aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl
AgeCommit message (Collapse)Author
2019-01-14ssl: Add value 'save' to reuse_sessions and reuse_session client optionIngela Anderton Andin
We want to be able to save a specific session to reuse, and make sure it is reusable immediatly when the connection has been established. Add client option {reuse_session, SessionID::binary()} We also do not want clients to save sessions that it did not verify. Additionaly change behaviour of the client and server to not save sessions if reuse_session is set to false.
2019-01-14ssl: Client shall only save verified sessionsIngela Anderton Andin
Modernize test case option handling
2019-01-14ssl: Uncomplicate test codeIngela Anderton Andin
No need for this test case to set a specific cipher suite. An appropriate cipher suite will be negotiated and it will of course be the same for clients with the same configuration.
2019-01-14ssl: Modernize test suiteIngela Anderton Andin
2019-01-10Merge branch 'peterdmv/ssl/fix-crl-suite' into maintPéter Dimitrov
* peterdmv/ssl/fix-crl-suite: ssl: Fix CRL suite with openssl-1.1.1a Change-Id: I2847107b6cf0210c3002c016a6ba49288505d06f
2019-01-10ssl: Add renegotiation test case to OpenSSL sanity checkIngela Anderton Andin
2019-01-10ssl: Better stream handlingIngela Anderton Andin
Remove rizzo rests that made incorrect assumptions
2019-01-09ssl: Fix CRL suite with openssl-1.1.1aPéter Dimitrov
Later versions of openssl do not support negative integers for CRL due time (used for negative testing). As a workaround this commit implements a function that can set CRL due time in seconds and makes the testcase 'crl_hash_dir_expired' sleep for one second. Change-Id: I2ef8b3c6ee545bd09170fa6027cb9ca38cfb42c0
2019-01-08Merge branch 'peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477' into maintPéter Dimitrov
* peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477: ssl: Fix encoding/decoding of the SRP extension Change-Id: Iee3276a60041a2c04c89385b2de2edb1cd81babd
2019-01-08Merge pull request #2070 from essen/fix-ssl-shutdown-crashIngela Andin
ssl: Fix two invalid gen_statem returns OTP-15505
2019-01-08ssl: Fix encoding/decoding of the SRP extensionPéter Dimitrov
The encoded value of the SRP extension length was bigger than the actual length of the extension. This could cause interoperability problems with third party SSL implementations. This commit corrects the encoding and decoding of the SRP extension length. Change-Id: I78d118faab7f5d02b755a7d1e2e8561b86f5a15c
2019-01-08Merge pull request #2076 from IngelaAndin/ingela/ssl/active-once/ERL-371Ingela Andin
ssl: Guarantee active once data delivery OTP-15504
2019-01-07Merge branch 'ingela/ssl/error-handling-should-be-throw/OTP-15502' into maintIngela Anderton Andin
* ingela/ssl/error-handling-should-be-throw/OTP-15502: ssl: Clean up extension handling
2018-12-27ssl: Gurantee active once data deliveryIngela Anderton Andin
New internal active N changed timing, and new check is needed.
2018-12-22ssl: Fix two invalid gen_statem returnsLoïc Hoguin
2018-12-21ssl: Clean up extension handlingIngela Anderton Andin
Use throw stratgy for erro handling in extension handling. Makes code consistent and easier to refactor. Also fixes bug that an incorrect return value for gen_statem could be created when alert was a result of handling renegotiation info extension.
2018-12-21Merge branch 'maint-21' into maintIngela Anderton Andin
* maint-21: Updated OTP version Prepare release
2018-12-20Prepare releaseErlang/OTP
2018-12-20ssl: Fix renegotiation with new TLS senderIngela Anderton Andin
Wtite connection state was not synchronized when peer initiated renegotiation
2018-12-20ssl: Add renegotiate test caseIngela Anderton Andin
2018-12-20ssl: Remove no longer needed functionsIngela Anderton Andin
As the stop wrapper functions are no longer needed after tls_sender that altered the behaviour of the TLS distribution code.
2018-12-20ssl: Fix downgradeIngela Anderton Andin
Both test case and code needed updates to work as intended. Code needed update due to new tls_sender process and the test case gave false positive reusult erarlier probably due to beeing to sloopy in order to avoid timeouts.
2018-12-20ssl: Remove checks and conversions not neededIngela Anderton Andin
2018-12-20ssl: Use binary:copy/2 to avoid list overheadIngela Anderton Andin
2018-12-20ssl: Remove unnecessary internal eventIngela Anderton Andin
2018-12-20ssl: Clean codeIngela Anderton Andin
Rename Connection:handle_common_event Connection:handle_protocol_record removing use of unnecessary argument and making code easier to understand.
2018-12-20ssl: Add static_env recordIngela Anderton Andin
State values created at init
2018-12-19ssl: Fix renegotiation with new TLS senderIngela Anderton Andin
Wtite connection state was not synchronized when peer initiated renegotiation
2018-12-19ssl: Add renegotiate test caseIngela Anderton Andin
2018-12-19ssl: Cuddle test casesIngela Anderton Andin
Cipher test case also needed updating to handle streams correctly We should not rizzo test chacha20_poly1305 Conflicts: lib/ssl/test/ssl_basic_SUITE.erl
2018-12-14Merge branch 'raimo/ssl/tls_dist-optimization' into maintRaimo Niskanen
* raimo/ssl/tls_dist-optimization: Tighten dist app data receive
2018-12-14Merge branch 'ingela/ssl/optimize/OTP-15445' into maintIngela Anderton Andin
* ingela/ssl/optimize/OTP-15445: ssl: Fix test case ssl: Remove no longer needed functions ssl: Fix downgrade ssl: Remove checks and conversions not needed ssl: Use binary:copy/2 to avoid list overhead ssl: Remove unnecessary internal event ssl: Clean code ssl: Add static_env record
2018-12-14ssl: Fix test caseIngela Anderton Andin
packet raw is a stream, test code manged it packet oriented in the function active_raw.
2018-12-13Tighten dist app data receiveRaimo Niskanen
2018-12-13ssl: Remove no longer needed functionsIngela Anderton Andin
As the stop wrapper functions are no longer needed after tls_sender that altered the behaviour of the TLS distribution code.
2018-12-13ssl: Fix downgradeIngela Anderton Andin
Both test case and code needed updates to work as intended. Code needed update due to new tls_sender process and the test case gave false positive reusult erarlier probably due to beeing to sloopy in order to avoid timeouts.
2018-12-12ssl: Remove checks and conversions not neededIngela Anderton Andin
2018-12-12ssl: Use binary:copy/2 to avoid list overheadIngela Anderton Andin
2018-12-12ssl: Remove unnecessary internal eventIngela Anderton Andin
2018-12-12ssl: Clean codeIngela Anderton Andin
Rename Connection:handle_common_event Connection:handle_protocol_record removing use of unnecessary argument and making code easier to understand.
2018-12-12Add empty 'since' attribute for old modules and functionsSverker Eriksson
2018-12-12ssl: Add static_env recordIngela Anderton Andin
State values created at init
2018-12-11Add "since" attributes in xml for new functions and modulesSverker Eriksson
introduced after OTP_R13B03.
2018-12-10Prepare releaseErlang/OTP
2018-12-05Rewrite to work for stream connectionRaimo Niskanen
2018-12-04Merge branch 'raimo/ssl/tls_dist-optimization' into maintRaimo Niskanen
* raimo/ssl/tls_dist-optimization: Handle socket close in state downgrade Handle dead sender at terminate Handle tls_sender exit properly Optimize split_bin Improve dist send throughput
2018-12-04Merge branch 'raimo/ssl/tls_dist-profiling' into maintRaimo Niskanen
* raimo/ssl/tls_dist-profiling: Improve benchmark Implement print on other node Fix compiler warnings
2018-12-04Merge branch 'ingela/ssl/test-cuddle-ssl_basic_SUITE' into maintIngela Anderton Andin
* ingela/ssl/test-cuddle-ssl_basic_SUITE: ssl: Correct test case
2018-12-04Handle socket close in state downgradeRaimo Niskanen
2018-12-03ssl: Fix error handling in function passive_receiveIngela Anderton Andin
Also avoid code duplication Conflicts: lib/ssl/src/dtls_connection.erl lib/ssl/src/tls_connection.erl