Age | Commit message (Collapse) | Author | |
---|---|---|---|
2011-12-07 | Merge branch 'ia/ssl/tcp-delivery-problem-may-cause-econnaborted' | Ingela Anderton Andin | |
* ia/ssl/tcp-delivery-problem-may-cause-econnaborted: If if TLS/SSL-close-notify message is not delivered you can get econnaborted error. | |||
2011-12-07 | Merge branch 'ia/ssl/public_key/test-maint' | Ingela Anderton Andin | |
* ia/ssl/public_key/test-maint: Add default value for "user" if os:getenv("USER") returns false | |||
2011-12-07 | Merge branch 'ia/ssl/session/cleanup-test' | Ingela Anderton Andin | |
* ia/ssl/session/cleanup-test: Improve ssl session cleanup test | |||
2011-12-07 | Add default value for "user" if os:getenv("USER") returns false | Ingela Anderton Andin | |
2011-12-06 | If if TLS/SSL-close-notify message is not delivered you can get econnaborted | Ingela Anderton Andin | |
error. | |||
2011-12-06 | Improve ssl session cleanup test | Ingela Anderton Andin | |
Check last delay timer for both client and server side to avoide timing issues. | |||
2011-12-05 | Fix typos in ssl_cipher.erl | Tuncer Ayaz | |
2011-12-05 | Added tcp_delivery_workaround to the test case invalid_signature_server | Ingela Anderton Andin | |
The workaround ought to have been added to this case when it was added to the test case invalid_signature_client | |||
2011-12-05 | Merge branch 'ia/ssl/dialyzer-R15' | Ingela Anderton Andin | |
* ia/ssl/dialyzer-R15: Callback specs now handled by -callback directive in the behaviour module. | |||
2011-12-05 | Do not do the 1/n-1 split for RC4 as it is not vulnerable to the ↵ | Ingela Anderton Andin | |
Rizzo/Duong-Beast attack. | |||
2011-12-02 | Missed two places in previous fix | Ingela Anderton Andin | |
2011-12-01 | Callback specs now handled by -callback directive in the behaviour module. | Ingela Anderton Andin | |
2011-11-30 | Test cases where failing due to timing issues in test case code | Ingela Anderton Andin | |
2011-11-28 | If a passive receive was ongoing during a renegotiation the process | Ingela Anderton Andin | |
evaluating ssl:recv could be left hanging for ever. | |||
2011-11-28 | Send ssl_closed notification to active ssl user when a tcp error occurs | Ingela Anderton Andin | |
2011-11-28 | Send ssl_closed notification to active ssl user when a tcp error occurs | Ingela Anderton Andin | |
2011-11-23 | Implementation of 1/n-1 splitting countermeasure Rizzo/Duong-Beast | Ingela Anderton Andin | |
The code is refactored and improved to make it easier to insert the 1/n-1 splitting countermeasure Rizzo/Duong-Beast that is really done in one function clause in ssl:record_split_bin/3 | |||
2011-11-21 | Mitigate Computational DoS attack | Ingela Anderton Andin | |
2011-11-16 | Merge branch 'ia/ssl/ets-next-problem/OTP-9703' | Ingela Anderton Andin | |
* ia/ssl/ets-next-problem/OTP-9703: Replaced ets:next traversal with ets:foldl and throw | |||
2011-11-16 | Merge branch 'ia/ssl/badarith/OTP-9696' | Ingela Anderton Andin | |
* ia/ssl/badarith/OTP-9696: Improved session cleanup handling Fix badarith in ssl_session:validate_session/2 | |||
2011-11-15 | Removed compiler warnings | Ingela Anderton Andin | |
2011-11-15 | Work around bug in openss-1.0.0e | Ingela Anderton Andin | |
2011-11-15 | Use ERL_FLAGS in plain_verify_options test | Ingela Anderton Andin | |
Windows do not handle long commands and would crash if many ssl arguments are passed on the command prompt | |||
2011-11-15 | Adjustment to work with hipe | Ingela Anderton Andin | |
process_info(Pid, current_function) may return {current_function, undefined} in some cases but will not in the importante one! | |||
2011-11-15 | Avoid openssl processes surviving after test case has finished | Ingela Anderton Andin | |
If the server process is always closed first shutdown of the openssl process will be gracious | |||
2011-11-15 | Add better error message | Ingela Anderton Andin | |
2011-11-15 | Skip ssl_dist_SUITE if cover run, as the test server node can not ↵ | Ingela Anderton Andin | |
communicate with the ssl nodes with erlang distribution | |||
2011-11-15 | Fine tuning of test suites | Ingela Anderton Andin | |
2011-11-15 | Replaced ets:next traversal with ets:foldl and throw | Ingela Anderton Andin | |
ets:next needs an explicit safe_fixtable call to be safe, we rather use ets:foldl and throw to get out of it when we find the correct entry. | |||
2011-11-15 | Improved session cleanup handling | Ingela Anderton Andin | |
Added session status "new" to mark sessions that are in the session database to reserve the session id but not resumable yet and that we want to separate from sessions that has been invalidated for further reuse. | |||
2011-11-15 | Fix badarith in ssl_session:validate_session/2 | Ingela Anderton Andin | |
The time_stamp filed is now initated in the connection process init function, so that invalidations of sessions due to handshake failiures, will not cause sessions in the session table to have an uninitiated time_stamp field. | |||
2011-11-15 | Merge branch 'ia/ssl/prepare-for-relese' | Ingela Anderton Andin | |
* ia/ssl/prepare-for-relese: Prepare version and appup for release | |||
2011-11-15 | Merge branch 'ia/public_key/ssl/crypto/PKCS-8/OTP-9312' | Ingela Anderton Andin | |
* ia/public_key/ssl/crypto/PKCS-8/OTP-9312: Add clause for expected input to pubkey:pseudo_random_function/2 when ASN-1 compiler is fixed. Clean up of public_key code adding specs and documentation Added PKCS-8 support in ssl Additions to crypto and public_key needed for full PKCS-8 support Add PKCS-8 support to public_key | |||
2011-11-11 | Prepare version and appup for release | Ingela Anderton Andin | |
2011-11-01 | Added PKCS-8 support in ssl | Ingela Anderton Andin | |
2011-10-24 | fix handling of block_decipher/5 failure | Andreas Schultz | |
A wrong decryption key would cause a badmatch in generic_block_cipher_from_bin/2. The try in block_decipher/5 was probably intendend to deal with that, but was misplace for this. Additionaly, generating a failure alert erly, without computing the record MAC, creates vector for a timing attack on CBC padding (for details check TLS 1.2 RFC 5246, Sect. 6.2.3.2.). This attach vector and the counter meassure applies to all SSL/TLS versions. As a counter messure, compute the MAC even when decryption or padding checks fail. A invalid padding will force a MAC failure by intentionaly invalidating the content. | |||
2011-10-11 | Put back ssl:peercert/1 | Ingela Anderton Andin | |
I accidentally removed a little too much, only peercert/2 was deprecated. | |||
2011-10-06 | Merge branch 'ia/ssl/remove-old-ssl/OTP-7048' | Ingela Anderton Andin | |
* ia/ssl/remove-old-ssl/OTP-7048: Remove old ssl implementation and deprecated function ssl:peercert/1 Conflicts: lib/ssl/test/Makefile | |||
2011-10-06 | Merge branch 'ia/ssl/dist-more-tests' | Ingela Anderton Andin | |
* ia/ssl/dist-more-tests: Better option handling Improve code structure Remove ssl_prim calls that are remains from the old ssl distribution Add payload test | |||
2011-10-04 | Merge branch 'dev' into major | Björn-Egil Dahlberg | |
2011-10-04 | Better option handling | Ingela Anderton Andin | |
Also cleaned up old gaurds. | |||
2011-10-04 | Prepare releaseOTP_R14B04 | Erlang/OTP | |
2011-10-03 | Improve code structure | Ingela Anderton Andin | |
2011-10-03 | Remove ssl_prim calls that are remains from the old ssl distribution | Ingela Anderton Andin | |
2011-10-03 | Add payload test | Ingela Anderton Andin | |
2011-09-29 | Merge branch 'dev' into major | Björn-Egil Dahlberg | |
* dev: Update copyright years | |||
2011-09-29 | Update copyright years | Björn-Egil Dahlberg | |
2011-09-28 | Merge branch 'dev' into major | Ingela Anderton Andin | |
2011-09-28 | Corrected documentation bug | Ingela Anderton Andin | |
2011-09-28 | Merge remote branch 'upstream/dev' into major | Ingela Anderton Andin | |
* upstream/dev: Both the SSLv3 and TLS 1.0/TLS 1.1 specifications require implementations to ignore data following the ClientHello (i.e., extensions) if they do not understand them. fix unknown ssl extension parsing by changing length from bits to bytes Temporary disable tests on MAC due to issus with the MAC ODBC drivers |