aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl
AgeCommit message (Collapse)Author
2017-11-24ssl: Remove old softupgrade codeIngela Anderton Andin
This code is only relevant in version is was written in.
2017-11-24ssl: Use genstamtem properlyIngela Anderton Andin
2017-11-24ssl: Fix incorrect merge conflict resolutionIngela Anderton Andin
When handling merging of back ported Counter measurements for Bleichenbacher attack a line from DTLS was accidentally lost.
2017-11-23fix missing document tag lost during mergeIngela Anderton Andin
2017-11-23Merge branch 'maint-18' into maintIngela Anderton Andin
2017-11-23Merge branch 'maint-19' into maintIngela Anderton Andin
2017-11-23Merge branch 'maint-20' into maintIngela Anderton Andin
* maint-20: Updated OTP version Update release notes Update version numbers public_key: verify ip (both v4 and v6) public_key: Added IP4 address checks to hostname_verification tests ssl: Fix test cases to work on all test platforms public_key: Fix dialyzer spec ssl: Sessions must be registered with SNI if exists ssl: Extend hostname check to fallback to checking IP-address public_key, ssl: Handles keys so that APIs are preserved correctly ssl: Use ?FUNCTION_NAME ssl: Prepare for release ssl: Countermeasurements for Bleichenbacher attack Conflicts: lib/public_key/doc/src/public_key.xml lib/public_key/test/public_key_SUITE.erl lib/public_key/test/public_key_SUITE_data/pkix_verify_hostname_subjAltName_IP.pem lib/public_key/test/public_key_SUITE_data/verify_hostname_ip.conf lib/ssl/src/dtls_connection.erl lib/ssl/src/ssl_connection.erl lib/ssl/src/ssl_handshake.erl
2017-11-23Merge tag 'OTP-18.3.4.1.1' into maint-18Ingela Anderton Andin
=== OTP-18.3.4.1.1 === Changed Applications: - ssl-7.3.3.0.1 Unchanged Applications: - asn1-4.0.2 - common_test-1.12.1 - compiler-6.0.3 - cosEvent-2.2 - cosEventDomain-1.2 - cosFileTransfer-1.2 - cosNotification-1.2.1 - cosProperty-1.2 - cosTime-1.2.1 - cosTransactions-1.3.1 - crypto-3.6.3 - debugger-4.1.2 - dialyzer-2.9 - diameter-1.11.2 - edoc-0.7.18 - eldap-1.2.1 - erl_docgen-0.4.2 - erl_interface-3.8.2 - erts-7.3.1 - et-1.5.1 - eunit-2.2.13 - gs-1.6 - hipe-3.15 - ic-4.4 - inets-6.2.4 - jinterface-1.6.1 - kernel-4.2 - megaco-3.18 - mnesia-4.13.4 - observer-2.1.2 - odbc-2.11.1 - orber-3.8.1 - os_mon-2.4 - ose-1.1 - otp_mibs-1.1 - parsetools-2.1.1 - percept-0.8.11 - public_key-1.1.1 - reltool-0.7 - runtime_tools-1.9.3 - sasl-2.7 - snmp-5.2.2 - ssh-4.2.2.1 - stdlib-2.8 - syntax_tools-1.7 - test_server-3.10 - tools-2.8.3 - typer-0.9.10 - webtool-0.9.1 - wx-1.6.1 - xmerl-1.3.10 Conflicts: OTP_VERSION lib/ssl/vsn.mk otp_versions.table
2017-11-22Prepare releaseIngela Anderton Andin
2017-11-22ssl: Countermeasurements for Bleichenbacher attackIngela Anderton Andin
Back ported for security reasons. Remove DTLS changes as DTLS is not at all working in OTP 18.
2017-11-22Update release notesErlang/OTP
2017-11-22Update release notesErlang/OTP
2017-11-22Update release notesErlang/OTP
2017-11-22Merge branch ↵Erlang/OTP
'ingela/maint-20/ssl/extend-hostname-check/OTP-14632/OTP-14655/OTP-14766' into maint-20 * ingela/maint-20/ssl/extend-hostname-check/OTP-14632/OTP-14655/OTP-14766: ssl: Fix test cases to work on all test platforms public_key: Fix dialyzer spec ssl: Sessions must be registered with SNI if exists ssl: Extend hostname check to fallback to checking IP-address public_key, ssl: Handles keys so that APIs are preserved correctly ssl: Use ?FUNCTION_NAME
2017-11-21ssl: Marker inserted to enable a reference from cryptoHans Nilsson
2017-11-20Merge branch 'lukas/docs/xmllint_fixes/OTP-14721' into maintLukas Larsson
* lukas/docs/xmllint_fixes/OTP-14721: ssl/ssh: Remove/ignore unused XML_FILES doc files Refactor xmllint check and make it fail on failure Add toplevel xmllint make target Conflicts: lib/crypto/doc/src/Makefile
2017-11-20ssl/ssh: Remove/ignore unused XML_FILES doc filesLukas Larsson
2017-11-16ssl: Align code of TLS/DTLS handshake handlingIngela Anderton Andin
2017-11-16ssl: Align code of TLS/DTLS record handlingIngela Anderton Andin
2017-11-16ssl: Align code of main modules implementing the gen_statem behaviourIngela Anderton Andin
2017-11-16dtls: Add state specIngela Anderton Andin
2017-11-13ssl: Fix broken link in docIngela Anderton Andin
2017-11-09ssl: Fix test cases to work on all test platformsIngela Anderton Andin
Use hradcoded rsa keys as this will work on all legacy platforms. In test case dns_name_reuse only do the relevant client check in the final test.
2017-11-09ssl: Sessions must be registered with SNI if existsIngela Anderton Andin
2017-11-09ssl: Extend hostname check to fallback to checking IP-addressIngela Anderton Andin
If no SNI is available and the hostname is an IP-address also check for IP-address match. This check is not as good as a DNS hostname check and certificates using IP-address are not recommended.
2017-11-09public_key, ssl: Handles keys so that APIs are preserved correctlyIngela Anderton Andin
2017-11-09 ssl: Use ?FUNCTION_NAMEIngela Anderton Andin
Use ?FUNCTION_NAME macro to enhance code as we will not back-port this version of the ssl application to versions pre OTP 19.
2017-11-09ssl: Prepare for releaseIngela Anderton Andin
2017-11-09ssl: Prepare for releaseIngela Anderton Andin
2017-11-09ssl: Prepare for releaseIngela Anderton Andin
2017-11-09ssl: Countermeasurements for Bleichenbacher attackIngela Anderton Andin
Back ported for security reasons. Remove DTLS changes as DTLS is not at all working in OTP 18.
2017-11-09ssl: Countermeasurements for Bleichenbacher attackIngela Anderton Andin
2017-11-09ssl: Countermeasurements for Bleichenbacher attackIngela Anderton Andin
2017-11-08ssl: Add private key configuration for crypto engineIngela Anderton Andin
2017-10-31Refactor xmllint check and make it fail on failureLukas Larsson
This commit also adds a check to see that all files that are part of an xi:include also have part of XML_FILES and vice versa. It also fixes any applications where this was not true.
2017-10-20ssl: Do not provide IP address to ssl:connect in erlang distribution over TLSIngela Anderton Andin
As TLS clients will perform a hostname check against certificates the IP-address does not make much sense.
2017-10-18Merge branch 'ingela/dtls/no-packet-upd/OTP-14664' into maintIngela Anderton Andin
* ingela/dtls/no-packet-upd/OTP-14664: ssl: No support for packet option over unreliable transport
2017-10-17Merge branch 'ingela/ssl/extend-hostname-check/OTP-14632/OTP-14655' into maintIngela Anderton Andin
* ingela/ssl/extend-hostname-check/OTP-14632/OTP-14655: ssl: Fix test cases to work on all test platforms public_key: Fix dialyzer spec ssl: Sessions must be registered with SNI if exists ssl: Extend hostname check to fallback to checking IP-address public_key, ssl: Handles keys so that APIs are preserved correctly
2017-10-17ssl: No support for packet option over unreliable transportIngela Anderton Andin
2017-10-16 ssl: Use ?FUNCTION_NAMEIngela Anderton Andin
Use ?FUNCTION_NAME macro to enhance code as we will not back-port this version of the ssl application to versions pre OTP 19.
2017-10-16ssl: Fix test cases to work on all test platformsIngela Anderton Andin
Use hradcoded rsa keys as this will work on all legacy platforms. In test case dns_name_reuse only do the relevant client check in the final test.
2017-10-13Merge branch 'ingela/ssl/remove-deprcated-string' into maintIngela Anderton Andin
* ingela/ssl/remove-deprcated-string: ssl: Use new string functions
2017-10-13ssl: Sessions must be registered with SNI if existsIngela Anderton Andin
2017-10-13ssl: Extend hostname check to fallback to checking IP-addressIngela Anderton Andin
If no SNI is available and the hostname is an IP-address also check for IP-address match. This check is not as good as a DNS hostname check and certificates using IP-address are not recommended.
2017-10-12public_key, ssl: Handles keys so that APIs are preserved correctlyIngela Anderton Andin
2017-10-10Merge branch 'lars/doc-cleanup/OTP-14475' into maintLars Thorsen
* lars/doc-cleanup/OTP-14475: [edoc] Remove unused module otpsgml_layout.erl Remove unused files from the documentation build
2017-10-05ssl: Use new string functionsIngela Anderton Andin
The functions are not performance critical. Will be used when errors occurs, CRL data base is managed or legacy OpenSSL names are used for ciphers.
2017-09-30dtls: Compleate DTLS renegotiate implementationIngela Anderton Andin
2017-09-28Remove unused files from the documentation buildLars Thorsen
2017-09-22Update release notesErlang/OTP