Age | Commit message (Collapse) | Author | |
---|---|---|---|
2012-11-19 | ssl: Fix bug in match expression found by Dialyzer | Ingela Anderton Andin | |
Code should handle case the there is some undelivered data left on the socket when peer close signal is received. It is unlikely that this happens during normal testing. | |||
2012-11-14 | ssl: Update vsn.mk and ssl.appup.src for release | Ingela Anderton Andin | |
2012-11-13 | ssl: Make sure that the ssl connection process will not hang in terminate ↵ | Ingela Anderton Andin | |
function. Avoid doing gen_tcp/inet socket operations in terminate if socket is already closed. Call gen_tcp:recv/3 in the "data delivery workaround" to avoid hanging. | |||
2012-11-13 | ssl: Add default values to emulated socket options in internal record | Ingela Anderton Andin | |
The absence of the active default values could cause a process leak | |||
2012-11-12 | ssl: Adopt test case to not take so long | Ingela Anderton Andin | |
2012-11-09 | ssl: Do not use gen_fsm:sync_send_all_state_event/3 timeout | Ingela Anderton Andin | |
The gen_fsm:sync_send_all_state_event/3 timout is a client side timeout. If timeouts are needed we want them to be server side timeouts. | |||
2012-09-03 | Prepare releaseOTP_R15B02 | Erlang/OTP | |
2012-08-31 | Update copyright years | Björn-Egil Dahlberg | |
2012-08-29 | Merge branch 'ta/docsmaint' into maint | Henrik Nord | |
* ta/docsmaint: Fix various doc typos for R15B02 Fix various code typos for R15B02 OTP-10245 | |||
2012-08-27 | ssl: Fixed compilation warnings | Ingela Anderton Andin | |
2012-08-24 | ssl & public_key: Workaround that some certificates encode countryname as ↵ | Ingela Anderton Andin | |
utf8 and close down gracefully if other ASN-1 errors occur. The reason certificate_unknown that is used as ALERT for ASN-1 encoding failure is described as: Some other (unspecified) issue arose in processing the certificate, rendering it unacceptable. | |||
2012-08-23 | Merge branch 'ia/sslv3-alert/OTP-10196' into maint | Ingela Anderton Andin | |
* ia/sslv3-alert/OTP-10196: ssl: Add missing sslv3 alert | |||
2012-08-23 | ssl: Clean up of code thanks to dialyzer | Ingela Anderton Andin | |
2012-08-22 | ssl: Add missing sslv3 alert | Ingela Anderton Andin | |
2012-08-22 | ssl: Test suite adjustments | Ingela Anderton Andin | |
2012-08-22 | ssl & public_key: Prepare for release | Ingela Anderton Andin | |
Tickets solved by this branch: OTP-8871, OTP-8872 and OTP-9908 | |||
2012-08-22 | ssl: Use crypto:strong_rand_bytes if possible | Ingela Anderton Andin | |
2012-08-22 | ssl & public_key: Add use of more "sha-rsa oids" | Ingela Anderton Andin | |
2012-08-22 | ssl: Fix inet header option to behave as in inet | Ingela Anderton Andin | |
This options is useless and should be deprecated. But we behave as inet does for now! | |||
2012-08-22 | ssl: TLS 1.2: fix hash and signature handling | Andreas Schultz | |
with TLS 1.2 the hash and signature on a certify message can differ from the defaults. So we have to make sure to always use the hash and signature algorithm indicated in the handshake message | |||
2012-08-22 | ssl: TLS 1.2: fix Certificate Request list of Accepted Signatur/Hash ↵ | Andreas Schultz | |
combinations | |||
2012-08-22 | ssl: Add Signature Algorithms hello extension from TLS 1.2 | Andreas Schultz | |
This is also avoids triggering some bugs in OpenSSL. | |||
2012-08-22 | ssl: Fix rizzo tests to run as intended | Ingela Anderton Andin | |
The Rizzo tests ran both SSL 3.0 and TLS 1.0 tests in the same test case but the new group structure that run all relevant test for all relevant SSL/TLS versions we need to change that to run the protocol version of the group the we are currently running. | |||
2012-08-22 | ssl: TLS-1.1 and TLS-1.2 support should not be default until R16 | Ingela Anderton Andin | |
2012-08-22 | ssl: Signture type bug | Ingela Anderton Andin | |
2012-08-22 | ssl: Add crypto support check (TLS 1.2 require sha256 support) | Ingela Anderton Andin | |
2012-08-22 | ssl: Dialyzer fixes | Ingela Anderton Andin | |
2012-08-22 | ssl: IDEA cipher is deprecated by TLS 1.2 | Ingela Anderton Andin | |
As we did not yet support IDEA ciphers and they have now become deprecated we skip supporting them altogether. | |||
2012-08-22 | ssl: Run relevant tests for all SSL/TLS versions | Ingela Anderton Andin | |
2012-08-22 | ssl: Add TLS version switches to openssl tests | Andreas Schultz | |
2012-08-22 | ssl: Enable TLS 1.2 | Andreas Schultz | |
2012-08-22 | ssl: Enable mac_hash for TLS 1.2 | Andreas Schultz | |
2012-08-22 | ssl: Implement TLS 1.2 signature support | Andreas Schultz | |
2012-08-22 | ssl: Make signature handling version dependant | Andreas Schultz | |
TLS 1.2 introduces changes on how signatures are calculate and encoded. This makes the signature handling version aware | |||
2012-08-22 | ssl: Fix PRF logic | Ingela Anderton Andin | |
2012-08-22 | ssl: Add TLS 1.2 cipher suites | Andreas Schultz | |
2012-08-22 | ssl: Implement and activate PRFs for TLS 1.1 and 1.2 | Andreas Schultz | |
2012-08-22 | ssl: make PRF function selectable | Andreas Schultz | |
TLS 1.2 allows to negotiate the used PRF, additional the default PRF uses a different hash. This change make the PRF selectable and hardwires the PRF for TLS < 1.2 | |||
2012-08-22 | ssl: Add TLS version paramter to verify_dh_params | Andreas Schultz | |
dh parameter verification is done differently with TLS 1.2. Prepare for that by passing the verion to verify_dh_params. | |||
2012-08-22 | ssl: Add TLS version to dec_hs/2 | Andreas Schultz | |
TLS 1.2 changes the layout of several handshake records. This adds the TLS version to dec_hs/2 so it can decode those. | |||
2012-08-22 | ssl: Add TLS version to ssl_handshake:key_exchange/3 | Andreas Schultz | |
TLS 1.2 changed the way digital signatures are done. key_exchange/3 needs to pass the version to it. | |||
2012-08-22 | ssl: Update ssl_cipher_SUITE for TLS 1.1 and TLS 1.2 | Andreas Schultz | |
now that we handle TLS 1.1+ records correctly, the test suite have to take that into account. | |||
2012-08-22 | ssl: Add TLS 1.2 block cipher IV handling | Andreas Schultz | |
2012-08-22 | ssl: Consider TLS version when building cipher blocks | Andreas Schultz | |
With TLS 1.2 the handling of the IV in cipher blocks changed. This prepares ssl_cipher:cipher/5 for that change by passing the TLS version into it and allowing generic_block_cipher_from_bin/4 to overload the IV. | |||
2012-08-22 | ssl: Calculate handshake hash only when needed | Andreas Schultz | |
TLS/SSL version before 1.2 always used a MD5/SHA combination for the handshake hashes. With TLS 1.2 the default hash is SHA256 and it is possible to negotiate a different hash. This change delays the calculation of the handshake hashes until they are really needed. At that point the hash to use should be known. For now MD5/SHA is still hard coded. | |||
2012-07-05 | Fix various doc typos for R15B02 | Tuncer Ayaz | |
2012-06-20 | Merge branch 'ia/ssl/recv-bug/OTP-10118' into maint | Ingela Anderton Andin | |
* ia/ssl/recv-bug/OTP-10118: ssl: Fix bug in the handling of remote connection closure of {active,false} ssl sockets. | |||
2012-06-19 | ssl: Fix pem cache bug | Ingela Anderton Andin | |
A general case clause was put before a less general so that the less general case would never match. | |||
2012-06-15 | ssl: Fix bug in the handling of remote connection closure of {active,false} ↵ | Ingela Anderton Andin | |
ssl sockets. | |||
2012-06-13 | Merge branch 'ia/ssl/bottlenecks/OTP-10113' into maint | Ingela Anderton Andin | |
* ia/ssl/bottlenecks/OTP-10113: ssl: Test case fixes ssl: Avoid second bottleneck in supervisor ssl: File handling optimization ssl: Simpler PEM cache ssl: Refactored for readability ssl: Use md5 as file ref id instead of filenames ssl: Move ets:select bottleneck in server ssl: Renegotiate updates session id in gen_fsm state ssl: Use ordered_set in cache ssl: Move and avoid ets:select bottleneck in client ssl: Reuse session check optimization ssl: Avoid supervior bottleneck |