| Age | Commit message (Collapse) | Author |
|---|
|
Do not test TLS 1.0 with these old versions as we do send hello extensions
for those implementations that will use them, and trailing unknown data
should be ignored by RFC complient implementations.
|
|
Also clean up code after previous test moves
|
|
Also refactor Rizzo tests to minimize them to only test
what actually can be tested. In practice this was already
done but a lot of legacy code remained. In the past timing
happened to make it look like it was possible to test
Rizzo-Dungeon mitigation in more detail, but it was based on
false assumptions that can not be applied to streams.
|
|
* peterdmv/ssl/fix-tls13-alpn:
ssl: Fix handling of ALPN in TLS 1.3
|
|
This is also an effort to group test cases better.
More such commits will follow.
|
|
|
|
Extention handling need some fixes to work
correctly for ALPN and SSL-3.0 only client/servers
do not support extensions
|
|
Regroup testes after functionality making it easier to
test all variants (all protocols, all cert types etc).
Also extend OpenSSL interop
|
|
|
|
* raimo/test-cuddling:
Fix leaking SSL node
|
|
* maint-21:
Updated OTP version
Prepare release
# Conflicts:
# OTP_VERSION
# lib/ssl/doc/src/notes.xml
# lib/ssl/vsn.mk
# make/otp_version_tickets
# otp_versions.table
|
|
'raimo/ssl/fix-zero-fragment-buffer-handling/ERIERL-379/OTP-15328' into maint
* raimo/ssl/fix-zero-fragment-buffer-handling/ERIERL-379/OTP-15328:
Do not call dist_ctrl_put_data with empty binaries
Refine the queue code
Fix extracting 0 bytes from queue
|
|
|
|
|
|
'raimo/ssl/fix-zero-fragment-buffer-handling/ERIERL-379/OTP-15328' into maint-21
* raimo/ssl/fix-zero-fragment-buffer-handling/ERIERL-379/OTP-15328:
Do not call dist_ctrl_put_data with empty binaries
Refine the queue code
Fix extracting 0 bytes from queue
|
|
* maint-22:
Updated OTP version
Prepare release
# Conflicts:
# make/otp_version_tickets
|
|
|
|
* ingela/ssl/alert-error-enhancment/OTP-15943:
ssl: Enhance error handling
|
|
|
|
|
|
* maint-22:
Updated OTP version
Prepare release
# Conflicts:
# make/otp_version_tickets
|
|
* maint-21:
Updated OTP version
Prepare release
# Conflicts:
# OTP_VERSION
# erts/doc/src/notes.xml
# erts/vsn.mk
# lib/ssl/doc/src/notes.xml
# lib/ssl/vsn.mk
# make/otp_version_tickets
# otp_versions.table
|
|
* ingela/ssl/alert-error-enhancment/OTP-15943:
ssl: Enhance error handling
|
|
* ingela/ssl/kill-openssl-zombie:
ssl: Kill OpenSSL processes that survived test run
|
|
|
|
|
|
* ingela/ssl/TLS-hibernate-bug/OTP-15910:
ssl: Fix hibernation bug
# Conflicts:
# lib/ssl/src/tls_connection.erl
|
|
|
|
* peterdmv/ssl/fix-cert-error-handling/OTP-15900:
ssl: Fix handling of certificate decoding problems
|
|
* peterdmv/ssl/fix-sign-algs-cert/OTP-15913:
ssl: Backport fix for signature_algorithms_cert
|
|
* ingela/ssl/TLS-hibernate-bug/OTP-15910:
ssl: Fix hibernation bug
# Conflicts:
# lib/ssl/src/tls_connection.erl
|
|
Should be zero such processes in the normal case
|
|
Handle the ILLEGAL_PARAMETER alert that may be returned from ssl_alert:decode/3
for gracefull shutdown, try of ...catch will/should not handle this case it is
only handles the case that TM should not happen!
|
|
Implement support for ECDSA certificates in TLS 1.3
|
|
|
|
* peterdmv/ssl/fix-peername-sockname:
ssl: Update ssl_test_lib
|
|
On some configurations the inet:peername/1 and inet:getaddr/2
functions return different loopback addresses, leading to
testcase failures in the ssl_basic_SUITE (peername, sockname).
This commit updates the node_to_hostip and check_result functions
to tolerate different loopback addresses.
|
|
Do not automatically configure the TLS version for the 'tlsv1.3'
group.
|
|
* peterdmv/ssl/fix-cert-error-handling/OTP-15900:
ssl: Fix handling of certificate decoding problems
|
|
|
|
This commit fixes interoperability problems with openssl when
the TLS 1.3 server is using the option signature_algs_cert.
In such cases the signature_algorithms_cert extension was encoded
as a signature_algorithms extension and openssl s_client returned
an Illegal Parameter Alert due to its filtering of extension
duplicates.
|
|
* ingela/ssl/TLS-hibernate-bug/OTP-15910:
ssl: Fix hibernation bug
|
|
|
|
* maint-22:
Updated OTP version
Prepare release
# Conflicts:
# make/otp_version_tickets
|
|
* maint-21:
Updated OTP version
Prepare release
# Conflicts:
# OTP_VERSION
# erts/doc/src/notes.xml
# erts/vsn.mk
# lib/common_test/doc/src/notes.xml
# lib/common_test/vsn.mk
# lib/kernel/doc/src/notes.xml
# lib/kernel/vsn.mk
# lib/public_key/doc/src/notes.xml
# lib/public_key/vsn.mk
# lib/ssl/doc/src/notes.xml
# lib/ssl/vsn.mk
# lib/stdlib/doc/src/notes.xml
# lib/stdlib/vsn.mk
# make/otp_version_tickets
# otp_versions.table
|
|
|
|
* peterdmv/ssl/fix-handshake-hello/ERL-975/OTP-15888:
ssl: Fix negative tests in ssl_basic_SUITE
ssl: Fix run_client_error/1 in ssl_test_lib
ssl: Fix ssl_handshake:extension_value/1
|
|
* peterdmv/ssl/tls12-java11-interop/ERL-973/OTP-15887:
ssl: Add interop test
ssl: Improve handling of signature algorithms
|
|
* ingela/ssl/handshake-handling/ERL-968/OTP-15879:
ssl: Correct handshake handling
|
|
|
