| Age | Commit message (Collapse) | Author |
|---|
|
maint-21
* peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477:
ssl: Fix encoding/decoding of the SRP extension
|
|
* ingela/ssl/enhance-error-handling/OTP-15505:
ssl: Cuddle test cases
ssl: Fix test case
ssl: Fix two invalid gen_statem returns
|
|
* lukas/ssl/benchmark_basic_test:
inets: Decrease benchmark TC timeout
inets: Fix crypto:rand_bytes usage in benchmarks
ssl: Only run a basic fast test in test cycle
|
|
Some of the slower machines takes 20-30 minutes to run
one iteration of the payload test.
|
|
Conflicts:
lib/ssl/src/ssl.erl
|
|
We want to be able to save a specific session to reuse, and make sure
it is reusable immediatly when the connection has been established.
Add client option {reuse_session, SessionID::binary()}
We also do not want clients to save sessions that it did not verify.
Additionaly change behaviour of the client and server to not save sessions
if reuse_session is set to false.
|
|
Modernize test case option handling
|
|
No need for this test case to set a specific cipher suite. An appropriate cipher suite
will be negotiated and it will of course be the same for clients with the same configuration.
|
|
|
|
TLS 1.3 test suites requires TLS 1.3 support in crypto that is
openssl 1.1.1 or later shall be available.
This commit tests support for RSASSA-PSS signature algorithm
and x448 Diffie-Hellman key agreement.
Change-Id: I003ab376339b003fbbd3d0a66e10c368a16023ad
|
|
Change-Id: I16dccce4a0a8980fe0f888969945aef8ed38a9bc
|
|
- Update calculation of nonce and additional data
- Update cipher_aead, decipher_aead
- Add test for TLS 1.3 encode/decode
Change-Id: Id0a5cc68d8746079fb42c0192c0c64405f6d7a72
|
|
Create a TLS 1.3 'Certificate' message in the 'negotiated' state.
Change-Id: I03115de2353324f8533146ba19809064da6b0866
|
|
Change-Id: I23a2faa5f07836333c9b50af388162d2bbb9a246
|
|
Change-Id: I465760b7001692367c68839219745e40abafdfa8
|
|
* peterdmv/ssl/fix-failing-srp-tc:
ssl: Fix srp testcase fault
Change-Id: I0d7bf24e16bec0b61d385a6cd2ef81f334b9e397
|
|
* maint:
ssl: Fix CRL suite with openssl-1.1.1a
Change-Id: I18ffe894158e8881af20bba6f6a60b85063b937c
|
|
* peterdmv/ssl/fix-crl-suite:
ssl: Fix CRL suite with openssl-1.1.1a
Change-Id: I2847107b6cf0210c3002c016a6ba49288505d06f
|
|
|
|
|
|
Remove rizzo rests that made incorrect assumptions
|
|
Later versions of openssl do not support negative integers for
CRL due time (used for negative testing).
As a workaround this commit implements a function that can set
CRL due time in seconds and makes the testcase
'crl_hash_dir_expired' sleep for one second.
Change-Id: I2ef8b3c6ee545bd09170fa6027cb9ca38cfb42c0
|
|
Fix testcase fault introduced by the forward merge of
peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477.
Change-Id: Ia4290265d5c59b6d50f4e5b60b41d5f05fd14278
|
|
* maint:
ssl: Fix encoding/decoding of the SRP extension
Change-Id: I3b5887cf01b1a538c65d0c66da4d4ccf7793478d
|
|
Cipher test case also needed updating to handle streams correctly
We should not rizzo test chacha20_poly1305
Conflicts:
lib/ssl/test/ssl_basic_SUITE.erl
|
|
packet raw is a stream, test code manged it packet oriented in
the function active_raw.
|
|
* peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477:
ssl: Fix encoding/decoding of the SRP extension
Change-Id: Iee3276a60041a2c04c89385b2de2edb1cd81babd
|
|
The encoded value of the SRP extension length was bigger than the
actual length of the extension. This could cause interoperability
problems with third party SSL implementations.
This commit corrects the encoding and decoding of the SRP extension
length.
Change-Id: I78d118faab7f5d02b755a7d1e2e8561b86f5a15c
|
|
New internal active N changed timing, and
new check is needed.
|
|
|
|
New internal active N changed timing, and
new check is needed.
|
|
|
|
Both test case and code needed updates to work as intended. Code needed update due to
new tls_sender process and the test case gave false positive reusult erarlier probably
due to beeing to sloopy in order to avoid timeouts.
|
|
State values created at init
|
|
Conflicts:
lib/ssl/src/tls_connection.erl
|
|
|
|
|
|
Cipher test case also needed updating to handle streams correctly
We should not rizzo test chacha20_poly1305
Conflicts:
lib/ssl/test/ssl_basic_SUITE.erl
|
|
Conflicts:
lib/ssl/src/dtls_connection.erl
lib/ssl/src/ssl_connection.erl
lib/ssl/src/ssl_connection.hrl
lib/ssl/src/tls_connection.erl
lib/ssl/src/tls_record.erl
|
|
packet raw is a stream, test code manged it packet oriented in
the function active_raw.
|
|
Both test case and code needed updates to work as intended. Code needed update due to
new tls_sender process and the test case gave false positive reusult erarlier probably
due to beeing to sloopy in order to avoid timeouts.
|
|
State values created at init
|
|
|
|
|
|
Conflicts:
lib/ssl/test/ssl_dist_bench_SUITE.erl
|
|
* raimo/ssl/tls_dist-profiling:
Improve benchmark
Implement print on other node
Fix compiler warnings
|
|
|
|
* ingela/ssl/test-cuddle-ssl_basic_SUITE:
ssl: Correct test case
|
|
Conflicts:
lib/ssl/src/dtls_connection.erl
lib/ssl/src/ssl_connection.erl
lib/ssl/src/tls_connection.erl
|
|
When internaly using active N, bugs in shutdown implementation where reveled.
|
