Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
maint-r14
* ia/ssl/unknown-extension-handling-verify-none/OTP-9029:
Prepare for release
Verification of a critical extended_key_usage-extension corrected
|
|
|
|
When a verify fun is supplied, it should not be called to verify
the extended_key_usage-extension when it is already verified
by the ssl_certificate:validate_extension/2
|
|
Handshake hashes, premaster secret and "public_key_info" does not need
to be saved when the connection has been established. The own certificate is
no longer duplicated in the state.
|
|
-------------------------------------------------------------------------
ssl's published documentation states:
ssl_accept(ListenSocket) ->
ssl_accept(ListenSocket, Timeout) -> ok | {error, Reason}
(see http://www.erlang.org/doc/man/ssl.html#ssl_accept-1)
while its code has the specs:
-spec ssl_accept(#sslsocket{}) -> {ok, #sslsocket{}} | {error, reason()}.
-spec ssl_accept(#sslsocket{}, list() | timeout()) -> {ok, #sslsocket{}} | {error, reason()}.
One of the two cannot be right. This should be fixed.
Moreover, I do not see why the spec just mentions list() for the options when the documentation explicitly mentions the options of ssl.
Kostis
---------------------------------------------------------------------
|
|
The previous code happened to worked if the select-statment returned
only on entry.
|
|
|
|
|
|
|
|
|
|
Added cache invalidation control of ssl certificates so that
sessions will not be reused if file content is changed.
There was a glitch in ssl:close that made it possible to
to get eaddrinuse even though reuseadder-option was used.
Also improved tests for better user-close handling.
|
|
|
|
|
|
|
|
|
|
Such reason is that pulic key generation or mnesia:stop might
occasionally take very long time.
|
|
Data to sign and verify should be inputed as binaries.
Also cleaned up and moved some dialyzer specs.
|
|
|
|
Also changed alert to BAD_RECORD_MAC as:
"differentiating between bad_record_mac and decryption_failed alerts
may permit certain attacks against CBC mode as used in TLS
[CBCATT]. It is preferable to uniformly use the bad_record_mac
alert to hide the specific type of the error."
Also cleaned up the code and changed a few other alert reasons in
according to alert descriptions in the TLS RFC 4346. And added function
terminate_alert/3 so that we can differentiate between a crash
in ssl (a bug in our code) and a crash in the application using ssl.
|
|
Also fixed incorrect dialyzer spec.
|
|
* ia/ssl/certificate-verify/wrong-key-method/OTP-8897:
Correct handling of client certificate verify message
Conflicts:
lib/ssl/src/ssl_handshake.erl
|
|
When checking the client certificate verify message the server used
the wrong algorithm identifier to determine the signing algorithm,
causing a function clause error in the public_key application when the
key-exchange algorithm and the public key algorithm of the client
certificate happen to differ.
|
|
For testing purposes ssl now also support some anonymous cipher suites
when explicitly configured to do so.
Also moved session cache tests to its own suite, so that timeout
of end_per_testcase when the mnesia is used as session cache will
not affect other test cases.
|
|
Conflicts:
lib/public_key/src/pubkey_cert.erl
|
|
|
|
maint-r14
* ia/ssl-and-public_key/verify_fun_peer_awarness/OTP-8873:
Peer awarness
|
|
Changed the verify fun so that it differentiate between the peer
certificate and CA certificates by using valid_peer or valid as the
second argument to the verify fun. It may not always be trivial or
even possible to know when the peer certificate is reached otherwise.
|
|
* ia/ssl-and-public_key/backwards-compatibility/OTP-8858:
Backwards compatibility
Conflicts:
lib/ssl/src/ssl_certificate_db.erl
Use short INFO-message. Debugging information can be fairly
easily recreated so we do not want to clutter the logs.
|
|
Changed implementation to retain backwards compatibility for old
option {verify, 0} that shall be equivalent to {verify, verify_none},
also separate the cases unknown CA and selfsigned peer cert, and
restored return value of deprecated function public_key:pem_to_der/1.
|
|
DSS-Params may be null in a certificate as it can inherit the
parameters.
Also ignore CA-certs that do not follow ASN-1 spec in RFC 5280.
|
|
* ia/fix-dialyzer-specs:
Corrected and added dialyzer specs
|
|
|
|
|
|
Added the functionality so that the verification fun will be called
when a certificate is considered valid by the path validation to allow
access to eachs certificate in the path to the user application.
Removed clause that only check that a extension is not critical,
it does alter the verification rusult only withholds information from
the application.
Try to verify subject-AltName, if unable to verify it let
application try.
|
|
* ia/ssl-http-error-test:
Add test suite for packet http_error.
|
|
* ia/ssl-4.0.1/documentation:
Updated documentation for ssl-4.0.1
|
|
|
|
|
|
|
|
Changed the behavior of the verify_fun option so that
the application can be responsible for handling path validation
errors even on the server side. Also replaced the not yet
documented validate_extensions_fun to be handled by the
verify_fun instead.
If the verify callback fun returns {fail, Reason}, the verification process is
immediately stopped and an alert is sent to the peer and the TLS/SSL
handshake is terminated. If the verify callback fun returns {valid,
UserState}, the verification process is continued. If the verify callback
fun always returns {valid, UserState}, the TLS/SSL handshake will not be
terminated with respect to verification failures and the connection
will be established. The verify callback fun will also be
able to verify application specific extensions.
|
|
Added support for inputing certificates and keys directly in DER format
these options will override the pem-file options if specified.
|
|
* dgud/ssl-commit-example-certs:
Cleanup ssl configure parts
Remove cert building from Makefiles
Checkin example certs instead of generating them.
|
|
* maint-r13:
Remove copyright headers in vsn.mk files
Conflicts:
lib/appmon/vsn.mk
lib/erl_docgen/vsn.mk
lib/inets/vsn.mk
lib/kernel/vsn.mk
lib/reltool/vsn.mk
lib/ssl/vsn.mk
lib/stdlib/vsn.mk
lib/tools/vsn.mk
lib/tv/vsn.mk
lib/xmerl/vsn.mk
|
|
|
|
Copyright notices serve no useful purpose in vsn.mk files, and
only complicate scripts that automatically update version numbers.
|
|
Avoiding cross-compilation and other problems by keeping them in git
instead of generating them each time. I think the reason to generate
them was that a valid date limitation, now that we can specify
the date, I have set them to be valid for 15 years.
|
|
|