aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl
AgeCommit message (Collapse)Author
2019-04-02Merge branch 'peterdmv/ssl/fix-key-share-decoding'Péter Dimitrov
* peterdmv/ssl/fix-key-share-decoding: ssl: Fix decoding of the key_share extension Change-Id: I2b772bb1e50b841f9154206b1170330d51c7ba94
2019-04-02Merge branch 'peterdmv/ssl/update-chacha-ciphers'Péter Dimitrov
* peterdmv/ssl/update-chacha-ciphers: ssl: Update Chacha20-Poly1305 cipher suite codes Change-Id: I0a3c48d7eb30d7c8fae2afdc4eaa68e909a474ea
2019-04-02Merge branch 'ingela/ssl/upgrade-cuddle'Ingela Anderton Andin
* ingela/ssl/upgrade-cuddle: ssl: Upgrade cert generation for upgrade test
2019-04-02ssl: Upgrade cert generation for upgrade testIngela Anderton Andin
2019-04-01ssl: Fix decoding of the key_share extensionPéter Dimitrov
Change-Id: I4764b5f2172f000d13c267e9002789fa6e09c58c
2019-04-01ssl: Update Chacha20-Poly1305 cipher suite codesPéter Dimitrov
Update the cipher suite codes of the Chacha20-Poly1305 ciphers to align them with RFC7905. Change-Id: I85aa8dfd8a3782d61304b7f74b48f7a09f15a033
2019-04-01Merge branch 'peterdmv/ssl/dtls-fix'Péter Dimitrov
* peterdmv/ssl/dtls-fix: ssl: Fix dtls queue handling ssl: Fix retransmission timeout Change-Id: Ic3312e46e56dca096318a5a6b2eefa6cc0e34863
2019-04-01Merge branch 'raimo/ssl/tls-dist-fun-day/OTP-14792'Raimo Niskanen
* raimo/ssl/tls-dist-fun-day/OTP-14792: Skip all benchmark groups Benchmark report relative core load Improve printouts Polish sched util benchmark Improve printouts Dist handshake with nodelay Implement inet_crypto_dist benchmark example
2019-04-01Merge branch 'ingela/ssl/AES-CCM/OTP-15626'Ingela Anderton Andin
* ingela/ssl/AES-CCM/OTP-15626: ssl: Adapt DTLS code to optimizations ssl: Add support AES_CCM cipher suites form RFC 6655
2019-03-29ssl: Fix dtls queue handlingPéter Dimitrov
Change-Id: I6956eb9c7036cfe72bb1b8cb3e02e22bd71c4c36
2019-03-29ssl: Fix retransmission timeoutPéter Dimitrov
Set the upper limit of the retransmission timeout to 60 seconds instead of 60 milliseconds. Change-Id: I17168a015f352d2526935ea77a8aea686944ebcd
2019-03-29Skip all benchmark groupsRaimo Niskanen
2019-03-29 ssl: Add missing tuple in shutdown reasonIngela Anderton Andin
2019-03-29ssl: Adapt DTLS code to optimizationsIngela Anderton Andin
2019-03-29ssl: Add support AES_CCM cipher suites form RFC 6655Ingela Anderton Andin
2019-03-29Benchmark report relative core loadRaimo Niskanen
2019-03-29Improve printoutsRaimo Niskanen
2019-03-29Polish sched util benchmarkRaimo Niskanen
2019-03-29ssl: Correct test caseIngela Anderton Andin
Optimization to concatenate small user data packages recived closely after each other has invalidated assumptions in the test case.
2019-03-29ssl: Remove test cases from ssl_basic_SUITEIngela Anderton Andin
The test are moved to ssl_cipher_suite_SUITE
2019-03-29ssl: Remove basic test group from ssl_to_openssl_SUITEIngela Anderton Andin
This group has started to fail as our default has diverged from OpenSSL defaults and we are not really interested in testing OpenSSL defaults.
2019-03-28Improve printoutsRaimo Niskanen
2019-03-28Dist handshake with nodelayRaimo Niskanen
2019-03-28Implement inet_crypto_dist benchmark exampleRaimo Niskanen
This is a simplistic distribution protocol module for encrypted distribution using a shared secret and only the crypto module, and AEAD ciphers. It is intended to be a benchmark reference for how fast encrypted distribution may get. How secure it would be and also how useful, for actual production use, remains to be investigated.
2019-03-26Revert "Prepare release"Henrik Nord
This reverts commit 0118046f9bda8dcf3594184fa439b79267db8017.
2019-03-25Prepare releaseErlang/OTP
2019-03-24ssl: Enhance testingIngela Anderton Andin
2019-03-22Merge branch 'peterdmv/ssl/document-tls13/OTP-13819'Péter Dimitrov
* peterdmv/ssl/document-tls13/OTP-13819: ssl: Update standards compliance Change-Id: Ie743a61fff2416abc741e1508864480a09091add
2019-03-22Merge branch 'ingela/ssl/default-supported-versions/OTP-14865'Ingela Anderton Andin
* ingela/ssl/default-supported-versions/OTP-14865: ssl: Remove default support for legacy versions
2019-03-21ssl: Update standards compliancePéter Dimitrov
Change-Id: I365965750e4b9747bf1fb8560f34afe6eecf7f02
2019-03-21Merge branch 'peterdmv/ssl/tls13-conn-info'Péter Dimitrov
* peterdmv/ssl/tls13-conn-info: ssl: Fix ssl:connection_information/1 in TLS 1.3 Change-Id: I492b0973bb4ee44354edf22ed3bc2a6e5c7b90c5
2019-03-21Revert "ssl: Correct handling of crypto exception handling."Ingela Anderton Andin
This reverts commit 884503bc69157d2a3c6bd72389b4e2a800f97fb6.
2019-03-21ssl: Remove default support for legacy versionsIngela Anderton Andin
TLS-1.0, TLS-1.1 and DTLS-1.0 are now considered legacy
2019-03-20ssl: Correct handling of crypto exception handling.Ingela Anderton Andin
Documentation was incorrect, and new specs provided dialyzer errors.
2019-03-19Merge branch 'maint'Rickard Green
* maint: Updated OTP version Prepare release
2019-03-19Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/src/ssl.erl lib/ssl/src/tls_connection.erl
2019-03-19Merge branch 'ingela/ssl/transport-transparance/ERL-861/OTP-15679' into maintIngela Anderton Andin
* ingela/ssl/transport-transparance/ERL-861/OTP-15679: ssl: Fix transport transparancy
2019-03-18Prepare releaseErlang/OTP
2019-03-18Merge branch 'ingela/ssl/recv-timeout-bug/ERL-884/ERL-883/OTP-14701' into ↵Erlang/OTP
maint-21 * ingela/ssl/recv-timeout-bug/ERL-884/ERL-883/OTP-14701: ssl: Cancel recv timer in all places
2019-03-18Merge branch 'ingela/ssl/transport-transparance/ERL-861/OTP-15679' into maint-21Erlang/OTP
* ingela/ssl/transport-transparance/ERL-861/OTP-15679: ssl: Fix transport transparancy
2019-03-18ssl: Fix ssl:connection_information/1 in TLS 1.3Péter Dimitrov
Store cipher suite information in session record. Test ssl:connection_information/1 in a TLS 1.3 connection. Change-Id: I7193e6dd2544540e446b5777b5768806cecf2bd3
2019-03-18Merge branch 'peterdmv/ssl/client-auth/OTP-15591'Péter Dimitrov
* peterdmv/ssl/client-auth/OTP-15591: ssl: Improve ssl logging ssl: Test handling of signature algorithms ssl: Handle unencrypted Alert (Illegal Parameter) ssl: Improve verification of received Certificate ssl: Fix Alert logging ssl: Fix get_handshake_context/2 ssl: Test HelloRetryRequest with client auth ssl: Verify signature algorithm in CV ssl: Verify CertificateVerify ssl: Test client authentication with certificate ssl: Validate client certificates (TLS 1.3) ssl: Test client authentication (empty cert) ssl: Implement state 'wait_cert' ssl: Add ssl logger support for CertificateRequest ssl: Fix ssl alerts Change-Id: Id4ba14d373f116038a7cb3ff9fc33faed23031c8
2019-03-16ssl: Cancel recv timer in all placesIngela Anderton Andin
Would cause connection to crash although all data was delivered to ssl:recv
2019-03-14ssl: Improve ssl loggingPéter Dimitrov
Remove function ssl:set_log_level/1. Its functionality is already implemented by logger:set_application_level/2. Set log level for ssl modules to debug at application start. Former implementation required an extra call to logger:set_application_level/2 (beside setting ssl option {log_level, debug}) to enable debug logging. Change-Id: Id21be7fd58915e11124cc136bb92d8a7526b8a74
2019-03-14ssl: Test handling of signature algorithmsPéter Dimitrov
Change-Id: I433924f9c590efa94423db5df52dd3f5d53d9d20
2019-03-14ssl: Handle unencrypted Alert (Illegal Parameter)Péter Dimitrov
Handle unencrypted 'Illegal Parameter' Alerts from openssl s_client when the server's connection states are already stepped into traffic encryption. Change-Id: I10951a9061e6f4b13d8ddb8ab99f8a812a483113
2019-03-14ssl: Improve verification of received CertificatePéter Dimitrov
Validate peer certificate against supported signature algorithms. Send 'Hanshake Failure' Alert if signature algorithm is not supported by the server. Change-Id: Iad428aad337f0f9764d23404c203f966664c4555
2019-03-14ssl: Fix Alert loggingPéter Dimitrov
Report the role of the peer when logging incoming Alerts. Change-Id: I7eec46bc36f9080f5087b6a38e7f14ac628fe286
2019-03-12Merge branch 'maint'Henrik Nord
* maint: Updated OTP version Prepare release
2019-03-11Prepare releaseErlang/OTP
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-18 04:06:29 +0000