From fcc70b93b435746cb2f574a541072be295cae8c8 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Tue, 8 Jun 2010 07:01:19 +0000 Subject: Updated for ssl-3.11.1 --- lib/ssl/doc/src/new_ssl.xml | 14 ++++++++-- lib/ssl/doc/src/notes.xml | 67 +++++++++++++++++++++++++++++++++++++++++++++ lib/ssl/vsn.mk | 7 +++-- 3 files changed, 84 insertions(+), 4 deletions(-) diff --git a/lib/ssl/doc/src/new_ssl.xml b/lib/ssl/doc/src/new_ssl.xml index 4ffaa9d96a..69298759bd 100644 --- a/lib/ssl/doc/src/new_ssl.xml +++ b/lib/ssl/doc/src/new_ssl.xml @@ -22,7 +22,6 @@ The Initial Developer of the Original Code is Ericsson AB. - ssl Ingela Anderton Andin Ingela Anderton Andin @@ -83,7 +82,7 @@ meaningless pid. New API functions are ssl:shutdown/2, ssl:cipher_suites/[0,1] and - ssl:versions/0 + ssl:versions/0, ssl:renegotiate/1 CRL and policy certificate extensions are not supported yet. Supported SSL/TLS-versions are SSL-3.0 and TLS-1.0 @@ -408,6 +407,17 @@ end + + format_error(Reason) -> string() + Return an error string. + + Reason = term() + + +

Presents the error returned by an ssl function as a printable string.

+ + + getopts(Socket) -> getopts(Socket, OptionNames) -> diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 9d13427677..8028e94484 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -30,6 +30,73 @@

This document describes the changes made to the SSL application.

+ +
SSL 3.11.1 + +
Fixed Bugs and Malfunctions + + +

+ Fixed handling of several ssl/tls packets arriving at the + same time. This was broken during a refactoring of the + code.

+

+ Own Id: OTP-8679

+ + +
+ +
Improvements and New Features + + +

+ Added missing checks for padding and Mac value. Removed + code for export ciphers and DH certificates as we decided + not to support them.

+

+ Own Id: OTP-7047

+ + +

+ New ssl will no longer return esslerrssl to be backwards + compatible with old ssl as this hids infomation from the + user. format_error/1 has been updated to support new ssl.

+

+ *** POTENTIAL INCOMPATIBILITY ***

+

+ Own Id: OTP-7049

+ + +

+ New ssl now supports secure renegotiation as described by + RFC 5746.

+

+ Own Id: OTP-8568

+ + +

+ New ssl now support client/server-certificates signed by + dsa keys.

+

+ Own Id: OTP-8587

+ + +

+ Alert handling has been improved to better handle + unexpected but valid messages and the implementation is + also changed to avoid timing related issues that could + cause different error messages depending on network + latency. Packet handling was sort of broken but would + mostly work as expected when socket was in binary mode. + This has now been fixed.

+

+ Own Id: OTP-8588

+ + +
+ +
+
SSL 3.11
Fixed Bugs and Malfunctions diff --git a/lib/ssl/vsn.mk b/lib/ssl/vsn.mk index e3db7008e3..5d8be1cd0b 100644 --- a/lib/ssl/vsn.mk +++ b/lib/ssl/vsn.mk @@ -19,9 +19,12 @@ SSL_VSN = 3.11.1 -TICKETS = OTP-8588 \ +TICKETS = OTP-8679 \ + OTP-7047 \ + OTP-7049 \ OTP-8568 \ - OTP-7049 + OTP-8587 \ + OTP-8588 #TICKETS_3.11 = OTP-8517 \ # OTP-7046 \ -- cgit v1.2.3