Age | Commit message (Collapse) | Author |
|
|
|
|
|
Also remove dead code
|
|
|
|
Use of rpc:call could hide the real crash reason
|
|
|
|
* Remove all configuration possibilities, so use the cookie as secret
* Clean up error handling to make the module a more complete dist module
* Change the init message to use length fields instead of zero termination
* Remove the dependency towards modern crypto so it should run on maint
|
|
We do not want to test OpenSSL default values as the may not agree
with our defaults.
|
|
* ingela/ssl/upgrade-cuddle:
ssl: Upgrade cert generation for upgrade test
|
|
|
|
* raimo/ssl/tls-dist-fun-day/OTP-14792:
Skip all benchmark groups
Benchmark report relative core load
Improve printouts
Polish sched util benchmark
Improve printouts
Dist handshake with nodelay
Implement inet_crypto_dist benchmark example
|
|
|
|
|
|
|
|
|
|
|
|
Optimization to concatenate small user data packages recived
closely after each other has invalidated assumptions in the test case.
|
|
The test are moved to ssl_cipher_suite_SUITE
|
|
This group has started to fail as our default has diverged from OpenSSL
defaults and we are not really interested in testing OpenSSL defaults.
|
|
|
|
This is a simplistic distribution protocol module for
encrypted distribution using a shared secret and only
the crypto module, and AEAD ciphers.
It is intended to be a benchmark reference for how fast
encrypted distribution may get.
How secure it would be and also how useful, for actual production use,
remains to be investigated.
|
|
|
|
* ingela/ssl/default-supported-versions/OTP-14865:
ssl: Remove default support for legacy versions
|
|
* peterdmv/ssl/tls13-conn-info:
ssl: Fix ssl:connection_information/1 in TLS 1.3
Change-Id: I492b0973bb4ee44354edf22ed3bc2a6e5c7b90c5
|
|
TLS-1.0, TLS-1.1 and DTLS-1.0 are now considered legacy
|
|
Conflicts:
lib/ssl/src/ssl.erl
lib/ssl/src/tls_connection.erl
|
|
Store cipher suite information in session record.
Test ssl:connection_information/1 in a TLS 1.3 connection.
Change-Id: I7193e6dd2544540e446b5777b5768806cecf2bd3
|
|
Remove function ssl:set_log_level/1. Its functionality is already
implemented by logger:set_application_level/2.
Set log level for ssl modules to debug at application start.
Former implementation required an extra call to
logger:set_application_level/2 (beside setting ssl option
{log_level, debug}) to enable debug logging.
Change-Id: Id21be7fd58915e11124cc136bb92d8a7526b8a74
|
|
Change-Id: I433924f9c590efa94423db5df52dd3f5d53d9d20
|
|
|
|
Change-Id: I6504d99a96ed6fc75dbdff78a6148ed39d3776c9
|
|
Change-Id: I09c0501ea790941001b11a3f6d12a96f18da2bea
|
|
Test client authentication when client responds with empty
Certificate.
Change-Id: I725ae60c6d097ca13c5f4354e35377ecacf98dea
|
|
* peterdmv/ssl/hello-retry-request/OTP-15590:
ssl: Fix type spec for handshake_history()
ssl: Add tests for hello_retry_request and groups
ssl: Implement 'hello_retry_request'
Change-Id: I04ad2860d0ba81462a1e36c7d6fcee6bc5c98c32
|
|
* maint:
fixup! ssl: Add support for {active,N}
ssl: Use common fonction to update {active,N}
ssl: Document {active,N}
ssl: Add support for {active,N}
|
|
Change-Id: I0e4a9337d5d52a0e39ccc16d2d2e2b123ea2f9b5
|
|
* essen:erlang/otp:
fixup! ssl: Add support for {active,N}
ssl: Use common fonction to update {active,N}
ssl: Document {active,N}
ssl: Add support for {active,N}
Conflicts:
lib/ssl/src/ssl_connection.erl
|
|
* maint:
Inline local function
Optimize binary matching
Clean up module boundaries
Remove redundant return of CipherState
Use iovec() internally in send path
Small binary handling optimizations
Optimize read_application_data with Okasaki queue
Try to optimize decode_cipher_text/3
Optimize application data aggregation
Optimize TLS record parsing with Okasaki queue
Cache strong_random_bytes for IV
Optimize padding
Produce less garbage in encrypt loop
Reorganize #data{}
Tidy up state machine
Add server GC info to bench results
Conflicts:
lib/ssl/src/ssl_cipher.erl
lib/ssl/src/ssl_connection.erl
lib/ssl/src/ssl_connection.hrl
lib/ssl/src/ssl_logger.erl
lib/ssl/src/ssl_record.erl
lib/ssl/src/ssl_record.hrl
lib/ssl/src/tls_connection.erl
lib/ssl/src/tls_record.erl
lib/ssl/src/tls_sender.erl
|
|
* raimo/ssl/tls-optimization/OTP-15529:
Inline local function
Optimize binary matching
Clean up module boundaries
Remove redundant return of CipherState
Use iovec() internally in send path
Small binary handling optimizations
Optimize read_application_data with Okasaki queue
Try to optimize decode_cipher_text/3
Optimize application data aggregation
Optimize TLS record parsing with Okasaki queue
Cache strong_random_bytes for IV
Optimize padding
Produce less garbage in encrypt loop
Reorganize #data{}
Tidy up state machine
Add server GC info to bench results
|
|
* ingela/ssl/bench:
ssl: Improve bench SUITE
|
|
Add shorter time trap, modernize code and make sure help process
terminates.
|
|
|
|
* ingela/ssl/shrink-state:
ssl: Remove duplicate record_cb handling
ssl: Add test case for continued handshake with a timeout
ssl: Use gen_statem named timers to handle connection and recv timeouts
ssl: Move and rename diffie_hellman_keys and srp_keys to kex_keys
ssl: Move key_algorithm to handshake_env
ssl: srp
ssl: Rename
ssl: Move diffie_hellman_params to handshake_env
ssl: Move and rename psk_identity state record field
ssl: Move premaster_secret to handshake_env
ssl: Make flight_state DTLS specific
ssl: Add private_key to connection_env
ssl: Remove unused record field
ssl: Add erl_dist_handle to connection_env
ssl: Add negotiated_version to connection_env
ssl: Add key exchange items to handshake_env
ssl: Add hashsign_algorithm and cert_hashsign_algorithm to handshake_env
ssl: Add downgrade handling to connection_env
ssl: Create connection_env
ssl: Handle renegotiation and extensions in handshake_env
|
|
Conflicts:
lib/ssl/src/dtls_connection.erl
lib/ssl/src/ssl_connection.erl
lib/ssl/src/ssl_connection.hrl
lib/ssl/src/tls_connection.erl
|
|
* ingela/ssl/shrink-state:
ssl: Remove duplicate record_cb handling
ssl: Add test case for continued handshake with a timeout
ssl: Use gen_statem named timers to handle connection and recv timeouts
ssl: Move and rename diffie_hellman_keys and srp_keys to kex_keys
ssl: Move key_algorithm to handshake_env
ssl: srp
ssl: Rename
ssl: Move diffie_hellman_params to handshake_env
ssl: Move and rename psk_identity state record field
ssl: Move premaster_secret to handshake_env
ssl: Make flight_state DTLS specific
ssl: Add private_key to connection_env
ssl: Remove unused record field
ssl: Add erl_dist_handle to connection_env
ssl: Add negotiated_version to connection_env
ssl: Add key exchange items to handshake_env
ssl: Add hashsign_algorithm and cert_hashsign_algorithm to handshake_env
ssl: Add downgrade handling to connection_env
ssl: Create connection_env
ssl: Handle renegotiation and extensions in handshake_env
|
|
* peterdmv/ssl/server-process-client-finished:
ssl: Test TLS 1.3 connectivity
ssl: Fix crash when sending Alerts
ssl: Fix dialyzer warning
ssl: Improve TLS 1.3 statem
Change-Id: I258e0309ba3a132d5ab2056151935a3df8646344
|
|
|
|
* maint:
ssl: Fix renegotiation testcases
ssl: Fix failing rizzo testcases
ssl: Use IPv4 addresses with openssl s_client
ssl: Use sha256 in test certificates if supported
Change-Id: I8a604d607333d029b170e3d3ad31ea01890202ea
|
|
* peterdmv/ssl/fix-failing-testcases:
ssl: Fix renegotiation testcases
ssl: Fix failing rizzo testcases
ssl: Use IPv4 addresses with openssl s_client
ssl: Use sha256 in test certificates if supported
Change-Id: I11a326be027545e20fbef6f90996b0c8be8c3e50
|
|
Fix failing renegotiation testcases with openssl-1.1.1a.
openssl s_client sends the renegotiation "R\n" connected command
to the server side causing testcase failure.
This commit updates ssl_to_openssl_SUITE:erlang_ssl_receive to
swallow the unexpected packet.
Change-Id: I1f5d040ac65c25652f7101ddf109fc84acc4c915
|