aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl
AgeCommit message (Collapse)Author
2010-04-19Prepare for releaseDan Gudmundsson
2010-04-17Reset inet optionsDan Gudmundsson
Temporary set the inet options on listen socket before doing accept so that the correct options will be inherited by the accept socket. Reset the options afterwards so that repeated use of listen socket get user set values.
2010-04-16Avoid race condition of early handshake messages, when socket is active mode ↵Dan Gudmundsson
is not false.
2010-04-15** Empty commit message **Ingela Anderton Andin
2010-04-15Tried to minimize sleepingIngela Anderton Andin
2010-04-15Ignore renegotiation reject until we implemented RFC-5746Ingela Anderton Andin
2010-04-15Added more tests and small corrections.Ingela Anderton Andin
2010-04-14Improved testsIngela Anderton Andin
2010-04-14Enhanced error handlingIngela Anderton Andin
2010-04-14Update version numberIngela Anderton Andin
2010-04-13We currently do not support fixed DH. Removal of dead code.Ingela Anderton Andin
2010-04-13Fixed dialyzer warningIngela Anderton Andin
2010-04-13OTP-8554 Certificate extensionsIngela Anderton Andin
2010-04-13Fixed spelling errorDan Gudmundsson
2010-04-13OTP-8517 RenegotiationIngela Anderton Andin
New ssl now properly handles ssl renegotiation, and initiates a renegotiation if ssl/ltls-sequence numbers comes close to the max value.
2010-04-12OTP-8517 RenegotiationIngela Anderton Andin
New ssl now properly handles ssl renegotiation, and initiates a renegotiation if ssl/ltls-sequence numbers comes close to the max value.
2010-04-09Fix renegotiate docIngela Anderton Andin
2010-04-09Update version numberIngela Anderton Andin
2010-04-09Removed more sleepsIngela Anderton Andin
2010-04-09Removed need of sleep better to synchronize if possible.Ingela Anderton Andin
2010-04-09Merge branch 'rb/ssl-fix-http-packet-decoding' into devErlang/OTP
* rb/ssl-fix-http-packet-decoding: Fix ssl to decode http packets in the same way as gen_tcp OTP-8545 rb/ssl-fix-http-packet-decoding
2010-04-08Fixed commentIngela Anderton Andin
2010-04-08Merge branch 'rb/ssl-transport-accept-fix' into devErlang/OTP
* rb/ssl-transport-accept-fix: Fix ssl:transport_accept/2 to return properly when socket is closed OTP-8560 rb/ssl-transport-accept-fix Fixed ssl:transport_accept/2 to return properly when socket is closed. Thanks to Rory Byrne.
2010-04-08Update version numberIngela Anderton Andin
2010-04-07Generalized tcp_connect testIngela Anderton Andin
2010-04-07** Empty commit message **Ingela Anderton Andin
2010-04-07Fix ssl to decode http packets in the same way as gen_tcpRory Byrne
When gen_tcp is configured with the {packet,http} option, it automatically switches to expect HTTP Headers after a HTTP Request/Response line has been received. This update fixes ssl to behave in the same way.
2010-04-07Fix ssl:transport_accept/2 to return properly when socket is closedRory Byrne
A badmatch exception is thrown from ssl:transport_accept/2 when ssl:close/1 is called on the socket. This fixes it to return {error,closed} as expected.
2010-04-07To preserve coding style of this moduleIngela Anderton Andin
2010-04-05Fix verification of ssl client when fail_if_no_peer_certRory Byrne
The SSL handshake fails when an ssl server is configured with the 'fail_if_no_peer_cert' option and a valid client sends its certificate as instructed. On the server-side ssl:ssl_accept/2 will return {error,esslerrssl}, and it will send an "Unexpected Message" SSL Alert (type 10) to the client.
2010-04-05Fix mishandling of valid ssl optionsRory Byrne
Using certain valid options in the new ssl implementation results in badarg exceptions. This happens for one documented option 'fail_if_no_peer_cert' and two undocumented options 'verify_client_once' and 'cb_info'.
2010-04-01Fixed copy paste errorIngela Anderton Andin
2010-04-01Added renegotiate/1Ingela Anderton Andin
2010-04-01Add dhfile optionIngela Anderton Andin
2010-04-01Update version numberIngela Anderton Andin
2010-03-31Fixed arguments to queue:in_r in clause that is very unlikly to happen and ↵Ingela Anderton Andin
hence not covered by test cases.
2010-03-31Corrected merge errorsIngela Anderton Andin
2010-03-25OTP-7046 Support for Diffie-Hellman keyexchangeIngela Anderton Andin
2010-03-25OTP-8517 RenegotiationIngela Anderton Andin
New ssl now properly handles ssl renegotiation, and initiates a renegotiation if ssl/ltls-sequence numbers comes close to the max value.
2010-03-16OTP-8510 ssl crashDan Gudmundsson
Fixed a crash in the certificate certification part.
2010-02-18Avoid crash when trying to alert the user.Dan Gudmundsson
2010-02-17ssl: Prepare releaseDan Gudmundsson
2010-02-17OTP-8459 Do a controlled shutdown if a non ssl packet arrives as the firstDan Gudmundsson
packet.
2010-02-12Merge branch 'yh/packet_option_for_new_ssl_send' into ccase/r13b04_devErlang/OTP
* yh/packet_option_for_new_ssl_send: Fixed ssl:setopts(Socket, binary) which was didn't work for 'new' ssl. Fixed bug file cache bug and improved the error messages. Allow <c>ssl:listen/2</c> to be called with option {ssl_imp, old}. prepend packet size bytes in ssl:send() in new_ssl implementation OTP-8441 ssl:send/2 ignored packet option, fix provided by YAMASHINA Hio. Fixed a file cache bug which caused problems when the same file was used for both cert and cacert. Allow ssl:listen/2 to be called with option {ssl_imp, old}. Fixed ssl:setopts(Socket, binary) which didn't work for 'new' ssl..
2010-02-12Fixed ssl:setopts(Socket, binary) which was didn't work for 'new' ssl.Dan Gudmundsson
2010-02-12Fixed bug file cache bug and improved the error messages.Dan Gudmundsson
2010-02-12Allow <c>ssl:listen/2</c> to be called with option {ssl_imp, old}.Dan Gudmundsson
2010-02-12prepend packet size bytes in ssl:send() in new_ssl implementationYAMASHINA Hio
With the {ssl_imp,new} option enabled, {packet,PacketType} only works when receiving. When sending, {packet,0} is always used.
2010-02-03OTP-8323 Cross compilation improvements and other build systemRickard Green
improvements. Most notable: Lots of cross compilation improvements. The old cross compilation support was more or less non-existing as well as broken. Please, note that the cross compilation support should still be considered as experimental. Also note that old cross compilation configurations cannot be used without modifications. For more information on cross compiling Erlang/OTP see the $ERL_TOP/xcomp/README file. Support for staged install using <url href="http://www.gnu.org/prep/standards/html_node/DESTDIR.html">D ESTDIR</url>. The old broken INSTALL_PREFIX has also been fixed. For more information see the $ERL_TOP/README file. Documentation of the release target of the top Makefile. For more information see the $ERL_TOP/README file. make install now by default creates relative symbolic links instead of absolute ones. For more information see the $ERL_TOP/README file. $ERL_TOP/configure --help=recursive now works and prints help for all applications with configure scripts. Doing make install, or make release directly after make all no longer triggers miscellaneous rebuilds. Existing bootstrap system is now used when doing make install, or make release without a preceding make all. The crypto and ssl applications use the same runtime library path when dynamically linking against libssl.so and libcrypto.so. The runtime library search path has also been extended. The configure scripts of erl_interface and odbc now search for thread libraries and thread library quirks the same way as erts do. The configure script of the odbc application now also looks for odbc libraries in lib64 and lib/64 directories when building on a 64-bit system. The config.h.in file in the erl_interface application is now automatically generated in instead of statically updated which reduces the risk of configure tests without any effect.
2010-01-21** Empty commit message **Lars G Thorsen