aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl
AgeCommit message (Collapse)Author
2019-05-15Prepare releaseErlang/OTP
2019-05-15ssl: Refactor of OTP 22 code due to patch OTP-15823Ingela Anderton Andin
2019-05-15ssl: Avoid dialyzer warningIngela Anderton Andin
Maybe we should only have specs for external APIs?! This is a how to write spec problem that we have to address later.
2019-05-15ssl: Add test cases for issue reported in ERL-938Ingela Anderton Andin
2019-05-15ssl: Internal active n must back off when user does not read dataIngela Anderton Andin
TLS connections should not buffer too much application data if they want to benefit from TCP flow control. Certain applications may want to customize the value of internal_active_n as there is a tradeoff between buffering memory and throughput. Conflicts: lib/ssl/src/tls_connection.erl
2019-05-15ssl: Remove legacy calls to next_recordIngela Anderton Andin
Conflicts: lib/ssl/src/dtls_connection.erl lib/ssl/src/ssl_connection.erl
2019-05-10Prepare releaseErlang/OTP
2019-05-09Merge branch 'ingela/ssl/revert-ctrl-flow'Ingela Anderton Andin
* ingela/ssl/revert-ctrl-flow: Revert "ssl: Add check when to toggle internal active N"
2019-05-08Merge branch 'raimo/inet_crypto_dist'Raimo Niskanen
* raimo/inet_crypto_dist: Rekey also the shared secret Use shared secret to rekey Cycle the keypair by time and count Set socket buffer sizes to avoid handshake deadlock Keep the keypair for the node's lifetime Implement some kind of PEKE to get forward secrecy Use incrementing IV Use Erlang cookie as shared secret
2019-05-08Rekey also the shared secretRaimo Niskanen
2019-05-08Merge branch 'maint'Rickard Green
* maint: Fix bad merge from maint-21 Fix bad merge from maint-21 Updated OTP version Prepare release # Conflicts: # OTP_VERSION # make/otp_version_tickets_in_merge
2019-05-07Revert "ssl: Add check when to toggle internal active N"Ingela Anderton Andin
This reverts commit 6e190b012dd5a304fc42a5f3bb58ff173a23eb66.
2019-05-07Merge branch 'ingela/ssl/openssl-test-cuddle'Ingela Anderton Andin
* ingela/ssl/openssl-test-cuddle: ssl: Add necessary compliance check
2019-05-07ssl: Fix dialyzer specIngela Anderton Andin
2019-05-07Merge branch 'ingela/ssl/cipher-suite-conversion/ERL-924/OTP-15483'Ingela Anderton Andin
* ingela/ssl/cipher-suite-conversion/ERL-924/OTP-15483: ssl: Add cipher suite convertion functions
2019-05-07ssl: Add cipher suite convertion functionsIngela Anderton Andin
2019-05-06Prepare releaseErlang/OTP
2019-05-06Merge branch ↵Erlang/OTP
'ingela/ssl/backported-ssl-enhancments/ERL-929/ERL-893/PR-2215/OTP-15785' into maint-21 * ingela/ssl/backported-ssl-enhancments/ERL-929/ERL-893/PR-2215/OTP-15785: ssl: Fix cherry-pick mistakes ssl: Refer documentation of HttpPacket from erts ssl: Update type spec of ssl:suite_to_str/1 ssl: Update function ssl:eccs/1 ssl: Fix type specs of ssl_internal.hrl ssl: Fix type specs of internal handshake functions ssl: Fix dialyzer warnings eldap: Fix dialyzer warnings ssl: Fix missing anchor warning public_key: Accept digest types 'sha1' and 'sha' inet: Document type inet:stat_option() ssl: Changed function specs and ssl.xml ssl: Add missing tuple in shutdown reason
2019-05-06Merge branch 'maint'Ingela Anderton Andin
2019-05-06Merge branch 'ingela/ssl/flow-ctrl/ERL-934/OTP-15802' into maintIngela Anderton Andin
* ingela/ssl/flow-ctrl/ERL-934/OTP-15802: ssl: Add check when to toggle internal active N
2019-05-06ssl: Add check when to toggle internal active NIngela Anderton Andin
Missing check of size of user_data_buffer made internal socket behave as an active socket instead of active N. Also correct indentation.
2019-05-06ssl: Add necessary compliance checkIngela Anderton Andin
2019-05-03Use shared secret to rekeyRaimo Niskanen
2019-05-03Cycle the keypair by time and countRaimo Niskanen
2019-05-03Set socket buffer sizes to avoid handshake deadlockRaimo Niskanen
2019-05-03ssl: Add new interop test suiteIngela Anderton Andin
Remove test form "ECC suites" that are covered by the new interop suite or by the fairly new ssl_cipher_suite_SUITE.
2019-05-03ssl: Use diffrent digest for some TLS/DTLS versionsIngela Anderton Andin
2019-04-30ssl: Fix cherry-pick mistakesIngela Anderton Andin
2019-04-30ssl: Refer documentation of HttpPacket from ertsPéter Dimitrov
Do not document http_packet() in ssl but refer to description of erlang:decode_packet/3. Change-Id: Ib2d0e4fc9605e40fe98bb249bc17fc39046d137a Conflicts: lib/ssl/src/ssl.erl
2019-04-30ssl: Update type spec of ssl:suite_to_str/1Péter Dimitrov
Change-Id: I7987e80cca7af184a9f40cdcd8ea8f07c318ba0d
2019-04-30ssl: Update function ssl:eccs/1Péter Dimitrov
Remove support of version tuples (e.g. {3,3}) from API function ssl:eccs/1. Update function spec and documentation. Change-Id: I891e42a2ca31c3e06b4edeeb866c0df874f2035b Conflicts: lib/ssl/doc/src/ssl.xml lib/ssl/src/ssl.erl
2019-04-30ssl: Fix type specs of ssl_internal.hrlPéter Dimitrov
Change 'term()' to 'any()'. Allow 'undefined' for all fields of #ssl_options{}. Change-Id: I00632bfd2b172974a99680a82f326f25b92b9974 Conflicts: lib/ssl/src/ssl_internal.hrl
2019-04-30ssl: Fix type specs of internal handshake functionsPéter Dimitrov
Change-Id: I99cd0bebd80b3e55fd522457fa126e5bc198657b Conflicts: lib/ssl/src/ssl_handshake.erl
2019-04-30ssl: Fix dialyzer warningsPéter Dimitrov
Change-Id: Ic4895195569073916f158a06b95061939f15cfc0 Conflicts: lib/ssl/doc/src/ssl.xml lib/ssl/src/ssl.erl
2019-04-30ssl: Fix missing anchor warningPéter Dimitrov
Change-Id: Iafbf60765b4635d6a50286080716c67231bb5cd9
2019-04-30ssl: Changed function specs and ssl.xmlKenneth Lundin
Changed function specs and ssl.xml for generation of documentation according to the new way. Change-Id: I17b59b80f9072c3d2c20aea1b102f1e9c86987a0 Conflicts: lib/ssl/doc/src/ssl.xml lib/ssl/src/ssl.erl
2019-04-30 ssl: Add missing tuple in shutdown reasonIngela Anderton Andin
2019-04-29Merge branch 'peterdmv/ssl/tls13-poly-chacha/OTP-15383'Péter Dimitrov
* peterdmv/ssl/tls13-poly-chacha/OTP-15383: ssl: Update standards compliance ssl: Enable additional ciphers for TLS 1.3 Change-Id: I2dc6eb73bc1b8809e7226e6b8e83f58b02a3e1e6
2019-04-25ssl: Update standards compliancePéter Dimitrov
Change-Id: I6193b25af2496118bf4d281e6a0fc65831b37bf9
2019-04-24ssl: Enable additional ciphers for TLS 1.3Péter Dimitrov
Enable TLS_CHACHA20_POLY1305_SHA256 and TLS_AES_128_CCM_SHA256. Change-Id: I04e32bcbf0683bb517f235a3e352facffc674692
2019-04-24ssl: Refer documentation of HttpPacket from ertsPéter Dimitrov
Do not document http_packet() in ssl but refer to description of erlang:decode_packet/3. Change-Id: Ib2d0e4fc9605e40fe98bb249bc17fc39046d137a
2019-04-24ssl: Update type spec of ssl:suite_to_str/1Péter Dimitrov
Change-Id: I7987e80cca7af184a9f40cdcd8ea8f07c318ba0d
2019-04-24Revert "Prepare release"Rickard Green
This reverts commit 425889ba69b69a9b6fb14bfbef121d51b78e853a.
2019-04-24ssl: Update function ssl:eccs/1Péter Dimitrov
Remove support of version tuples (e.g. {3,3}) from API function ssl:eccs/1. Update function spec and documentation. Change-Id: I891e42a2ca31c3e06b4edeeb866c0df874f2035b
2019-04-23Prepare releaseErlang/OTP
2019-04-23Merge branch 'peterdmv/ssl/doc-types-and-specs/OTP-15746'Péter Dimitrov
* peterdmv/ssl/doc-types-and-specs/OTP-15746: ssl: Add type specs for http_packet() ssl: Fix type specs of ssl_internal.hrl ssl: Fix type specs of internal handshake functions ssl: Fix dialyzer warnings eldap: Fix dialyzer warnings ssl: Fix missing anchor warning public_key: Accept digest types 'sha1' and 'sha' inet: Document type inet:stat_option() ssl: Changed function specs and ssl.xml ssl: Update standards_compliance.xml OTP-15775 OTP-15776 OTP-15777 Change-Id: Ibe8e8263d6557eaa40cc0681a7ce3fcb373a4120
2019-04-18ssl: Add type specs for http_packet()Péter Dimitrov
Change-Id: I07231ceab14d49c740967a0edfc9494328b96a62
2019-04-18ssl: Fix type specs of ssl_internal.hrlPéter Dimitrov
Change 'term()' to 'any()'. Allow 'undefined' for all fields of #ssl_options{}. Change-Id: I00632bfd2b172974a99680a82f326f25b92b9974
2019-04-18ssl: Fix type specs of internal handshake functionsPéter Dimitrov
Change-Id: I99cd0bebd80b3e55fd522457fa126e5bc198657b
2019-04-18Keep the keypair for the node's lifetimeRaimo Niskanen