otp.git - Mirror of Erlang/OTP repository.

Age	Commit message (Collapse)	Author
2016-02-08	Merge branch 'maint'	Sverker Eriksson

2016-02-08	Merge branch 'sverk/ecc-fixes' into maint	Sverker Eriksson
	OTP-13311 * sverk/ecc-fixes: Ensure testing ssl with supported ciphers only Only use supported EC curves in crypto tests Check the result of EC_GROUP_new_curve_* calls
2016-02-08	ssl: verify cert signature against original cert binary	Matt Campbell
	When searching for a certificate's issuer in the `CertDB`, verify the signature against the original DER certificate from the handshake instead of a re-encoding of the parsed certificate. This avoids false negatives due to differences between DER encoding implementations of OTP and other platforms.
2016-02-02	Merge branch 'maint'	Zandra

2016-02-02	Merge branch 'legoscia/tls-dist-connect-options' into maint	Zandra
	* legoscia/tls-dist-connect-options: ssl_dist_SUITE: don't use deprecated functions TLS distribution: support inet_dist_connect_options OTP-13285
2016-01-28	Ensure testing ssl with supported ciphers only	Dániel Szoboszlay
	There are two problematic areas: EC curve selection and interoperability tests with OpenSSL. The tests shouldn't assume any particular EC curve is available, but should always check the list of curves reported by tls_v1:ecc_curves/1. And during interoperability tests the tests shouldn't assume that any cipher suite supported by Erlang is also supported by OpenSSL. There are OpenSSL packages where the command line openssl tool only supports a subset of the ciphers available in libcrypto. The actual list of supported cipher suites thus shall be queried from OpenSSL.
2016-01-27	Refactor ssl_crl_SUITE: extract crl_verify_error/6	Magnus Henoch
	Just like crl_verify_valid/5 checks for a positive result given certain options, crl_verify_error/6 checks for a negative result.
2016-01-25	Merge branch 'maint'	Ingela Anderton Andin

2016-01-21	ssl: Fix typos that broke alpn tests	Ingela Anderton Andin

2016-01-21	Merge branch 'maint'	Ingela Anderton Andin

2016-01-21	ssl: In interop tests always check if SSL/TLS version is supported by OpenSSL	Ingela Anderton Andin
	As sslv3 is being faced out we need to test for old version support as well as newer versions.
2016-01-12	ssl_dist_SUITE: don't use deprecated functions	Magnus Henoch
	Use erlang:unique_integer/1 instead of erlang:now/0 to generate a unique node name. Use rand:uniform/1 instead of random:uniform/1, so we don't need to generate a seed ourselves.
2016-01-12	TLS distribution: support inet_dist_connect_options	Magnus Henoch
	Allow adding extra options for outgoing TLS distribution connnections, as supported for plain TCP connections.
2015-12-15	Merge branch 'maint'	Ingela Anderton Andin

2015-12-15	Merge branch 'ia/libressl' into maint	Ingela Anderton Andin
	* ia/libressl: ssl: Print openssl version string ssl: Do not use environment variables in openSSL config file
2015-12-15	Merge branch 'maint'	Ingela Anderton Andin

2015-12-15	ssl: Convert all test to use "ssl_test_lib:portable_open_port"	Ingela Anderton Andin

2015-12-14	ssl: Print openssl version string	Ingela Anderton Andin

2015-12-14	ssl: Do not use environment variables in openSSL config file	Ingela Anderton Andin
	LibreSSL does not allow it.
2015-12-14	Merge branch 'maint'	Ingela Anderton Andin

2015-12-11	ssl: fix hibernate_after with instant or near instant timeouts	Andrey Mayorov

2015-12-11	Merge branch 'maint'	Ingela Anderton Andin

2015-12-11	ssl: Fix typos	Ingela Anderton Andin

2015-12-11	Merge branch 'maint'	Ingela Anderton Andin

2015-12-11	Merge branch 'ia/ssl/windows-tests' into maint	Ingela Anderton Andin
	* ia/ssl/windows-tests: ssl: Use test case time out instead ssl: Use spawn_executable
2015-12-09	ssl: Use test case time out instead	Ingela Anderton Andin

2015-12-09	ssl: Use spawn_executable	Ingela Anderton Andin

2015-12-09	ssl: Add renegotiation exception	Ingela Anderton Andin

2015-12-07	Merge branch 'maint'	Henrik Nord

2015-12-07	Merge branch 'rlipscombe/rl-ssl-options' into maint	Henrik Nord
	* rlipscombe/rl-ssl-options: Ensure single 'raw' option is handled correctly Pass 'raw' options through OTP-13166
2015-12-07	Merge branch 'maint'	Ingela Anderton Andin

2015-12-03	ssl: Add upper limit for session cache	Ingela Anderton Andin
	If upper limit is reached invalidate the current cache entries, e.i the session lifetime is the max time a session will be keept, but it may be invalidated earlier if the max limit for the table is reached. This will keep the ssl manager process well behaved, not exhusting memeory. Invalidating the entries will incrementally empty the cache to make room for fresh sessions entries.
2015-12-01	Merge branch 'maint'	Zandra

2015-12-01	Merge branch 'legoscia/tls_dist_options' into maint	Zandra
	* legoscia/tls_dist_options: Test interface listen option for TLS distribution Test socket listen options for TLS distribution Test port options for TLS distribution TLS Dist: Use inet_dist_ options Conflicts: lib/ssl/src/ssl_tls_dist_proxy.erl lib/ssl/test/ssl_dist_SUITE.erl OTP-12838
2015-11-26	Merge branch 'maint'	Zandra

2015-11-26	Merge branch 'legoscia/tls_dist_nodelay' into maint	Zandra
	* legoscia/tls_dist_nodelay: Add test for dist_nodelay option Honour dist_nodelay socket option in tls_dist proxy OTP-13143
2015-11-26	Merge branch 'maint'	Zandra

2015-11-25	Ensure single 'raw' option is handled correctly	Roger Lipscombe
	Add a test to ensure that a single 'raw' option can be passed to ssl:listen correctly. Note: multiple raw options are (incorrectly) handled by inet:listen_options. See http://erlang.org/pipermail/erlang-questions/2014-March/078371.html
2015-11-24	Test interface listen option for TLS distribution	Magnus Henoch
	Add test that checks that the option inet_dist_use_interface is used when starting a node with TLS distribution.
2015-11-24	Test socket listen options for TLS distribution	Magnus Henoch
	Add test that checks that the option inet_dist_listen_options is used when starting a node with TLS distribution. This test was adapted from inet_dist_options_options in erl_distribution_SUITE.
2015-11-24	Test port options for TLS distribution	Magnus Henoch
	Add test that checks that the options inet_dist_listen_min and inet_dist_listen_max are used when starting a node with TLS distribution.
2015-11-16	fix 24h macro in test suite	Zandra
	Needed after the fix in 120975c4fcb57ecd14031ac046f483e56a3daa4d.
2015-11-13	Add test for dist_nodelay option	Magnus Henoch
	Run the 'basic' test with dist_nodelay set to false.
2015-09-23	Merge branch 'maint'	Ingela Anderton Andin

2015-09-23	ssl: Retry ssl connections on econnreset errors	Ingela Anderton Andin
	To avoid test case failure due to test case setup timing issues. Suspected problem is that the listen queue builds up to quickly in client_unique_session test when running on slow computers.
2015-09-21	Merge branch 'maint'	Anders Svensson

2015-09-21	ssl: listen socket should be set to active false	Ingela Anderton Andin

2015-09-20	Merge branch 'maint'	Ingela Anderton Andin

2015-09-18	ssl: Correct soft upgrade test	Ingela Anderton Andin
	Soft upgrade test did not work as expected due to that the upgrade frame work keeps the control of the test case process to itself, so we need a proxy process to receive messages from ssl test framework.
2015-09-18	Merge branch 'maint'	Ingela Anderton Andin