aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl
AgeCommit message (Collapse)Author
2019-05-09ssl: Avoid dialyzer warningIngela Anderton Andin
Maybe we should only have specs for external APIs?! This is a how to write spec problem that we have to address later.
2019-05-08ssl: Add test cases for issue reported in ERL-938Ingela Anderton Andin
2019-05-08ssl: Internal active n must back off when user does not read dataIngela Anderton Andin
TLS connections should not buffer too much application data if they want to benefit from TCP flow control. Certain applications may want to customize the value of internal_active_n as there is a tradeoff between buffering memory and throughput.
2019-05-08ssl: Remove legacy calls to next_recordIngela Anderton Andin
2019-05-07Revert "ssl: Add check when to toggle internal active N"Ingela Anderton Andin
This reverts commit 6e190b012dd5a304fc42a5f3bb58ff173a23eb66.
2019-05-06Prepare releaseErlang/OTP
2019-05-06Merge branch ↵Erlang/OTP
'ingela/ssl/backported-ssl-enhancments/ERL-929/ERL-893/PR-2215/OTP-15785' into maint-21 * ingela/ssl/backported-ssl-enhancments/ERL-929/ERL-893/PR-2215/OTP-15785: ssl: Fix cherry-pick mistakes ssl: Refer documentation of HttpPacket from erts ssl: Update type spec of ssl:suite_to_str/1 ssl: Update function ssl:eccs/1 ssl: Fix type specs of ssl_internal.hrl ssl: Fix type specs of internal handshake functions ssl: Fix dialyzer warnings eldap: Fix dialyzer warnings ssl: Fix missing anchor warning public_key: Accept digest types 'sha1' and 'sha' inet: Document type inet:stat_option() ssl: Changed function specs and ssl.xml ssl: Add missing tuple in shutdown reason
2019-05-06ssl: Add check when to toggle internal active NIngela Anderton Andin
Missing check of size of user_data_buffer made internal socket behave as an active socket instead of active N. Also correct indentation.
2019-04-30ssl: Fix cherry-pick mistakesIngela Anderton Andin
2019-04-30ssl: Refer documentation of HttpPacket from ertsPéter Dimitrov
Do not document http_packet() in ssl but refer to description of erlang:decode_packet/3. Change-Id: Ib2d0e4fc9605e40fe98bb249bc17fc39046d137a Conflicts: lib/ssl/src/ssl.erl
2019-04-30ssl: Update type spec of ssl:suite_to_str/1Péter Dimitrov
Change-Id: I7987e80cca7af184a9f40cdcd8ea8f07c318ba0d
2019-04-30ssl: Update function ssl:eccs/1Péter Dimitrov
Remove support of version tuples (e.g. {3,3}) from API function ssl:eccs/1. Update function spec and documentation. Change-Id: I891e42a2ca31c3e06b4edeeb866c0df874f2035b Conflicts: lib/ssl/doc/src/ssl.xml lib/ssl/src/ssl.erl
2019-04-30ssl: Fix type specs of ssl_internal.hrlPéter Dimitrov
Change 'term()' to 'any()'. Allow 'undefined' for all fields of #ssl_options{}. Change-Id: I00632bfd2b172974a99680a82f326f25b92b9974 Conflicts: lib/ssl/src/ssl_internal.hrl
2019-04-30ssl: Fix type specs of internal handshake functionsPéter Dimitrov
Change-Id: I99cd0bebd80b3e55fd522457fa126e5bc198657b Conflicts: lib/ssl/src/ssl_handshake.erl
2019-04-30ssl: Fix dialyzer warningsPéter Dimitrov
Change-Id: Ic4895195569073916f158a06b95061939f15cfc0 Conflicts: lib/ssl/doc/src/ssl.xml lib/ssl/src/ssl.erl
2019-04-30ssl: Fix missing anchor warningPéter Dimitrov
Change-Id: Iafbf60765b4635d6a50286080716c67231bb5cd9
2019-04-30ssl: Changed function specs and ssl.xmlKenneth Lundin
Changed function specs and ssl.xml for generation of documentation according to the new way. Change-Id: I17b59b80f9072c3d2c20aea1b102f1e9c86987a0 Conflicts: lib/ssl/doc/src/ssl.xml lib/ssl/src/ssl.erl
2019-04-30 ssl: Add missing tuple in shutdown reasonIngela Anderton Andin
2019-04-17Prepare releaseErlang/OTP
2019-04-17Do not create empty binaries when splitting iovecRaimo Niskanen
2019-03-18Prepare releaseErlang/OTP
2019-03-18Merge branch 'ingela/ssl/recv-timeout-bug/ERL-884/ERL-883/OTP-14701' into ↵Erlang/OTP
maint-21 * ingela/ssl/recv-timeout-bug/ERL-884/ERL-883/OTP-14701: ssl: Cancel recv timer in all places
2019-03-18Merge branch 'ingela/ssl/transport-transparance/ERL-861/OTP-15679' into maint-21Erlang/OTP
* ingela/ssl/transport-transparance/ERL-861/OTP-15679: ssl: Fix transport transparancy
2019-03-16ssl: Cancel recv timer in all placesIngela Anderton Andin
Would cause connection to crash although all data was delivered to ssl:recv
2019-03-11Prepare releaseErlang/OTP
2019-03-11ssl: Fix transport transparancyIngela Anderton Andin
2019-03-08ssl: Correct active once emulationIngela Anderton Andin
Conflicts: lib/ftp/test/ftp_SUITE.erl
2019-03-04Merge branch 'essen/ssl-active-n' into maintRaimo Niskanen
* essen/ssl-active-n: fixup! ssl: Add support for {active,N} ssl: Use common fonction to update {active,N} ssl: Document {active,N} ssl: Add support for {active,N} Conflicts: lib/ssl/src/ssl.erl
2019-02-22Merge branch ssl-active-n of essen:erlang/otp into essen/ssl-active-nRaimo Niskanen
* essen:erlang/otp: fixup! ssl: Add support for {active,N} ssl: Use common fonction to update {active,N} ssl: Document {active,N} ssl: Add support for {active,N} Conflicts: lib/ssl/src/ssl_connection.erl
2019-02-22Merge branch 'ingela/ssl/doc-enhancements' into maintIngela Anderton Andin
* ingela/ssl/doc-enhancements: ssl: Enhance documentation after "use-spec-rewrite"
2019-02-22ssl: Enhance documentation after "use-spec-rewrite"Ingela Anderton Andin
2019-02-21Merge branch 'raimo/ssl/tls-optimization/OTP-15529' into maintRaimo Niskanen
* raimo/ssl/tls-optimization/OTP-15529: Inline local function Optimize binary matching Clean up module boundaries Remove redundant return of CipherState Use iovec() internally in send path Small binary handling optimizations Optimize read_application_data with Okasaki queue Try to optimize decode_cipher_text/3 Optimize application data aggregation Optimize TLS record parsing with Okasaki queue Cache strong_random_bytes for IV Optimize padding Produce less garbage in encrypt loop Reorganize #data{} Tidy up state machine Add server GC info to bench results
2019-02-19fixup! ssl: Add support for {active,N}Loïc Hoguin
2019-02-19ssl: Use common fonction to update {active,N}Loïc Hoguin
2019-02-19ssl: Document {active,N}Loïc Hoguin
2019-02-19ssl: Add support for {active,N}Loïc Hoguin
2019-02-18Inline local functionRaimo Niskanen
2019-02-18Optimize binary matchingRaimo Niskanen
2019-02-18Merge branch 'ingela/ssl/shrink-state' into maintIngela Anderton Andin
* ingela/ssl/shrink-state: ssl: Remove duplicate record_cb handling ssl: Add test case for continued handshake with a timeout ssl: Use gen_statem named timers to handle connection and recv timeouts ssl: Move and rename diffie_hellman_keys and srp_keys to kex_keys ssl: Move key_algorithm to handshake_env ssl: srp ssl: Rename ssl: Move diffie_hellman_params to handshake_env ssl: Move and rename psk_identity state record field ssl: Move premaster_secret to handshake_env ssl: Make flight_state DTLS specific ssl: Add private_key to connection_env ssl: Remove unused record field ssl: Add erl_dist_handle to connection_env ssl: Add negotiated_version to connection_env ssl: Add key exchange items to handshake_env ssl: Add hashsign_algorithm and cert_hashsign_algorithm to handshake_env ssl: Add downgrade handling to connection_env ssl: Create connection_env ssl: Handle renegotiation and extensions in handshake_env
2019-02-14Clean up module boundariesRaimo Niskanen
Improve the abstraction between the ssl_connection module and dtls_connection, tls_connection and tls_sender, as well as towards the lower level tls_record and ssl_record modules. Remove some dead code.
2019-02-14ssl: Remove duplicate record_cb handlingIngela Anderton Andin
2019-02-14ssl: Add test case for continued handshake with a timeoutdimadio
2019-02-14Merge branch 'peterdmv/ssl/fix-failing-testcases' into maintPéter Dimitrov
* peterdmv/ssl/fix-failing-testcases: ssl: Fix renegotiation testcases ssl: Fix failing rizzo testcases ssl: Use IPv4 addresses with openssl s_client ssl: Use sha256 in test certificates if supported Change-Id: I11a326be027545e20fbef6f90996b0c8be8c3e50
2019-02-13Remove redundant return of CipherStateRaimo Niskanen
2019-02-13ssl: Fix renegotiation testcasesPéter Dimitrov
Fix failing renegotiation testcases with openssl-1.1.1a. openssl s_client sends the renegotiation "R\n" connected command to the server side causing testcase failure. This commit updates ssl_to_openssl_SUITE:erlang_ssl_receive to swallow the unexpected packet. Change-Id: I1f5d040ac65c25652f7101ddf109fc84acc4c915
2019-02-13Use iovec() internally in send pathRaimo Niskanen
2019-02-13Small binary handling optimizationsRaimo Niskanen
2019-02-13Optimize read_application_data with Okasaki queueRaimo Niskanen
To avoid degenerate case with quadratic complexity that shows up when sending large messages since the the fragment concatenation was done by binary append. An Okasaki queue is much more efficient.
2019-02-13Try to optimize decode_cipher_text/3Raimo Niskanen
2019-02-13Optimize application data aggregationRaimo Niskanen