aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl
AgeCommit message (Collapse)Author
2019-06-17Prepare releaseErlang/OTP
2019-06-17Merge branch 'peterdmv/ssl/fix-handshake-hello/ERL-975/OTP-15888' into maint-22Erlang/OTP
* peterdmv/ssl/fix-handshake-hello/ERL-975/OTP-15888: ssl: Fix negative tests in ssl_basic_SUITE ssl: Fix run_client_error/1 in ssl_test_lib ssl: Fix ssl_handshake:extension_value/1
2019-06-17Merge branch 'peterdmv/ssl/tls12-java11-interop/ERL-973/OTP-15887' into maint-22Erlang/OTP
* peterdmv/ssl/tls12-java11-interop/ERL-973/OTP-15887: ssl: Add interop test ssl: Improve handling of signature algorithms
2019-06-17Merge branch 'ingela/ssl/handshake-handling/ERL-968/OTP-15879' into maint-22Erlang/OTP
* ingela/ssl/handshake-handling/ERL-968/OTP-15879: ssl: Correct handshake handling
2019-06-17ssl: Fix negative tests in ssl_basic_SUITEPéter Dimitrov
2019-06-17ssl: Fix run_client_error/1 in ssl_test_libPéter Dimitrov
Fix run_client_error/1 to properly propagate errors from the test client.
2019-06-17ssl: Fix ssl_handshake:extension_value/1Péter Dimitrov
Handle new TLS 1.2/1.3 extensions.
2019-06-14ssl: Add interop testPéter Dimitrov
Add interoperability test for TLS 1.2 server and TLS 1.3 client.
2019-06-14ssl: Improve handling of signature algorithmsPéter Dimitrov
TLS 1.2 ClientHello caused handshake failure in the TLS 1.2 server if the signature_algorithms_cert extension contained legacy algorithms. Update TLS 1.2 server to properly handle legacy signature algorithms in the signature_algorithms_cert extension. Update TLS 1.3 client so that it can send legacy algorithms in its signature_algorithms_cert extension.
2019-06-13ssl: Correct handshake handlingIngela Anderton Andin
Solves ERL-968, a refactoring bug could cause part of a server key exchange message to be appended, to an incorrectly duplicated, certificate handshake message. In the end causing an ASN1 decoding error. That in turn did not end up the correct error handling branch.
2019-06-12Prepare releaseErlang/OTP
2019-06-12Merge branch 'peterdmv/ssl/dtls-test-fix' into maint-22Erlang/OTP
* peterdmv/ssl/dtls-test-fix: ssl: Fix ssl_packet_SUITE
2019-06-12Merge branch 'ingela/ssl/dtls-multiplxor/ERL-962/OTP-15864' into maint-22Erlang/OTP
* ingela/ssl/dtls-multiplxor/ERL-962/OTP-15864: ssl: Add missing gen_server return value in DTLS packet demux process
2019-06-12Merge branch 'ingela/ssl/ret-ext/ERL-951/OTP-15862' into maint-22Erlang/OTP
* ingela/ssl/ret-ext/ERL-951/OTP-15862: ssl: Fix broken return value
2019-06-12ssl: Fix ssl_packet_SUITEPéter Dimitrov
Unset internal_active_n when cleaning FT environment.
2019-06-07ssl: Add missing gen_server return value in DTLS packet demux processIngela Anderton Andin
2019-06-05ssl: Fix broken return valueIngela Anderton Andin
2019-06-04ssl: Returned "alert error string" should be same as logged alert stringIngela Anderton Andin
2019-05-15Prepare releaseErlang/OTP
2019-05-15ssl: Refactor of OTP 22 code due to patch OTP-15823Ingela Anderton Andin
2019-05-15ssl: Avoid dialyzer warningIngela Anderton Andin
Maybe we should only have specs for external APIs?! This is a how to write spec problem that we have to address later.
2019-05-15ssl: Add test cases for issue reported in ERL-938Ingela Anderton Andin
2019-05-15ssl: Internal active n must back off when user does not read dataIngela Anderton Andin
TLS connections should not buffer too much application data if they want to benefit from TCP flow control. Certain applications may want to customize the value of internal_active_n as there is a tradeoff between buffering memory and throughput. Conflicts: lib/ssl/src/tls_connection.erl
2019-05-15ssl: Remove legacy calls to next_recordIngela Anderton Andin
Conflicts: lib/ssl/src/dtls_connection.erl lib/ssl/src/ssl_connection.erl
2019-05-10Prepare releaseErlang/OTP
2019-05-09Merge branch 'ingela/ssl/revert-ctrl-flow'Ingela Anderton Andin
* ingela/ssl/revert-ctrl-flow: Revert "ssl: Add check when to toggle internal active N"
2019-05-08Merge branch 'raimo/inet_crypto_dist'Raimo Niskanen
* raimo/inet_crypto_dist: Rekey also the shared secret Use shared secret to rekey Cycle the keypair by time and count Set socket buffer sizes to avoid handshake deadlock Keep the keypair for the node's lifetime Implement some kind of PEKE to get forward secrecy Use incrementing IV Use Erlang cookie as shared secret
2019-05-08Rekey also the shared secretRaimo Niskanen
2019-05-08Merge branch 'maint'Rickard Green
* maint: Fix bad merge from maint-21 Fix bad merge from maint-21 Updated OTP version Prepare release # Conflicts: # OTP_VERSION # make/otp_version_tickets_in_merge
2019-05-07Revert "ssl: Add check when to toggle internal active N"Ingela Anderton Andin
This reverts commit 6e190b012dd5a304fc42a5f3bb58ff173a23eb66.
2019-05-07Merge branch 'ingela/ssl/openssl-test-cuddle'Ingela Anderton Andin
* ingela/ssl/openssl-test-cuddle: ssl: Add necessary compliance check
2019-05-07ssl: Fix dialyzer specIngela Anderton Andin
2019-05-07Merge branch 'ingela/ssl/cipher-suite-conversion/ERL-924/OTP-15483'Ingela Anderton Andin
* ingela/ssl/cipher-suite-conversion/ERL-924/OTP-15483: ssl: Add cipher suite convertion functions
2019-05-07ssl: Add cipher suite convertion functionsIngela Anderton Andin
2019-05-06Prepare releaseErlang/OTP
2019-05-06Merge branch ↵Erlang/OTP
'ingela/ssl/backported-ssl-enhancments/ERL-929/ERL-893/PR-2215/OTP-15785' into maint-21 * ingela/ssl/backported-ssl-enhancments/ERL-929/ERL-893/PR-2215/OTP-15785: ssl: Fix cherry-pick mistakes ssl: Refer documentation of HttpPacket from erts ssl: Update type spec of ssl:suite_to_str/1 ssl: Update function ssl:eccs/1 ssl: Fix type specs of ssl_internal.hrl ssl: Fix type specs of internal handshake functions ssl: Fix dialyzer warnings eldap: Fix dialyzer warnings ssl: Fix missing anchor warning public_key: Accept digest types 'sha1' and 'sha' inet: Document type inet:stat_option() ssl: Changed function specs and ssl.xml ssl: Add missing tuple in shutdown reason
2019-05-06Merge branch 'maint'Ingela Anderton Andin
2019-05-06Merge branch 'ingela/ssl/flow-ctrl/ERL-934/OTP-15802' into maintIngela Anderton Andin
* ingela/ssl/flow-ctrl/ERL-934/OTP-15802: ssl: Add check when to toggle internal active N
2019-05-06ssl: Add check when to toggle internal active NIngela Anderton Andin
Missing check of size of user_data_buffer made internal socket behave as an active socket instead of active N. Also correct indentation.
2019-05-06ssl: Add necessary compliance checkIngela Anderton Andin
2019-05-03Use shared secret to rekeyRaimo Niskanen
2019-05-03Cycle the keypair by time and countRaimo Niskanen
2019-05-03Set socket buffer sizes to avoid handshake deadlockRaimo Niskanen
2019-05-03ssl: Add new interop test suiteIngela Anderton Andin
Remove test form "ECC suites" that are covered by the new interop suite or by the fairly new ssl_cipher_suite_SUITE.
2019-05-03ssl: Use diffrent digest for some TLS/DTLS versionsIngela Anderton Andin
2019-04-30ssl: Fix cherry-pick mistakesIngela Anderton Andin
2019-04-30ssl: Refer documentation of HttpPacket from ertsPéter Dimitrov
Do not document http_packet() in ssl but refer to description of erlang:decode_packet/3. Change-Id: Ib2d0e4fc9605e40fe98bb249bc17fc39046d137a Conflicts: lib/ssl/src/ssl.erl
2019-04-30ssl: Update type spec of ssl:suite_to_str/1Péter Dimitrov
Change-Id: I7987e80cca7af184a9f40cdcd8ea8f07c318ba0d
2019-04-30ssl: Update function ssl:eccs/1Péter Dimitrov
Remove support of version tuples (e.g. {3,3}) from API function ssl:eccs/1. Update function spec and documentation. Change-Id: I891e42a2ca31c3e06b4edeeb866c0df874f2035b Conflicts: lib/ssl/doc/src/ssl.xml lib/ssl/src/ssl.erl
2019-04-30ssl: Fix type specs of ssl_internal.hrlPéter Dimitrov
Change 'term()' to 'any()'. Allow 'undefined' for all fields of #ssl_options{}. Change-Id: I00632bfd2b172974a99680a82f326f25b92b9974 Conflicts: lib/ssl/src/ssl_internal.hrl