Age | Commit message (Collapse) | Author |
|
We want to be able to save a specific session to reuse, and make sure
it is reusable immediatly when the connection has been established.
Add client option {reuse_session, SessionID::binary()}
We also do not want clients to save sessions that it did not verify.
Additionaly change behaviour of the client and server to not save sessions
if reuse_session is set to false.
|
|
Modernize test case option handling
|
|
No need for this test case to set a specific cipher suite. An appropriate cipher suite
will be negotiated and it will of course be the same for clients with the same configuration.
|
|
|
|
* peterdmv/ssl/fix-crl-suite:
ssl: Fix CRL suite with openssl-1.1.1a
Change-Id: I2847107b6cf0210c3002c016a6ba49288505d06f
|
|
|
|
Remove rizzo rests that made incorrect assumptions
|
|
Later versions of openssl do not support negative integers for
CRL due time (used for negative testing).
As a workaround this commit implements a function that can set
CRL due time in seconds and makes the testcase
'crl_hash_dir_expired' sleep for one second.
Change-Id: I2ef8b3c6ee545bd09170fa6027cb9ca38cfb42c0
|
|
* peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477:
ssl: Fix encoding/decoding of the SRP extension
Change-Id: Iee3276a60041a2c04c89385b2de2edb1cd81babd
|
|
ssl: Fix two invalid gen_statem returns
OTP-15505
|
|
The encoded value of the SRP extension length was bigger than the
actual length of the extension. This could cause interoperability
problems with third party SSL implementations.
This commit corrects the encoding and decoding of the SRP extension
length.
Change-Id: I78d118faab7f5d02b755a7d1e2e8561b86f5a15c
|
|
ssl: Guarantee active once data delivery
OTP-15504
|
|
* ingela/ssl/error-handling-should-be-throw/OTP-15502:
ssl: Clean up extension handling
|
|
New internal active N changed timing, and
new check is needed.
|
|
|
|
Use throw stratgy for erro handling in extension handling. Makes code consistent and easier to refactor.
Also fixes bug that an incorrect return value for gen_statem could be created when alert was a result
of handling renegotiation info extension.
|
|
* maint-21:
Updated OTP version
Prepare release
|
|
|
|
Wtite connection state was not synchronized when peer initiated renegotiation
|
|
|
|
As the stop wrapper functions are no longer needed after tls_sender
that altered the behaviour of the TLS distribution code.
|
|
Both test case and code needed updates to work as intended. Code needed update due to
new tls_sender process and the test case gave false positive reusult erarlier probably
due to beeing to sloopy in order to avoid timeouts.
|
|
|
|
|
|
|
|
Rename Connection:handle_common_event Connection:handle_protocol_record
removing use of unnecessary argument and making code easier to understand.
|
|
State values created at init
|
|
Wtite connection state was not synchronized when peer initiated renegotiation
|
|
|
|
Cipher test case also needed updating to handle streams correctly
We should not rizzo test chacha20_poly1305
Conflicts:
lib/ssl/test/ssl_basic_SUITE.erl
|
|
* raimo/ssl/tls_dist-optimization:
Tighten dist app data receive
|
|
* ingela/ssl/optimize/OTP-15445:
ssl: Fix test case
ssl: Remove no longer needed functions
ssl: Fix downgrade
ssl: Remove checks and conversions not needed
ssl: Use binary:copy/2 to avoid list overhead
ssl: Remove unnecessary internal event
ssl: Clean code
ssl: Add static_env record
|
|
packet raw is a stream, test code manged it packet oriented in
the function active_raw.
|
|
|
|
As the stop wrapper functions are no longer needed after tls_sender
that altered the behaviour of the TLS distribution code.
|
|
Both test case and code needed updates to work as intended. Code needed update due to
new tls_sender process and the test case gave false positive reusult erarlier probably
due to beeing to sloopy in order to avoid timeouts.
|
|
|
|
|
|
|
|
Rename Connection:handle_common_event Connection:handle_protocol_record
removing use of unnecessary argument and making code easier to understand.
|
|
|
|
State values created at init
|
|
introduced after OTP_R13B03.
|
|
|
|
|
|
* raimo/ssl/tls_dist-optimization:
Handle socket close in state downgrade
Handle dead sender at terminate
Handle tls_sender exit properly
Optimize split_bin
Improve dist send throughput
|
|
* raimo/ssl/tls_dist-profiling:
Improve benchmark
Implement print on other node
Fix compiler warnings
|
|
* ingela/ssl/test-cuddle-ssl_basic_SUITE:
ssl: Correct test case
|
|
|
|
Also avoid code duplication
Conflicts:
lib/ssl/src/dtls_connection.erl
lib/ssl/src/tls_connection.erl
|