Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-01-22 | ssl: Incorrect inputed cipherlist lead server to think that the client | Ingela Anderton Andin | |
did not support secure renegotiation | |||
2014-01-14 | ssl: Add missing options validation of server_name_indication | Ingela Anderton Andin | |
2013-12-02 | ssl: Refactor connetion handling | Ingela Anderton Andin | |
2013-12-02 | ssl: Test case enhancement | Ingela Anderton Andin | |
Make sure that test cases does not fail due to timing circumstances, use selective receive even if it means we can not use test library functions in some cases. TCP does not have delivery guarantee to application layer, so sometimes a error message {error, Msg} or {error, closed} can be acceptable. | |||
2013-12-02 | ssl: Refactor API | Ingela Anderton Andin | |
New design : ssl - Main tls - Reflect tls specific semantics dtls - Reflect dtls specific semantics | |||
2013-12-02 | ssl: Refactor connection and handshake handling | Ingela Anderton Andin | |
2013-11-06 | Add SSL Server Name Indication (SNI) client support | Julien Barbot | |
See RFC 6066 section 3 | |||
2013-09-10 | ssl: Refactor to provide common handshake functions for TLS/DTLS | Ingela Anderton Andin | |
Common functions will be located in ssl_handshake.erl while specific functions will be located in tls_handshake.erl and dtls_handshake.erl | |||
2013-09-02 | ssl: Handle signature_algorithm field in digitally_signed properly | Ingela Anderton Andin | |
with proper defaults Added ssl_ECC_SUITE | |||
2013-08-08 | ssl: Revert faulty header option fix | Ingela Anderton Andin | |
The code was changed in the belife that it made it inet compatible. However the testing is a bit hairy as the inet option is acctualy broken, now the tests are corrected and the header option should work in the same broken way as inet again, preferably use the bitsyntax instead. | |||
2013-06-07 | public_key & ssl: Add ASN-1 dependency | Ingela Anderton Andin | |
As the ASN-1 application relies on a nif in R16 for decodeing (that was not the case in R15), public_key currently has a runtime dependency on ASN-1. Hopefully we will be able to remove this dependency again in the future. | |||
2013-06-04 | ssl: Structural perarparation to support DTLS | Ingela Anderton Andin | |
Also phase in tls module as main API instead of ssl. To make API clearer. As TLS is the new protocol name. Maybe keep some API functions in ssl | |||
2013-05-28 | ssl: Do not advertise EC ciphers if crypto support is insufficient | Ingela Anderton Andin | |
2013-05-24 | crypto, public_key & ssl: Make more functions accept integer keys | Sverker Eriksson | |
2013-05-20 | crypto,public_key,ssl: Change return value of crypto:generate_key(ecdh,..) | Sverker Eriksson | |
to conform with the return value of the other types. | |||
2013-05-20 | ssl, public_key, crypto: crypto:algorithms/0 -> crypto:supports/0 | Ingela Anderton Andin | |
2013-05-20 | ssl, public_key & inets: Remove use of deprecated crypto functions from | Ingela Anderton Andin | |
test code | |||
2013-05-20 | ssl: Remove use of deprecated crypto functions | Ingela Anderton Andin | |
2013-05-08 | ssl: Only send ECC-hello extension if ECC-cipher suites are advertised | Ingela Anderton Andin | |
2013-05-08 | ssl, crypto: Eliminate remaining mpint and EC resource key from API | Ingela Anderton Andin | |
2013-05-08 | ssl, public_key, crypto: General generate_key and compute_key functions | Ingela Anderton Andin | |
2013-05-08 | ssl: test case fix | Ingela Anderton Andin | |
2013-05-08 | public_key: use new crypto | Ingela Anderton Andin | |
2013-05-08 | crypto, public_key & ssl: Change API to hide resource format for EC KEY | Sverker Eriksson | |
2013-05-08 | ssl: Filter out ECC cipher suites when openssl is buggy | Ingela Anderton Andin | |
Even in "normal" (not explicitly ECC tests) cases we need to filter out ECC ciper suites as they are preferd. | |||
2013-05-08 | ssl & public_key: Improved handling ECDH keys | Ingela Anderton Andin | |
2013-05-08 | ssl: ct:print -> ct:log and assert port_command | Ingela Anderton Andin | |
2013-05-08 | ssl: Skip ECC cipher tests on versions of openssl pre 0.9.9 | Ingela Anderton Andin | |
EEC is not fully supported before 0.9.9. Also skip tests on opensslversions with known bugs in ECC support | |||
2013-05-08 | SSL: add Elliptic Curve ciphers unit tests | Andreas Schultz | |
2013-05-08 | SSL: add Elliptic Curve support for ssl app | Andreas Schultz | |
2013-05-08 | SSL: filter TLS cipher suites for supported algorithms | Andreas Schultz | |
2013-04-29 | Merge branch 'as/fix-srp-psk-anon/OTP-11071' into maint | Fredrik Gustafsson | |
* as/fix-srp-psk-anon/OTP-11071: fix srp_anon ciphers suites requiring certificates to work. | |||
2013-04-17 | Encode Erlang source files with non-ascii characters in UTF-8 | Björn Gustavsson | |
To ensure that 'master' compiles when we merge 'maint' to it, regardless of which encoding is default in 'master', all source files with non-ascii characters *must* have the encoding specified. | |||
2013-04-12 | fix srp_anon ciphers suites requiring certificates to work. | Andreas Schultz | |
This problem was not caught by the test suites since all PSK and SRP suites where always tested with certificates. Split those tests into test with and without certificates. | |||
2013-03-28 | SSL: add tests for PSK and SRP ciphers | Andreas Schultz | |
2013-03-13 | ssl: Add missing configuration in test case | Ingela Anderton Andin | |
2013-03-06 | ssl: Handle next protocol negotiation when reusing a session. | Ingela Anderton Andin | |
2013-03-05 | ssl: Check that negotiated version is a supported version. | Ingela Anderton Andin | |
2013-03-01 | ssl: correct test case | Ingela Anderton Andin | |
2013-02-22 | ssl: Add missing group clause and correct parameters to packet/7 | Ingela Anderton Andin | |
2013-02-20 | ssl: Fatal close alert makes more sense than handshake failiure at econnaborted | Ingela Anderton Andin | |
2013-02-18 | ssl: Further error handling enhancments | Ingela Anderton Andin | |
follow up enhancments done in commit e56167dd6ca8d37d26ea7f19933691a3bda41113 Make sure format_error return good strings. Replace confusing legacy atoms with more descriptive atoms. | |||
2013-02-12 | ssl: Generalize cb_info option | Ingela Anderton Andin | |
2013-01-25 | Update copyright years | Björn-Egil Dahlberg | |
2013-01-25 | Merge branch 'ia/ssl/test-case-timeout' | Ingela Anderton Andin | |
* ia/ssl/test-case-timeout: ssl: Too short timeout in test case | |||
2013-01-23 | ssl: Too short timeout in test case | Ingela Anderton Andin | |
2013-01-22 | Merge branch 'ia/ssl/incompatible-error-msg/OTP-10451' | Ingela Anderton Andin | |
* ia/ssl/incompatible-error-msg/OTP-10451: ssl: Enhance error handling | |||
2013-01-21 | ssl: Enhance error handling | Ingela Anderton Andin | |
Remove filter mechanisms that made error messages backwards compatible with old ssl but hid information about what actually happened. This does not break the documented API however other reason terms may be returned, so code that matches on the reason part of {error, Reason} may fail. | |||
2013-01-17 | ssl: Certificates and PEM-cache cleaning fixed to avoid memory leak | Ingela Anderton Andin | |
Certificate db cleaning messages where sent to the wrong process after restructuring to avoid bottlenecks. It is possible that the ssl manager process gets two cleaning messages for the same entry. E.i. first cleaning message is sent and before it is processed a new reference is allocated and again released for the entry, generating a second cleaning message. Also in ssl_manger:handle_info/2 it is possible that there exists a new reference to an "old" file name with a potential new content. | |||
2013-01-14 | ssl: ct:format should be ct:print | Ingela Anderton Andin | |