| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
|
|
* raimo/inet_crypto_dist:
Rekey also the shared secret
Use shared secret to rekey
Cycle the keypair by time and count
Set socket buffer sizes to avoid handshake deadlock
Keep the keypair for the node's lifetime
Implement some kind of PEKE to get forward secrecy
Use incrementing IV
Use Erlang cookie as shared secret
|
|
|
|
* ingela/ssl/openssl-test-cuddle:
ssl: Add necessary compliance check
|
|
|
|
|
|
|
|
|
|
|
|
Remove test form "ECC suites" that are covered by the new interop
suite or by the fairly new ssl_cipher_suite_SUITE.
|
|
|
|
Remove support of version tuples (e.g. {3,3}) from API function
ssl:eccs/1.
Update function spec and documentation.
Change-Id: I891e42a2ca31c3e06b4edeeb866c0df874f2035b
|
|
* peterdmv/ssl/doc-types-and-specs/OTP-15746:
ssl: Add type specs for http_packet()
ssl: Fix type specs of ssl_internal.hrl
ssl: Fix type specs of internal handshake functions
ssl: Fix dialyzer warnings
eldap: Fix dialyzer warnings
ssl: Fix missing anchor warning
public_key: Accept digest types 'sha1' and 'sha'
inet: Document type inet:stat_option()
ssl: Changed function specs and ssl.xml
ssl: Update standards_compliance.xml
OTP-15775
OTP-15776
OTP-15777
Change-Id: Ibe8e8263d6557eaa40cc0681a7ce3fcb373a4120
|
|
|
|
Change-Id: Ic4895195569073916f158a06b95061939f15cfc0
|
|
|
|
|
|
|
|
Also remove dead code
|
|
|
|
Use of rpc:call could hide the real crash reason
|
|
|
|
* Remove all configuration possibilities, so use the cookie as secret
* Clean up error handling to make the module a more complete dist module
* Change the init message to use length fields instead of zero termination
* Remove the dependency towards modern crypto so it should run on maint
|
|
We do not want to test OpenSSL default values as the may not agree
with our defaults.
|
|
* ingela/ssl/upgrade-cuddle:
ssl: Upgrade cert generation for upgrade test
|
|
|
|
* raimo/ssl/tls-dist-fun-day/OTP-14792:
Skip all benchmark groups
Benchmark report relative core load
Improve printouts
Polish sched util benchmark
Improve printouts
Dist handshake with nodelay
Implement inet_crypto_dist benchmark example
|
|
|
|
|
|
|
|
|
|
|
|
Optimization to concatenate small user data packages recived
closely after each other has invalidated assumptions in the test case.
|
|
The test are moved to ssl_cipher_suite_SUITE
|
|
This group has started to fail as our default has diverged from OpenSSL
defaults and we are not really interested in testing OpenSSL defaults.
|
|
|
|
This is a simplistic distribution protocol module for
encrypted distribution using a shared secret and only
the crypto module, and AEAD ciphers.
It is intended to be a benchmark reference for how fast
encrypted distribution may get.
How secure it would be and also how useful, for actual production use,
remains to be investigated.
|
|
|
|
* ingela/ssl/default-supported-versions/OTP-14865:
ssl: Remove default support for legacy versions
|
|
* peterdmv/ssl/tls13-conn-info:
ssl: Fix ssl:connection_information/1 in TLS 1.3
Change-Id: I492b0973bb4ee44354edf22ed3bc2a6e5c7b90c5
|
|
TLS-1.0, TLS-1.1 and DTLS-1.0 are now considered legacy
|
|
Conflicts:
lib/ssl/src/ssl.erl
lib/ssl/src/tls_connection.erl
|
|
Store cipher suite information in session record.
Test ssl:connection_information/1 in a TLS 1.3 connection.
Change-Id: I7193e6dd2544540e446b5777b5768806cecf2bd3
|
|
Remove function ssl:set_log_level/1. Its functionality is already
implemented by logger:set_application_level/2.
Set log level for ssl modules to debug at application start.
Former implementation required an extra call to
logger:set_application_level/2 (beside setting ssl option
{log_level, debug}) to enable debug logging.
Change-Id: Id21be7fd58915e11124cc136bb92d8a7526b8a74
|
|
Change-Id: I433924f9c590efa94423db5df52dd3f5d53d9d20
|
|
|
