aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl
AgeCommit message (Collapse)Author
2010-08-20Merge branch 'pg/fix-ssl-handshake-client-certificate' into devIngela Anderton Andin
* pg/fix-ssl-handshake-client-certificate: Fix bug in ssl handshake protocol related to the choice of cipher suites OTP-8772
2010-08-18Remove ticket numbers from all vsn.mk filesBjörn Gustavsson
Some application's vsn.mk files contained a list of the ticket numbers fixed in each version. Since that information can be obtained from the notes.xml file or from the merge commits in the git repository (provided that the branch name includes the ticket number), there is no reason to manually maintain that information in the vsn.mk files.
2010-08-18Fix bug in ssl handshake protocol related to the choice of cipher suitesPaul Guyot
in client hello message when a client certificate is used The client hello message now always include ALL available cipher suites (or those specified by the ciphers option). Previous implementation would filter them based on the client certificate key usage extension (such filtering only makes sense for the server certificate).
2010-07-26Fix minor typos and errors in documentationCristian Greco
2010-06-29Updated version.Ingela Anderton Andin
2010-06-29The server now verifies the client certificate verify message correctly, ↵Ingela Anderton Andin
instead of causing a case-clause.
2010-06-23Added more specs and changed from using own min/2 funtion to erlang:min/2.Ingela Anderton Andin
2010-06-22Added more -spec definitions.Ingela Anderton Andin
2010-06-22Refreshed documentation to reflect the change of default implementation.Ingela Anderton Andin
Started to improve code documentation by using -spec directive, and some small refactorings to avoid ugly code.
2010-06-14OTP-8695 New ssl defaultIngela Anderton Andin
Ssl has now switched default implementation and removed deprecated certificate handling. All certificate handling is done by the public_key application.
2010-06-11OTP-8695 New ssl defaultIngela Anderton Andin
Ssl has now switched default implementation and removed deprecated certificate handling. All certificate handling is done by the public_key application.
2010-06-11OTP-8695 New ssl defaultIngela Anderton Andin
Ssl has now switched default implementation and removed deprecated certificate handling. All certificate handling is done by the public_key application.
2010-06-08Move dsa ticket to r14a releaseIngela Anderton Andin
(This is the merge of r13 version to r14_dev)
2010-06-08Updated for ssl-3.11.1Ingela Anderton Andin
2010-06-07OTP-8587 DSA key supportIngela Anderton Andin
New ssl now support client/server-certificates signed by dsa keys.
2010-06-04Fixed handling of several ssl/tls packets arriving at the same time.Ingela Anderton Andin
This was broken during a refactoring of the code.
2010-06-01Added workaround for tcp delivery problemIngela Anderton Andin
2010-05-28Cleaned codeIngela Anderton Andin
2010-05-28Hoops too quick to check in previous version, changed . to ;, compiled inIngela Anderton Andin
wrong shell!
2010-05-28Added misssing version check for client.Ingela Anderton Andin
2010-05-28Added missing padding check.Ingela Anderton Andin
2010-05-28Added missing Mac check.Ingela Anderton Andin
2010-05-28Added code to handle own alert in case MAC or padding check fails.Ingela Anderton Andin
2010-05-27Moved nodelay workaround for linux, as it seems to only work if you doIngela Anderton Andin
it before sending the fatal alert, even though documentation suggests the socket will be flushed on linux as an effect of setting the nodelay option.
2010-05-26OTP-8649 change in public_key apiIngela Anderton Andin
2010-05-26Test ssl_session_cache_api.Ingela Anderton Andin
2010-05-26Seems we need "nodelay socket flush" on some linux platforms after all.Ingela Anderton Andin
2010-05-26Avoid apparently timing issus when closing down opensslIngela Anderton Andin
2010-05-26Added option list argument to the init function in ssl_session_cache_api.Ingela Anderton Andin
2010-05-25Enhancements and fixes due to coverage investegation.Ingela Anderton Andin
2010-05-25Enhanced protocol version handling.Ingela Anderton Andin
2010-05-25Better coverage.Ingela Anderton Andin
2010-05-25Better coverageIngela Anderton Andin
2010-05-24Fixed session validation bug thanks to cover.Ingela Anderton Andin
2010-05-24Changed the documentation to match latest implementation and design decisions.Ingela Anderton Andin
2010-05-21Clean up of codeIngela Anderton Andin
2010-05-21Worked on getting better code coverage.Ingela Anderton Andin
2010-05-21Decision not to support export cipher suites.Ingela Anderton Andin
2010-05-21Decision not to support DH and export cipher suites.Ingela Anderton Andin
2010-05-21Decision not to support DH and export cipher suites and clean up.Ingela Anderton Andin
2010-05-20Honor internal APIIngela Anderton Andin
2010-05-20Fixed internal APIIngela Anderton Andin
2010-05-18Fixed extended_key_usage test so that it really tests what we want it to test.Ingela Anderton Andin
2010-05-18Commented out currently unsupported code. To be supported or removed in the ↵Ingela Anderton Andin
future.
2010-05-17Removed/commented out currently dead code.Ingela Anderton Andin
2010-05-11Added ticketsIngela Anderton Andin
2010-05-11OTP-8568 RFC -5746Ingela Anderton Andin
New ssl now supports secure renegotiation as described by RFC 5746.
2010-04-29Started to prepare for next versionIngela Anderton Andin
2010-04-29OTP-8588 Alert and packet handling improvmentIngela Anderton Andin
Alert handling has been improved to better handle unexpected but valid messages and the implementation is also changed to avoid timing related issues that could cause different error messages depending on network latency. Packet handling was sort of broken but would mostly work as expected when socket was in binary mode. This has now been fixed.
2010-04-19Prepare for releaseDan Gudmundsson