Age | Commit message (Collapse) | Author |
|
* ia/ssl/TLS-1.2-default/OTP-10425:
ssl: Make TLS-1.2 default version
|
|
|
|
|
|
|
|
Conflicts:
erts/emulator/sys/vxworks/sys.c
erts/vsn.mk
lib/ssl/src/ssl_connection.erl
lib/ssl/test/ssl_basic_SUITE.erl
|
|
|
|
|
|
|
|
|
|
Reset state so that "recv data" is not sent as "active data" after a recv
timed out and no new recv has been called.
|
|
ssl:ssl_accept/[2,3] or ssl:connect/[3,4] timeout expires.
Add missing function clause to handle timeout during handshake.
The missing clause had the effect that the timeout was wrongly
discarded. Also add an extra test case for the recv timeout
in addition to the one in ssl_packet_SUITE.
The missing functions clause was introduced in 8a789189.
This commit changed the timeout implementation, the previous implememtation
could cause other type of problems as the timeout was client side.
|
|
* ia/ssl/sslv2-tests:
ssl: Receive port EXIT-message so that it does not get mixed up with the protocol-error message we are expecting
|
|
The R15B03 release
|
|
protocol-error message we are expecting
|
|
* ia/ssl/peer-cert-server:
ssl: Add test case for ssl:peercert with client certification
|
|
|
|
If an ssl server is restarted with new options and a client
tries to reuse a session the server must make sure that it complies
to the new options before agreeing to reuse it.
|
|
* ia/ssl/make-depend/OTP-10594:
ssl: Add dependencies to Makefile
|
|
|
|
|
|
|
|
|
|
* as/ssl-sha224-fixes:
SSL: TLS 1.2, advertise sha224 support
OTP-10586
|
|
|
|
Code should handle case the there is some undelivered data
left on the socket when peer close signal is received. It is
unlikely that this happens during normal testing.
|
|
SHA-224 is still better than SHA-1, so let the world know we support it
|
|
|
|
|
|
Conflicts:
lib/ssl/src/ssl_connection.erl
|
|
function.
Avoid doing gen_tcp/inet socket operations in terminate if socket
is already closed. Call gen_tcp:recv/3 in the "data delivery workaround"
to avoid hanging.
|
|
The absence of the active default values could cause a process leak
|
|
|
|
* upstream/maint:
ssl: Do not use gen_fsm:sync_send_all_state_event/3 timeout
|
|
The gen_fsm:sync_send_all_state_event/3 timout is a client side timeout.
If timeouts are needed we want them to be server side timeouts.
|
|
* ia/ssl/controlling-process-on-listen-socket/OTP-10447:
ssl: Improve #sslsocket{} API
ssl: It is now possible to call controlling_process on a listen socket, same as in gen_tcp.
|
|
|
|
A #sslsocket{} contains the fsm pid and value that was previously set to
old_ssl or new_ssl to make the transition period smoother. Now that old
ssl is not supported any more we use this field to store the inet socket
reference instead. This enables some API functions to return quicker
as they do not need to communicate with the fsm-process.
|
|
same as in gen_tcp.
Made error handling of listen sockets as arguments to funtions
expecting a connected socket more inet/gen_tcp like.
|
|
* ia/ssl/npn/OTP-10361:
ssl: Shorten test case names to workaround ct shortcomings on windows
ssl: SSL 3.0 does not support next protocol negotiation
ssl: Dialyzer fixes and code cleaning
ssl: Changed default behaviour of next protocol negotiation to make more "sense" (be true to the specification).
ssl: Update SSL docs for SSL Next Protocol Support
ssl: Support for SSL Next Protocol Negotiation * http://technotes.googlecode.com/git/nextprotoneg.html
|
|
|
|
|
|
Also shorten test cases names to workaround test framework problems
on windows
|
|
Types in a record where wrongly type specified, did not include
undefined. Make them comments for now, maybe we will specify internal
records with dialyzer types later, but as the other record fields are
not specified at the moment, with dialyzer types, make the code
consistent.
|
|
more "sense" (be true to the specification).
|
|
|
|
* http://technotes.googlecode.com/git/nextprotoneg.html
|
|
|
|
|
|
* ta/docsmaint:
Fix various doc typos for R15B02
Fix various code typos for R15B02
OTP-10245
|
|
|