aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl
AgeCommit message (Collapse)Author
2019-04-24Revert "Prepare release"Rickard Green
This reverts commit 425889ba69b69a9b6fb14bfbef121d51b78e853a.
2019-04-24ssl: Update function ssl:eccs/1Péter Dimitrov
Remove support of version tuples (e.g. {3,3}) from API function ssl:eccs/1. Update function spec and documentation. Change-Id: I891e42a2ca31c3e06b4edeeb866c0df874f2035b
2019-04-23Prepare releaseErlang/OTP
2019-04-23Merge branch 'peterdmv/ssl/doc-types-and-specs/OTP-15746'Péter Dimitrov
* peterdmv/ssl/doc-types-and-specs/OTP-15746: ssl: Add type specs for http_packet() ssl: Fix type specs of ssl_internal.hrl ssl: Fix type specs of internal handshake functions ssl: Fix dialyzer warnings eldap: Fix dialyzer warnings ssl: Fix missing anchor warning public_key: Accept digest types 'sha1' and 'sha' inet: Document type inet:stat_option() ssl: Changed function specs and ssl.xml ssl: Update standards_compliance.xml OTP-15775 OTP-15776 OTP-15777 Change-Id: Ibe8e8263d6557eaa40cc0681a7ce3fcb373a4120
2019-04-18ssl: Add type specs for http_packet()Péter Dimitrov
Change-Id: I07231ceab14d49c740967a0edfc9494328b96a62
2019-04-18ssl: Fix type specs of ssl_internal.hrlPéter Dimitrov
Change 'term()' to 'any()'. Allow 'undefined' for all fields of #ssl_options{}. Change-Id: I00632bfd2b172974a99680a82f326f25b92b9974
2019-04-18ssl: Fix type specs of internal handshake functionsPéter Dimitrov
Change-Id: I99cd0bebd80b3e55fd522457fa126e5bc198657b
2019-04-18Keep the keypair for the node's lifetimeRaimo Niskanen
2019-04-18Merge branch 'maint'Raimo Niskanen
* maint: Updated OTP version Prepare release Conflicts: OTP_VERSION
2019-04-18Merge branch 'maint'Raimo Niskanen
* maint: Do not create empty binaries when splitting iovec
2019-04-18ssl: Fix dialyzer warningsPéter Dimitrov
Change-Id: Ic4895195569073916f158a06b95061939f15cfc0
2019-04-17Prepare releaseErlang/OTP
2019-04-17ssl: Fix missing anchor warningPéter Dimitrov
Change-Id: Iafbf60765b4635d6a50286080716c67231bb5cd9
2019-04-17ssl: Changed function specs and ssl.xmlKenneth Lundin
Changed function specs and ssl.xml for generation of documentation according to the new way. Change-Id: I17b59b80f9072c3d2c20aea1b102f1e9c86987a0
2019-04-17ssl: Update standards_compliance.xmlPéter Dimitrov
Change-Id: I4da2b5c4defeb4e8893e512020d4dbdb96813542
2019-04-17Do not create empty binaries when splitting iovecRaimo Niskanen
2019-04-17Implement some kind of PEKE to get forward secrecyRaimo Niskanen
2019-04-12Merge branch 'ingela/ssl/cipher-suite-conversions'Ingela Anderton Andin
* ingela/ssl/cipher-suite-conversions: ssl: Add functions to convert between diffrent cipher suite formats
2019-04-12ssl: Add functions to convert between diffrent cipher suite formatsIngela Anderton Andin
2019-04-11ssl: Fix faulty match of Socket in handle_info/3Péter Dimitrov
Fix dtls_connection:handle_info/3 to correctly match the Socket in static_env. Change-Id: Iddaad0514c2413abac6d9a06292556e07acc7729
2019-04-11Merge branch 'peterdmv/ssl/fix-tls13-handshake/ERL-908/OTP-15759'Péter Dimitrov
* peterdmv/ssl/fix-tls13-handshake/ERL-908/OTP-15759: ssl: Add chacha ciphers to openssl_suite_name/1 ssl: Filter signature_schemes before usage ssl: Handle legacy algorithms in signature_scheme/1 Change-Id: I4caa0fb21324aceb1d3502d33e61e99bd915d9c4
2019-04-10ssl: Add chacha ciphers to openssl_suite_name/1Péter Dimitrov
Change-Id: I2f2cc8c64f02b50773eb455770336b159da7b9f9
2019-04-10ssl: Filter signature_schemes before usagePéter Dimitrov
Filter unassigned and legacy elements from signature_scheme_list before further processing. Change-Id: I0a2623e53c21cebe6e736e7eee6bb6354fc698b7
2019-04-10ssl: Handle legacy algorithms in signature_scheme/1Péter Dimitrov
Handle legacy signature algorithms in TLS 1.3 ClientHello to improve debug logging. Change-Id: If5548c828aabab83a2b147dffa7e937bd98916c6
2019-04-09Use incrementing IVRaimo Niskanen
2019-04-09ssl: Fix ssl:getstat/2Péter Dimitrov
Change-Id: I03d8bb7b45fc48b3d5b0232c4c3a286fb36aad5c
2019-04-09ssl: Implement {active,N} for DTLSPéter Dimitrov
Change-Id: I559624bedf3b9b9ed0316af5262f59bcad8de926
2019-04-09ssl: Fix function merge_fragments/2Péter Dimitrov
Change-Id: Icc99d5f3b8c667107926603e9d546d7198bd098d
2019-04-09ssl: Remove excessive calls to next_record/1Péter Dimitrov
Change-Id: Ic6606206b9c48489ead46bf2f8a982cf06ccc2e3
2019-04-09Merge branch 'peterdmv/ssl/fix-chacha-ciphers'Péter Dimitrov
* peterdmv/ssl/fix-chacha-ciphers: ssl: Fix Chacha20 IV length and nonce calculation Change-Id: I69b88bcfe0e9a6b9157884e9df049e15f4a35b95
2019-04-05ssl: Do not use broken OpenSSL clientsIngela Anderton Andin
Also remove dead code
2019-04-05ssl: Correct test inputIngela Anderton Andin
2019-04-05Merge branch 'ingela/ssl/cuddle-tests'Ingela Anderton Andin
* ingela/ssl/cuddle-tests: ssl: Avoid hiding fault reason as timeout ssl: sslv2 clients rejected in new way as sslv2 hello compatibility is dropped ssl: Run SNI test on specific TLS versions
2019-04-05ssl: Avoid hiding fault reason as timeoutIngela Anderton Andin
Use of rpc:call could hide the real crash reason
2019-04-05ssl: sslv2 clients rejected in new way as sslv2 hello compatibility is droppedIngela Anderton Andin
2019-04-03Use Erlang cookie as shared secretRaimo Niskanen
* Remove all configuration possibilities, so use the cookie as secret * Clean up error handling to make the module a more complete dist module * Change the init message to use length fields instead of zero termination * Remove the dependency towards modern crypto so it should run on maint
2019-04-03ssl: Run SNI test on specific TLS versionsIngela Anderton Andin
We do not want to test OpenSSL default values as the may not agree with our defaults.
2019-04-02Merge branch 'peterdmv/ssl/fix-key-share-decoding'Péter Dimitrov
* peterdmv/ssl/fix-key-share-decoding: ssl: Fix decoding of the key_share extension Change-Id: I2b772bb1e50b841f9154206b1170330d51c7ba94
2019-04-02Merge branch 'peterdmv/ssl/update-chacha-ciphers'Péter Dimitrov
* peterdmv/ssl/update-chacha-ciphers: ssl: Update Chacha20-Poly1305 cipher suite codes Change-Id: I0a3c48d7eb30d7c8fae2afdc4eaa68e909a474ea
2019-04-02ssl: Fix Chacha20 IV length and nonce calculationPéter Dimitrov
This commit fixes the IV length (12 bytes) and the calculation of the nonce for the Chacha20-Poly1305 ciphers. Change-Id: I4c9efc0bf012bc287c84c7b62c252ecf49ffe32f
2019-04-02Merge branch 'ingela/ssl/upgrade-cuddle'Ingela Anderton Andin
* ingela/ssl/upgrade-cuddle: ssl: Upgrade cert generation for upgrade test
2019-04-02ssl: Upgrade cert generation for upgrade testIngela Anderton Andin
2019-04-01ssl: Fix decoding of the key_share extensionPéter Dimitrov
Change-Id: I4764b5f2172f000d13c267e9002789fa6e09c58c
2019-04-01ssl: Update Chacha20-Poly1305 cipher suite codesPéter Dimitrov
Update the cipher suite codes of the Chacha20-Poly1305 ciphers to align them with RFC7905. Change-Id: I85aa8dfd8a3782d61304b7f74b48f7a09f15a033
2019-04-01Merge branch 'peterdmv/ssl/dtls-fix'Péter Dimitrov
* peterdmv/ssl/dtls-fix: ssl: Fix dtls queue handling ssl: Fix retransmission timeout Change-Id: Ic3312e46e56dca096318a5a6b2eefa6cc0e34863
2019-04-01Merge branch 'raimo/ssl/tls-dist-fun-day/OTP-14792'Raimo Niskanen
* raimo/ssl/tls-dist-fun-day/OTP-14792: Skip all benchmark groups Benchmark report relative core load Improve printouts Polish sched util benchmark Improve printouts Dist handshake with nodelay Implement inet_crypto_dist benchmark example
2019-04-01Merge branch 'ingela/ssl/AES-CCM/OTP-15626'Ingela Anderton Andin
* ingela/ssl/AES-CCM/OTP-15626: ssl: Adapt DTLS code to optimizations ssl: Add support AES_CCM cipher suites form RFC 6655
2019-03-29ssl: Fix dtls queue handlingPéter Dimitrov
Change-Id: I6956eb9c7036cfe72bb1b8cb3e02e22bd71c4c36
2019-03-29ssl: Fix retransmission timeoutPéter Dimitrov
Set the upper limit of the retransmission timeout to 60 seconds instead of 60 milliseconds. Change-Id: I17168a015f352d2526935ea77a8aea686944ebcd
2019-03-29Skip all benchmark groupsRaimo Niskanen