Age | Commit message (Collapse) | Author |
|
Maybe we should only have specs for external APIs?!
This is a how to write spec problem that we have to address later.
|
|
|
|
TLS connections should not buffer too much application data if they
want to benefit from TCP flow control. Certain applications may want to
customize the value of internal_active_n as there is a tradeoff between
buffering memory and throughput.
|
|
|
|
This reverts commit 6e190b012dd5a304fc42a5f3bb58ff173a23eb66.
|
|
|
|
'ingela/ssl/backported-ssl-enhancments/ERL-929/ERL-893/PR-2215/OTP-15785' into maint-21
* ingela/ssl/backported-ssl-enhancments/ERL-929/ERL-893/PR-2215/OTP-15785:
ssl: Fix cherry-pick mistakes
ssl: Refer documentation of HttpPacket from erts
ssl: Update type spec of ssl:suite_to_str/1
ssl: Update function ssl:eccs/1
ssl: Fix type specs of ssl_internal.hrl
ssl: Fix type specs of internal handshake functions
ssl: Fix dialyzer warnings
eldap: Fix dialyzer warnings
ssl: Fix missing anchor warning
public_key: Accept digest types 'sha1' and 'sha'
inet: Document type inet:stat_option()
ssl: Changed function specs and ssl.xml
ssl: Add missing tuple in shutdown reason
|
|
Missing check of size of user_data_buffer made internal socket
behave as an active socket instead of active N.
Also correct indentation.
|
|
|
|
Do not document http_packet() in ssl but refer to description of
erlang:decode_packet/3.
Change-Id: Ib2d0e4fc9605e40fe98bb249bc17fc39046d137a
Conflicts:
lib/ssl/src/ssl.erl
|
|
Change-Id: I7987e80cca7af184a9f40cdcd8ea8f07c318ba0d
|
|
Remove support of version tuples (e.g. {3,3}) from API function
ssl:eccs/1.
Update function spec and documentation.
Change-Id: I891e42a2ca31c3e06b4edeeb866c0df874f2035b
Conflicts:
lib/ssl/doc/src/ssl.xml
lib/ssl/src/ssl.erl
|
|
Change 'term()' to 'any()'. Allow 'undefined' for all fields
of #ssl_options{}.
Change-Id: I00632bfd2b172974a99680a82f326f25b92b9974
Conflicts:
lib/ssl/src/ssl_internal.hrl
|
|
Change-Id: I99cd0bebd80b3e55fd522457fa126e5bc198657b
Conflicts:
lib/ssl/src/ssl_handshake.erl
|
|
Change-Id: Ic4895195569073916f158a06b95061939f15cfc0
Conflicts:
lib/ssl/doc/src/ssl.xml
lib/ssl/src/ssl.erl
|
|
Change-Id: Iafbf60765b4635d6a50286080716c67231bb5cd9
|
|
Changed function specs and ssl.xml for generation of documentation
according to the new way.
Change-Id: I17b59b80f9072c3d2c20aea1b102f1e9c86987a0
Conflicts:
lib/ssl/doc/src/ssl.xml
lib/ssl/src/ssl.erl
|
|
|
|
|
|
|
|
|
|
maint-21
* ingela/ssl/recv-timeout-bug/ERL-884/ERL-883/OTP-14701:
ssl: Cancel recv timer in all places
|
|
* ingela/ssl/transport-transparance/ERL-861/OTP-15679:
ssl: Fix transport transparancy
|
|
Would cause connection to crash although all data was delivered to ssl:recv
|
|
|
|
|
|
Conflicts:
lib/ftp/test/ftp_SUITE.erl
|
|
* essen/ssl-active-n:
fixup! ssl: Add support for {active,N}
ssl: Use common fonction to update {active,N}
ssl: Document {active,N}
ssl: Add support for {active,N}
Conflicts:
lib/ssl/src/ssl.erl
|
|
* essen:erlang/otp:
fixup! ssl: Add support for {active,N}
ssl: Use common fonction to update {active,N}
ssl: Document {active,N}
ssl: Add support for {active,N}
Conflicts:
lib/ssl/src/ssl_connection.erl
|
|
* ingela/ssl/doc-enhancements:
ssl: Enhance documentation after "use-spec-rewrite"
|
|
|
|
* raimo/ssl/tls-optimization/OTP-15529:
Inline local function
Optimize binary matching
Clean up module boundaries
Remove redundant return of CipherState
Use iovec() internally in send path
Small binary handling optimizations
Optimize read_application_data with Okasaki queue
Try to optimize decode_cipher_text/3
Optimize application data aggregation
Optimize TLS record parsing with Okasaki queue
Cache strong_random_bytes for IV
Optimize padding
Produce less garbage in encrypt loop
Reorganize #data{}
Tidy up state machine
Add server GC info to bench results
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* ingela/ssl/shrink-state:
ssl: Remove duplicate record_cb handling
ssl: Add test case for continued handshake with a timeout
ssl: Use gen_statem named timers to handle connection and recv timeouts
ssl: Move and rename diffie_hellman_keys and srp_keys to kex_keys
ssl: Move key_algorithm to handshake_env
ssl: srp
ssl: Rename
ssl: Move diffie_hellman_params to handshake_env
ssl: Move and rename psk_identity state record field
ssl: Move premaster_secret to handshake_env
ssl: Make flight_state DTLS specific
ssl: Add private_key to connection_env
ssl: Remove unused record field
ssl: Add erl_dist_handle to connection_env
ssl: Add negotiated_version to connection_env
ssl: Add key exchange items to handshake_env
ssl: Add hashsign_algorithm and cert_hashsign_algorithm to handshake_env
ssl: Add downgrade handling to connection_env
ssl: Create connection_env
ssl: Handle renegotiation and extensions in handshake_env
|
|
Improve the abstraction between the ssl_connection module
and dtls_connection, tls_connection and tls_sender, as well
as towards the lower level tls_record and ssl_record modules.
Remove some dead code.
|
|
|
|
|
|
* peterdmv/ssl/fix-failing-testcases:
ssl: Fix renegotiation testcases
ssl: Fix failing rizzo testcases
ssl: Use IPv4 addresses with openssl s_client
ssl: Use sha256 in test certificates if supported
Change-Id: I11a326be027545e20fbef6f90996b0c8be8c3e50
|
|
|
|
Fix failing renegotiation testcases with openssl-1.1.1a.
openssl s_client sends the renegotiation "R\n" connected command
to the server side causing testcase failure.
This commit updates ssl_to_openssl_SUITE:erlang_ssl_receive to
swallow the unexpected packet.
Change-Id: I1f5d040ac65c25652f7101ddf109fc84acc4c915
|
|
|
|
|
|
To avoid degenerate case with quadratic complexity that
shows up when sending large messages since the the fragment
concatenation was done by binary append. An Okasaki queue
is much more efficient.
|
|
|
|
|