Age | Commit message (Collapse) | Author |
|
|
|
This commit fixes the connection_information testcase with TLS 1.3
connections.
|
|
|
|
|
|
|
|
|
|
|
|
The suite was renamed tls_1_3_versions_SUITE but
apparently not via git, so the old file remained.
|
|
|
|
|
|
Do not test TLS 1.0 with these old versions as we do send hello extensions
for those implementations that will use them, and trailing unknown data
should be ignored by RFC complient implementations.
|
|
Also clean up code after previous test moves
|
|
Also refactor Rizzo tests to minimize them to only test
what actually can be tested. In practice this was already
done but a lot of legacy code remained. In the past timing
happened to make it look like it was possible to test
Rizzo-Dungeon mitigation in more detail, but it was based on
false assumptions that can not be applied to streams.
|
|
This is also an effort to group test cases better.
More such commits will follow.
|
|
|
|
Extention handling need some fixes to work
correctly for ALPN and SSL-3.0 only client/servers
do not support extensions
|
|
Regroup testes after functionality making it easier to
test all variants (all protocols, all cert types etc).
Also extend OpenSSL interop
|
|
|
|
* ingela/ssl/kill-openssl-zombie:
ssl: Kill OpenSSL processes that survived test run
|
|
Should be zero such processes in the normal case
|
|
Implement support for ECDSA certificates in TLS 1.3
|
|
* peterdmv/ssl/fix-peername-sockname:
ssl: Update ssl_test_lib
|
|
On some configurations the inet:peername/1 and inet:getaddr/2
functions return different loopback addresses, leading to
testcase failures in the ssl_basic_SUITE (peername, sockname).
This commit updates the node_to_hostip and check_result functions
to tolerate different loopback addresses.
|
|
Do not automatically configure the TLS version for the 'tlsv1.3'
group.
|
|
* ingela/ssl/TLS-hibernate-bug/OTP-15910:
ssl: Fix hibernation bug
|
|
|
|
* peterdmv/ssl/fix-handshake-hello/ERL-975/OTP-15888:
ssl: Fix negative tests in ssl_basic_SUITE
ssl: Fix run_client_error/1 in ssl_test_lib
ssl: Fix ssl_handshake:extension_value/1
|
|
* peterdmv/ssl/tls12-java11-interop/ERL-973/OTP-15887:
ssl: Add interop test
ssl: Improve handling of signature algorithms
|
|
* ingela/ssl/handshake-handling/ERL-968/OTP-15879:
ssl: Correct handshake handling
|
|
* peterdmv/ssl/fix-handshake-hello/ERL-975/OTP-15888:
ssl: Fix negative tests in ssl_basic_SUITE
ssl: Fix run_client_error/1 in ssl_test_lib
ssl: Fix ssl_handshake:extension_value/1
|
|
|
|
Fix run_client_error/1 to properly propagate errors from the
test client.
|
|
Handle new TLS 1.2/1.3 extensions.
|
|
* peterdmv/ssl/tls12-java11-interop/ERL-973/OTP-15887:
ssl: Add interop test
ssl: Improve handling of signature algorithms
|
|
Add interoperability test for TLS 1.2 server and TLS 1.3 client.
|
|
* ingela/ssl/handshake-handling/ERL-968/OTP-15879:
ssl: Correct handshake handling
|
|
Solves ERL-968, a refactoring bug could cause part of a server key exchange message to
be appended, to an incorrectly duplicated, certificate handshake message. In the end
causing an ASN1 decoding error. That in turn did not end up the correct error handling branch.
|
|
* peterdmv/ssl/fix-testcases:
ssl: Fix run_client_error/1 in ssl_test_lib
|
|
|
|
Fix run_client_error/1 to properly propagate errors from the
test client.
|
|
* peterdmv/ssl/dtls-test-fix:
ssl: Fix ssl_packet_SUITE
|
|
* peterdmv/ssl/dtls-test-fix:
ssl: Fix ssl_packet_SUITE
|
|
* ingela/ssl/dtls-multiplxor/ERL-962/OTP-15864:
ssl: Add missing gen_server return value in DTLS packet demux process
|
|
* ingela/ssl/ret-ext/ERL-951/OTP-15862:
ssl: Fix broken return value
|
|
Unset internal_active_n when cleaning FT environment.
|
|
Implement ALPN in TLS 1.3
|
|
* ingela/ssl/dtls-multiplxor/ERL-962/OTP-15864:
ssl: Add missing gen_server return value in DTLS packet demux process
|
|
|
|
Server and client use different secrets when sending certificate related
alerts. This is due to a change to the TLS protocol where clients send
their 'certificate' message after they have received the server's 'finished'
message.
|
|
|