From 04397344762d506ac0286118d36e1a5b330dceb2 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin 
Date: Fri, 5 Feb 2016 17:39:04 +0100
Subject: ssl: Add option signature_algs
In TLS-1.2 The signature algorithm and the hash function algorithm
used to produce the digest that is used when creating the digital signature
may be negotiated through the signature algorithm extension RFC 5246.
We want to make these algorithm pairs configurable.
In connections using lower versions of TLS these algorithms are
implicit defined and can not be negotiated or configured.
DTLS is updated to not cause dialyzer errors, but needs to get a real
implementation later.
---
 lib/ssl/doc/src/ssl.xml | 49 ++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 46 insertions(+), 3 deletions(-)
(limited to 'lib/ssl/doc/src')
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index a76d46ee9b..e831f73530 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -421,7 +421,6 @@ fun(srp, Username :: string(), UserState :: term()) ->
 
         Using {padding_check, boolean()} makes TLS
 	vulnerable to the Poodle attack.
-
   
   
   
@@ -522,9 +521,45 @@ fun(srp, Username :: string(), UserState :: term()) ->
 	 be supported by the server for the prevention to work.
 	
       
-    
+      {signature_algs, [{hash(), ecdsa | rsa | dsa}]}
+	- 
+	In addition to the algorithms negotiated by the cipher
+	suite used for key exchange, payload encryption, message
+	authentication and pseudo random calculation, the TLS signature
+	algorithm extension Section 7.4.1.4.1 in RFC 5246 may be
+	used, from TLS 1.2, to negotiate which signature algorithm to use during the
+	TLS handshake. If no lower TLS versions than 1.2 are supported,
+	the client will send a TLS signature algorithm extension
+	with the algorithms specified by this option.
+	Defaults to
+	
+	[
+%% SHA2
+{sha512, ecdsa},
+{sha512, rsa},
+{sha384, ecdsa},
+{sha384, rsa},
+{sha256, ecdsa},
+{sha256, rsa},
+{sha224, ecdsa},
+{sha224, rsa},
+%% SHA
+{sha, ecdsa},
+{sha, rsa},
+{sha, dsa},
+%% MD5
+{md5, rsa}
+]+	
+	The algorithms should be in the preferred order.
+	Selected signature algorithm can restrict which hash functions
+	that may be selected.
+
 +
+      
    
-
+   
   
     SSL OPTION DESCRIPTIONS - SERVER SIDE
 
@@ -651,6 +686,14 @@ fun(srp, Username :: string(), UserState :: term()) ->- If true, use the server's preference for cipher selection. If false
       (the default), use the client's preference.
       +      
+      {signature_algs, [{hash(), ecdsa | rsa | dsa}]}
+
-  The algorithms specified by
+      this option will be the ones accepted by the server in a signature algorithm
+      negotiation, introduced in TLS-1.2. The algorithms will also be offered to the client if a
+      client certificate is requested. For more details see the corresponding client option.
+       
+
     
   
   
-- 
cgit v1.2.3
From ed3f30209985c9bbe097b6bdfff19d696ee56762 Mon Sep 17 00:00:00 2001
From: Erlang/OTP 
Date: Tue, 26 Apr 2016 12:01:15 +0200
Subject: Update release notes
---
 lib/ssl/doc/src/notes.xml | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
(limited to 'lib/ssl/doc/src')
diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml
index e5070bc247..4177e0351c 100644
--- a/lib/ssl/doc/src/notes.xml
+++ b/lib/ssl/doc/src/notes.xml
@@ -28,6 +28,36 @@This document describes the changes made to the SSL application.
 
 
+SSL 7.3.1
+
+    Fixed Bugs and Malfunctions
+      
+        - 
+          
+	    Corrections to cipher suite handling using the 3 and 4
+	    tuple format in addition to commit
+	    89d7e21cf4ae988c57c8ef047bfe85127875c70c +
+	    Own Id: OTP-13511 +
+
+    
+
+
+    Improvements and New Features
+
+        - 
+          
+	    Make values for the TLS-1.2 signature_algorithms
+	    extension configurable +
+	    Own Id: OTP-13261 +
+
+    
+
+
+
 SSL 7.3
 
     Fixed Bugs and Malfunctions
-- 
cgit v1.2.3