aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl
AgeCommit message (Collapse)Author
2010-06-07OTP-8587 DSA key supportIngela Anderton Andin
New ssl now support client/server-certificates signed by dsa keys.
2010-06-04Fixed handling of several ssl/tls packets arriving at the same time.Ingela Anderton Andin
This was broken during a refactoring of the code.
2010-06-01Added workaround for tcp delivery problemIngela Anderton Andin
2010-05-28Cleaned codeIngela Anderton Andin
2010-05-28Hoops too quick to check in previous version, changed . to ;, compiled inIngela Anderton Andin
wrong shell!
2010-05-28Added misssing version check for client.Ingela Anderton Andin
2010-05-28Added missing padding check.Ingela Anderton Andin
2010-05-28Added missing Mac check.Ingela Anderton Andin
2010-05-28Added code to handle own alert in case MAC or padding check fails.Ingela Anderton Andin
2010-05-27Moved nodelay workaround for linux, as it seems to only work if you doIngela Anderton Andin
it before sending the fatal alert, even though documentation suggests the socket will be flushed on linux as an effect of setting the nodelay option.
2010-05-26OTP-8649 change in public_key apiIngela Anderton Andin
2010-05-26Test ssl_session_cache_api.Ingela Anderton Andin
2010-05-26Seems we need "nodelay socket flush" on some linux platforms after all.Ingela Anderton Andin
2010-05-26Avoid apparently timing issus when closing down opensslIngela Anderton Andin
2010-05-26Added option list argument to the init function in ssl_session_cache_api.Ingela Anderton Andin
2010-05-25Enhancements and fixes due to coverage investegation.Ingela Anderton Andin
2010-05-25Enhanced protocol version handling.Ingela Anderton Andin
2010-05-25Better coverage.Ingela Anderton Andin
2010-05-25Better coverageIngela Anderton Andin
2010-05-24Fixed session validation bug thanks to cover.Ingela Anderton Andin
2010-05-24Changed the documentation to match latest implementation and design decisions.Ingela Anderton Andin
2010-05-21Clean up of codeIngela Anderton Andin
2010-05-21Worked on getting better code coverage.Ingela Anderton Andin
2010-05-21Decision not to support export cipher suites.Ingela Anderton Andin
2010-05-21Decision not to support DH and export cipher suites.Ingela Anderton Andin
2010-05-21Decision not to support DH and export cipher suites and clean up.Ingela Anderton Andin
2010-05-20Honor internal APIIngela Anderton Andin
2010-05-20Fixed internal APIIngela Anderton Andin
2010-05-18Fixed extended_key_usage test so that it really tests what we want it to test.Ingela Anderton Andin
2010-05-18Commented out currently unsupported code. To be supported or removed in the ↵Ingela Anderton Andin
future.
2010-05-17Removed/commented out currently dead code.Ingela Anderton Andin
2010-05-11Added ticketsIngela Anderton Andin
2010-05-11OTP-8568 RFC -5746Ingela Anderton Andin
New ssl now supports secure renegotiation as described by RFC 5746.
2010-04-29Started to prepare for next versionIngela Anderton Andin
2010-04-29OTP-8588 Alert and packet handling improvmentIngela Anderton Andin
Alert handling has been improved to better handle unexpected but valid messages and the implementation is also changed to avoid timing related issues that could cause different error messages depending on network latency. Packet handling was sort of broken but would mostly work as expected when socket was in binary mode. This has now been fixed.
2010-04-19Prepare for releaseDan Gudmundsson
2010-04-17Reset inet optionsDan Gudmundsson
Temporary set the inet options on listen socket before doing accept so that the correct options will be inherited by the accept socket. Reset the options afterwards so that repeated use of listen socket get user set values.
2010-04-16Avoid race condition of early handshake messages, when socket is active mode ↵Dan Gudmundsson
is not false.
2010-04-15** Empty commit message **Ingela Anderton Andin
2010-04-15Tried to minimize sleepingIngela Anderton Andin
2010-04-15Ignore renegotiation reject until we implemented RFC-5746Ingela Anderton Andin
2010-04-15Added more tests and small corrections.Ingela Anderton Andin
2010-04-14Improved testsIngela Anderton Andin
2010-04-14Enhanced error handlingIngela Anderton Andin
2010-04-14Update version numberIngela Anderton Andin
2010-04-13We currently do not support fixed DH. Removal of dead code.Ingela Anderton Andin
2010-04-13Fixed dialyzer warningIngela Anderton Andin
2010-04-13OTP-8554 Certificate extensionsIngela Anderton Andin
2010-04-13Fixed spelling errorDan Gudmundsson
2010-04-13OTP-8517 RenegotiationIngela Anderton Andin
New ssl now properly handles ssl renegotiation, and initiates a renegotiation if ssl/ltls-sequence numbers comes close to the max value.