From 04faa82c43ba43929087b6d91fb1f9cbff34cb99 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C3=A9ter=20Dimitrov?= Date: Wed, 24 Apr 2019 12:42:26 +0200 Subject: ssl: Update function ssl:eccs/1 Remove support of version tuples (e.g. {3,3}) from API function ssl:eccs/1. Update function spec and documentation. Change-Id: I891e42a2ca31c3e06b4edeeb866c0df874f2035b --- lib/ssl/doc/src/ssl.xml | 14 +------------- lib/ssl/src/ssl.erl | 26 +++++++++----------------- lib/ssl/test/ssl_basic_SUITE.erl | 6 ++---- 3 files changed, 12 insertions(+), 34 deletions(-) diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 422bd6a19d..8e4c21ba02 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -128,7 +128,7 @@ - + @@ -136,26 +136,14 @@ - - - - - - - - - - - - diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl index a3138e8c30..f4941fe0bf 100644 --- a/lib/ssl/src/ssl.erl +++ b/lib/ssl/src/ssl.erl @@ -80,7 +80,6 @@ cipher_filters/0, sign_algo/0, protocol_version/0, - protocol_version_tuple/0, protocol_extensions/0, session_id/0, error_alert/0, @@ -105,11 +104,8 @@ -type ip_address() :: inet:ip_address(). -type session_id() :: binary(). % exported -type protocol_version() :: tls_version() | dtls_version(). % exported --type protocol_version_tuple() :: tls_version_tuple() | dtls_version_tuple(). % exported -type tls_version() :: 'tlsv1.2' | 'tlsv1.3' | tls_legacy_version(). --type tls_version_tuple() :: {3,0} | {3,1} | {3,2} | {3,3} | {3,4}. -type dtls_version() :: 'dtlsv1.2' | dtls_legacy_version(). --type dtls_version_tuple() :: {254,254} | {254,253}. -type tls_legacy_version() :: tlsv1 | 'tlsv1.1' | sslv3. -type dtls_legacy_version() :: 'dtlsv1'. -type verify_type() :: verify_none | verify_peer. @@ -1083,27 +1079,23 @@ eccs() -> %%-------------------------------------------------------------------- -spec eccs(Version) -> NamedCurves when - Version :: protocol_version() | protocol_version_tuple(), + Version :: protocol_version(), NamedCurves :: [named_curve()]. %% Description: returns the curves supported for a given version of %% ssl/tls. %%-------------------------------------------------------------------- -eccs({3,0}) -> +eccs(sslv3) -> []; -eccs({3,_}) -> - Curves = tls_v1:ecc_curves(all), - eccs_filter_supported(Curves); -eccs({254,_} = Version) -> - eccs(dtls_v1:corresponding_tls_version(Version)); +eccs('dtlsv1') -> + eccs('tlsv1.1'); +eccs('dtlsv1.2') -> + eccs('tlsv1.2'); eccs(Version) when Version == 'tlsv1.2'; Version == 'tlsv1.1'; - Version == tlsv1; - Version == sslv3 -> - eccs(tls_record:protocol_version(Version)); -eccs(Version) when Version == 'dtlsv1.2'; - Version == 'dtlsv1'-> - eccs(dtls_v1:corresponding_tls_version(dtls_record:protocol_version(Version))). + Version == tlsv1 -> + Curves = tls_v1:ecc_curves(all), + eccs_filter_supported(Curves). eccs_filter_supported(Curves) -> CryptoCurves = crypto:ec_curves(), diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl index 56e6117cc4..20d9f28512 100644 --- a/lib/ssl/test/ssl_basic_SUITE.erl +++ b/lib/ssl/test/ssl_basic_SUITE.erl @@ -1832,14 +1832,12 @@ eccs() -> eccs(Config) when is_list(Config) -> [_|_] = All = ssl:eccs(), - [] = SSL3 = ssl:eccs({3,0}), - [_|_] = Tls = ssl:eccs({3,1}), - [_|_] = Tls1 = ssl:eccs({3,2}), - [_|_] = Tls2 = ssl:eccs({3,3}), [] = SSL3 = ssl:eccs(sslv3), [_|_] = Tls = ssl:eccs(tlsv1), [_|_] = Tls1 = ssl:eccs('tlsv1.1'), [_|_] = Tls2 = ssl:eccs('tlsv1.2'), + [_|_] = Tls1 = ssl:eccs('dtlsv1'), + [_|_] = Tls2 = ssl:eccs('dtlsv1.2'), %% ordering is currently unverified by the test true = lists:sort(All) =:= lists:usort(SSL3 ++ Tls ++ Tls1 ++ Tls2), ok. -- cgit v1.2.3 From 3008d77a2c93b45c45da1739d63abf2f476ad490 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C3=A9ter=20Dimitrov?= Date: Wed, 24 Apr 2019 13:14:12 +0200 Subject: ssl: Update type spec of ssl:suite_to_str/1 Change-Id: I7987e80cca7af184a9f40cdcd8ea8f07c318ba0d --- lib/ssl/doc/src/ssl.xml | 2 +- lib/ssl/src/ssl.erl | 14 +++++++++----- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 8e4c21ba02..27046a8434 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -1600,7 +1600,7 @@ fun(srp, Username :: string(), UserState :: term()) -> - + Returns the string representation of a cipher suite.

Returns the string representation of a cipher suite.

diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl index f4941fe0bf..65578ebe53 100644 --- a/lib/ssl/src/ssl.erl +++ b/lib/ssl/src/ssl.erl @@ -118,7 +118,6 @@ aes_128_ccm_8 | aes_256_ccm_8 | chacha20_poly1305 | - null | legacy_cipher(). % exported -type legacy_cipher() :: rc4_128 | des_cbc | @@ -126,8 +125,7 @@ -type hash() :: sha | sha2() | - legacy_hash() | - null. % exported + legacy_hash(). % exported -type sha2() :: sha224 | sha256 | @@ -158,7 +156,7 @@ srp_rsa| srp_dss | psk | dhe_psk | rsa_psk | dh_anon | ecdh_anon | srp_anon | - any | null. %% TLS 1.3 , exported + any. %% TLS 1.3 , exported -type erl_cipher_suite() :: #{key_exchange := kex_algo(), cipher := cipher(), mac := hash() | aead, @@ -1379,7 +1377,13 @@ tls_version({254, _} = Version) -> %%-------------------------------------------------------------------- -spec suite_to_str(CipherSuite) -> string() when - CipherSuite :: erl_cipher_suite(). + CipherSuite :: erl_cipher_suite(); + (CipherSuite) -> string() when + %% For internal use! + CipherSuite :: #{key_exchange := null, + cipher := null, + mac := null, + prf := null}. %% %% Description: Return the string representation of a cipher suite. %%-------------------------------------------------------------------- -- cgit v1.2.3 From 2323f49b7d43213a7f54247b4b1b3d3a6d17ff76 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C3=A9ter=20Dimitrov?= Date: Wed, 24 Apr 2019 15:10:16 +0200 Subject: ssl: Refer documentation of HttpPacket from erts Do not document http_packet() in ssl but refer to description of erlang:decode_packet/3. Change-Id: Ib2d0e4fc9605e40fe98bb249bc17fc39046d137a --- lib/ssl/doc/src/ssl.xml | 45 ++++------------------------- lib/ssl/src/ssl.erl | 75 ++++--------------------------------------------- 2 files changed, 10 insertions(+), 110 deletions(-) diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 27046a8434..d626748af6 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -252,46 +252,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - TLS/DTLS OPTION DESCRIPTIONS - COMMON for SERVER and CLIENT @@ -1495,6 +1455,11 @@ fun(srp, Username :: string(), UserState :: term()) -> Receives data on a socket. + See the description of + HttpPacket in + erlang:decode_packet/3 + in ERTS. +

Receives a packet from a socket in passive mode. A closed socket is indicated by return value diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl index 65578ebe53..e3bb4df1ac 100644 --- a/lib/ssl/src/ssl.erl +++ b/lib/ssl/src/ssl.erl @@ -238,73 +238,6 @@ bad_certificate_hash_value | unknown_psk_identity | no_application_protocol. --type http_packet() :: http_request() | - http_response() | - http_header() | - http_eoh | - http_error(). --type http_request() :: {http_request, http_method(), http_uri(), http_version()}. --type http_response() :: {http_response, http_version(), integer(), http_string()}. --type http_header() :: {http_header, integer(), http_field(), Reserved :: term(), - Value :: http_string()}. --type http_error() :: {http_error, http_string()}. --type http_method() :: 'OPTIONS' | 'GET' | 'HEAD' | 'POST' | 'PUT' | 'DELETE' | 'TRACE'. --type http_uri() :: any(). --type http_version() :: {Major :: integer(), Minor :: integer()}. --type http_field() :: 'Cache-Control' | - 'Connection' | - 'Date' | - 'Pragma' | - 'Transfer-Encoding' | - 'Upgrade' | - 'Via' | - 'Accept' | - 'Accept-Charset' | - 'Accept-Encoding' | - 'Accept-Language' | - 'Authorization' | - 'From' | - 'Host' | - 'If-Modified-Since' | - 'If-Match' | - 'If-None-Match' | - 'If-Range' | - 'If-Unmodified-Since' | - 'Max-Forwards' | - 'Proxy-Authorization' | - 'Range' | - 'Referer' | - 'User-Agent' | - 'Age' | - 'Location' | - 'Proxy-Authenticate' | - 'Public' | - 'Retry-After' | - 'Server' | - 'Vary' | - 'Warning' | - 'Www-Authenticate' | - 'Allow' | - 'Content-Base' | - 'Content-Encoding' | - 'Content-Language' | - 'Content-Length' | - 'Content-Location' | - 'Content-Md5' | - 'Content-Range' | - 'Content-Type' | - 'Etag' | - 'Expires' | - 'Last-Modified' | - 'Accept-Ranges' | - 'Set-Cookie' | - 'Set-Cookie2' | - 'X-Forwarded-For' | - 'Cookie' | - 'Keep-Alive' | - 'Proxy-Connection' | - http_string(). --type http_string() :: string() | binary(). %% ------------------------------------------------------------------------------------------------------- -type common_option() :: {protocol, protocol()} | @@ -835,7 +768,8 @@ send(#sslsocket{pid = {ListenSocket, #config{transport_info = Info}}}, Data) -> -spec recv(SslSocket, Length) -> {ok, Data} | {error, reason()} when SslSocket :: sslsocket(), Length :: integer(), - Data :: binary() | list() | http_packet(). + Data :: binary() | list() | HttpPacket, + HttpPacket :: any(). recv(Socket, Length) -> recv(Socket, Length, infinity). @@ -843,8 +777,9 @@ recv(Socket, Length) -> -spec recv(SslSocket, Length, Timeout) -> {ok, Data} | {error, reason()} when SslSocket :: sslsocket(), Length :: integer(), - Data :: binary() | list() | http_packet(), - Timeout :: timeout(). + Data :: binary() | list() | HttpPacket, + Timeout :: timeout(), + HttpPacket :: any(). recv(#sslsocket{pid = [Pid|_]}, Length, Timeout) when is_pid(Pid), (is_integer(Timeout) andalso Timeout >= 0) or (Timeout == infinity)-> -- cgit v1.2.3