5c7b90c5
2019-03-21ssl: Remove default support for legacy versionsIngela Anderton Andin
TLS-1.0, TLS-1.1 and DTLS-1.0 are now considered legacy
2019-03-19Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/src/ssl.erl lib/ssl/src/tls_connection.erl
2019-03-18ssl: Fix ssl:connection_information/1 in TLS 1.3Péter Dimitrov
Store cipher suite information in session record. Test ssl:connection_information/1 in a TLS 1.3 connection. Change-Id: I7193e6dd2544540e446b5777b5768806cecf2bd3
2019-03-14ssl: Improve ssl loggingPéter Dimitrov
Remove function ssl:set_log_level/1. Its functionality is already implemented by logger:set_application_level/2. Set log level for ssl modules to debug at application start. Former implementation required an extra call to logger:set_application_level/2 (beside setting ssl option {log_level, debug}) to enable debug logging. Change-Id: Id21be7fd58915e11124cc136bb92d8a7526b8a74
2019-03-14ssl: Test handling of signature algorithmsPéter Dimitrov
Change-Id: I433924f9c590efa94423db5df52dd3f5d53d9d20
2019-03-11ssl: Fix transport transparancyIngela Anderton Andin
2019-03-07ssl: Test HelloRetryRequest with client authPéter Dimitrov
Change-Id: I6504d99a96ed6fc75dbdff78a6148ed39d3776c9
2019-03-04ssl: Test client authentication with certificatePéter Dimitrov
Change-Id: I09c0501ea790941001b11a3f6d12a96f18da2bea
2019-03-04ssl: Test client authentication (empty cert)Péter Dimitrov
Test client authentication when client responds with empty Certificate. Change-Id: I725ae60c6d097ca13c5f4354e35377ecacf98dea
2019-03-04Merge branch 'peterdmv/ssl/hello-retry-request/OTP-15590'Péter Dimitrov
* peterdmv/ssl/hello-retry-request/OTP-15590: ssl: Fix type spec for handshake_history() ssl: Add tests for hello_retry_request and groups ssl: Implement 'hello_retry_request' Change-Id: I04ad2860d0ba81462a1e36c7d6fcee6bc5c98c32
2019-03-04Merge branch 'maint'Raimo Niskanen
* maint: fixup! ssl: Add support for {active,N} ssl: Use common fonction to update {active,N} ssl: Document {active,N} ssl: Add support for {active,N}
2019-02-25ssl: Add tests for hello_retry_request and groupsPéter Dimitrov
Change-Id: I0e4a9337d5d52a0e39ccc16d2d2e2b123ea2f9b5
2019-02-22Merge branch ssl-active-n of essen:erlang/otp into essen/ssl-active-nRaimo Niskanen
* essen:erlang/otp: fixup! ssl: Add support for {active,N} ssl: Use common fonction to update {active,N} ssl: Document {active,N} ssl: Add support for {active,N} Conflicts: lib/ssl/src/ssl_connection.erl
2019-02-21Merge branch 'maint'Raimo Niskanen
* maint: Inline local function Optimize binary matching Clean up module boundaries Remove redundant return of CipherState Use iovec() internally in send path Small binary handling optimizations Optimize read_application_data with Okasaki queue Try to optimize decode_cipher_text/3 Optimize application data aggregation Optimize TLS record parsing with Okasaki queue Cache strong_random_bytes for IV Optimize padding Produce less garbage in encrypt loop Reorganize #data{} Tidy up state machine Add server GC info to bench results Conflicts: lib/ssl/src/ssl_cipher.erl lib/ssl/src/ssl_connection.erl lib/ssl/src/ssl_connection.hrl lib/ssl/src/ssl_logger.erl lib/ssl/src/ssl_record.erl lib/ssl/src/ssl_record.hrl lib/ssl/src/tls_connection.erl lib/ssl/src/tls_record.erl lib/ssl/src/tls_sender.erl
2019-02-21Merge branch 'raimo/ssl/tls-optimization/OTP-15529' into maintRaimo Niskanen
* raimo/ssl/tls-optimization/OTP-15529: Inline local function Optimize binary matching Clean up module boundaries Remove redundant return of CipherState Use iovec() internally in send path Small binary handling optimizations Optimize read_application_data with Okasaki queue Try to optimize decode_cipher_text/3 Optimize application data aggregation Optimize TLS record parsing with Okasaki queue Cache strong_random_bytes for IV Optimize padding Produce less garbage in encrypt loop Reorganize #data{} Tidy up state machine Add server GC info to bench results
2019-02-21Merge branch 'ingela/ssl/bench'Ingela Anderton Andin
* ingela/ssl/bench: ssl: Improve bench SUITE
2019-02-21ssl: Improve bench SUITEIngela Anderton Andin
Add shorter time trap, modernize code and make sure help process terminates.
2019-02-19ssl: Add support for {active,N}Loïc Hoguin
2019-02-18Merge branch 'ingela/ssl/shrink-state' into maintIngela Anderton Andin
* ingela/ssl/shrink-state: ssl: Remove duplicate record_cb handling ssl: Add test case for continued handshake with a timeout ssl: Use gen_statem named timers to handle connection and recv timeouts ssl: Move and rename diffie_hellman_keys and srp_keys to kex_keys ssl: Move key_algorithm to handshake_env ssl: srp ssl: Rename ssl: Move diffie_hellman_params to handshake_env ssl: Move and rename psk_identity state record field ssl: Move premaster_secret to handshake_env ssl: Make flight_state DTLS specific ssl: Add private_key to connection_env ssl: Remove unused record field ssl: Add erl_dist_handle to connection_env ssl: Add negotiated_version to connection_env ssl: Add key exchange items to handshake_env ssl: Add hashsign_algorithm and cert_hashsign_algorithm to handshake_env ssl: Add downgrade handling to connection_env ssl: Create connection_env ssl: Handle renegotiation and extensions in handshake_env
2019-02-18Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/src/dtls_connection.erl lib/ssl/src/ssl_connection.erl lib/ssl/src/ssl_connection.hrl lib/ssl/src/tls_connection.erl
2019-02-18Merge branch 'ingela/ssl/shrink-state' into maintIngela Anderton Andin
* ingela/ssl/shrink-state: ssl: Remove duplicate record_cb handling ssl: Add test case for continued handshake with a timeout ssl: Use gen_statem named timers to handle connection and recv timeouts ssl: Move and rename diffie_hellman_keys and srp_keys to kex_keys ssl: Move key_algorithm to handshake_env ssl: srp ssl: Rename ssl: Move diffie_hellman_params to handshake_env ssl: Move and rename psk_identity state record field ssl: Move premaster_secret to handshake_env ssl: Make flight_state DTLS specific ssl: Add private_key to connection_env ssl: Remove unused record field ssl: Add erl_dist_handle to connection_env ssl: Add negotiated_version to connection_env ssl: Add key exchange items to handshake_env ssl: Add hashsign_algorithm and cert_hashsign_algorithm to handshake_env ssl: Add downgrade handling to connection_env ssl: Create connection_env ssl: Handle renegotiation and extensions in handshake_env
2019-02-14Merge branch 'peterdmv/ssl/server-process-client-finished'Péter Dimitrov
* peterdmv/ssl/server-process-client-finished: ssl: Test TLS 1.3 connectivity ssl: Fix crash when sending Alerts ssl: Fix dialyzer warning ssl: Improve TLS 1.3 statem Change-Id: I258e0309ba3a132d5ab2056151935a3df8646344
2019-02-14ssl: Add test case for continued handshake with a timeoutdimadio
2019-02-14Merge branch 'maint'Péter Dimitrov
* maint: ssl: Fix renegotiation testcases ssl: Fix failing rizzo testcases ssl: Use IPv4 addresses with openssl s_client ssl: Use sha256 in test certificates if supported Change-Id: I8a604d607333d029b170e3d3ad31ea01890202ea
2019-02-14Merge branch 'peterdmv/ssl/fix-failing-testcases' into maintPéter Dimitrov
* peterdmv/ssl/fix-failing-testcases: ssl: Fix renegotiation testcases ssl: Fix failing rizzo testcases ssl: Use IPv4 addresses with openssl s_client ssl: Use sha256 in test certificates if supported Change-Id: I11a326be027545e20fbef6f90996b0c8be8c3e50
2019-02-13ssl: Fix renegotiation testcasesPéter Dimitrov
Fix failing renegotiation testcases with openssl-1.1.1a. openssl s_client sends the renegotiation "R\n" connected command to the server side causing testcase failure. This commit updates ssl_to_openssl_SUITE:erlang_ssl_receive to swallow the unexpected packet. Change-Id: I1f5d040ac65c25652f7101ddf109fc84acc4c915
2019-02-13Optimize TLS record parsing with Okasaki queueRaimo Niskanen
2019-02-13Add server GC info to bench resultsRaimo Niskanen
2019-02-13ssl: Fix failing rizzo testcasesPéter Dimitrov
Filter out the cipher 'chacha20_poly1305' when running the testcase 'rizzo_one_n_minus_one'. Change-Id: If3a18b0782b747b91155553e0659faebd7c5dd05
2019-02-13ssl: Use IPv4 addresses with openssl s_clientPéter Dimitrov
This commit fixes failing testcases on OpenBSD 12.0 systems. It forces openssl s_client to use an IPv4 address if openssl supports IPv6. When s_client is called with the argument "localhost" it binds to the first address returned by getaddrinfo. As the first address is an IPv6 address on OpenBSD 12.0, the client fails to send UDP packets to the ssl server that is listening on an IPv4 address. Change-Id: Ie662d10f4f0d9c803f7a341c9ea7dbe2ac80b556
2019-02-11ssl: Use sha256 in test certificates if supportedPéter Dimitrov
This commit fixes ssl_test_lib:appropriate_sha/1 that returns sha256 if it is supported by crypto. It returns sha1 otherwise. Change-Id: I0bfa4d50bbe3c788551a81d418db2cabc36a4344
2019-02-11ssl: Test TLS 1.3 connectivityPéter Dimitrov
Test TLS 1.3 connectivity between ssl server and openssl s_client. Change-Id: I926229d6bc9e6670ebe0190b491257876845b570
2019-02-08ssl: Improve TLS 1.3 statemPéter Dimitrov
- Store FinishedKey in cipher_state. - Implement state 'wait_finished'. - Calculate traffic secrets in 'wait_finished' after Finished received from client and go to state 'Connection'. - Drop 'change_cipher_spec' messages (middlebox compatibility mode). - Extend tests of 1-RTT. Change-Id: Id69619ec5da053ffaaef75378678a27afeef6916
2019-02-05Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/doc/src/ssl.xml lib/ssl/src/ssl.erl lib/ssl/src/ssl_cipher_format.erl lib/ssl/src/tls_handshake.erl
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-04 19:39:42 +0000