From e5875001247e6a6ac4f474157a51a8c54f94ae49 Mon Sep 17 00:00:00 2001 From: Hans Bolinder Date: Thu, 14 Mar 2013 16:01:25 +0100 Subject: Convert XML files to UTF-8 --- lib/ssl/doc/src/book.xml | 4 ++-- lib/ssl/doc/src/fascicules.xml | 2 +- lib/ssl/doc/src/notes.xml | 2 +- lib/ssl/doc/src/pkix_certs.xml | 4 ++-- lib/ssl/doc/src/refman.xml | 4 ++-- lib/ssl/doc/src/release_notes.xml | 4 ++-- lib/ssl/doc/src/ssl.xml | 2 +- lib/ssl/doc/src/ssl_app.xml | 2 +- lib/ssl/doc/src/ssl_distribution.xml | 4 ++-- lib/ssl/doc/src/ssl_protocol.xml | 4 ++-- lib/ssl/doc/src/ssl_session_cache_api.xml | 4 ++-- lib/ssl/doc/src/usersguide.xml | 4 ++-- lib/ssl/doc/src/using_ssl.xml | 4 ++-- 13 files changed, 22 insertions(+), 22 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/book.xml b/lib/ssl/doc/src/book.xml index ecfb915b44..317997b22b 100644 --- a/lib/ssl/doc/src/book.xml +++ b/lib/ssl/doc/src/book.xml @@ -1,10 +1,10 @@ - +
- 19992011 + 19992013 Ericsson AB. All Rights Reserved. diff --git a/lib/ssl/doc/src/fascicules.xml b/lib/ssl/doc/src/fascicules.xml index 7ee764fda3..7a60e8dd1f 100644 --- a/lib/ssl/doc/src/fascicules.xml +++ b/lib/ssl/doc/src/fascicules.xml @@ -1,4 +1,4 @@ - + diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index a61f52b809..d5b7bdf8b8 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -1,4 +1,4 @@ - + diff --git a/lib/ssl/doc/src/pkix_certs.xml b/lib/ssl/doc/src/pkix_certs.xml index 1de807cadc..cfbc6b08d7 100644 --- a/lib/ssl/doc/src/pkix_certs.xml +++ b/lib/ssl/doc/src/pkix_certs.xml @@ -1,10 +1,10 @@ - +
- 20032009 + 20032013 Ericsson AB. All Rights Reserved. diff --git a/lib/ssl/doc/src/refman.xml b/lib/ssl/doc/src/refman.xml index 011819e82b..ae11198edb 100644 --- a/lib/ssl/doc/src/refman.xml +++ b/lib/ssl/doc/src/refman.xml @@ -1,10 +1,10 @@ - +
- 19992011 + 19992013 Ericsson AB. All Rights Reserved. diff --git a/lib/ssl/doc/src/release_notes.xml b/lib/ssl/doc/src/release_notes.xml index e7c766bb91..123e8e1451 100644 --- a/lib/ssl/doc/src/release_notes.xml +++ b/lib/ssl/doc/src/release_notes.xml @@ -1,10 +1,10 @@ - +
- 19992009 + 19992013 Ericsson AB. All Rights Reserved. diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index d5615fecfc..1ea3e5c6ec 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -1,4 +1,4 @@ - + diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index 0ee5b23e47..43cb3934f7 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -1,4 +1,4 @@ - + diff --git a/lib/ssl/doc/src/ssl_distribution.xml b/lib/ssl/doc/src/ssl_distribution.xml index 4ae4ead3ee..4b4d042f70 100644 --- a/lib/ssl/doc/src/ssl_distribution.xml +++ b/lib/ssl/doc/src/ssl_distribution.xml @@ -1,10 +1,10 @@ - +
- 20002011 + 20002013 Ericsson AB. All Rights Reserved. diff --git a/lib/ssl/doc/src/ssl_protocol.xml b/lib/ssl/doc/src/ssl_protocol.xml index f540dc999b..cdfafe224b 100644 --- a/lib/ssl/doc/src/ssl_protocol.xml +++ b/lib/ssl/doc/src/ssl_protocol.xml @@ -1,10 +1,10 @@ - +
- 20032012 + 20032013 Ericsson AB. All Rights Reserved. diff --git a/lib/ssl/doc/src/ssl_session_cache_api.xml b/lib/ssl/doc/src/ssl_session_cache_api.xml index e0b07961fb..82de1784ca 100644 --- a/lib/ssl/doc/src/ssl_session_cache_api.xml +++ b/lib/ssl/doc/src/ssl_session_cache_api.xml @@ -1,10 +1,10 @@ - +
- 19992010 + 19992013 Ericsson AB. All Rights Reserved. diff --git a/lib/ssl/doc/src/usersguide.xml b/lib/ssl/doc/src/usersguide.xml index 6528c00a0b..b1c7190085 100644 --- a/lib/ssl/doc/src/usersguide.xml +++ b/lib/ssl/doc/src/usersguide.xml @@ -1,10 +1,10 @@ - +
- 20002010 + 20002013 Ericsson AB. All Rights Reserved. diff --git a/lib/ssl/doc/src/using_ssl.xml b/lib/ssl/doc/src/using_ssl.xml index ab837a156a..cce388d02a 100644 --- a/lib/ssl/doc/src/using_ssl.xml +++ b/lib/ssl/doc/src/using_ssl.xml @@ -1,10 +1,10 @@ - +
- 20032011 + 20032013 Ericsson AB. All Rights Reserved. -- cgit v1.2.3 From c72b20183a780c7199d3959f09eb88c1a930a064 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Wed, 21 Aug 2013 12:57:12 +0200 Subject: Update release notes --- lib/ssl/doc/src/notes.xml | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 49bbd5d27d..2ef5e331a8 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -30,7 +30,23 @@

This document describes the changes made to the SSL application.

-
SSL 5.1.2 +
SSL 5.1.2.1 + +
Improvements and New Features + + +

+ Make log_alert configurable as option in ssl, SSLLogLevel + added as option to inets conf file

+

+ Own Id: OTP-11259

+ + +
+ +
+ +
SSL 5.1.2
Fixed Bugs and Malfunctions -- cgit v1.2.3 From ede48cb459a6d075edd0fd2855f6b3672d8f3625 Mon Sep 17 00:00:00 2001 From: Fredrik Gustafsson Date: Tue, 27 Aug 2013 13:58:07 +0200 Subject: ssl: documentation regarding log_alert --- lib/ssl/doc/src/ssl.xml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 1645eb15f3..6029a09730 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -86,7 +86,8 @@ {user_lookup_fun, {fun(), term()}}, {psk_identity, string()}, {srp_identity, {string(), string()}} | {ssl_imp, ssl_imp()} | {reuse_sessions, boolean()} | {reuse_session, fun()} {next_protocols_advertised, [binary()]} | - {client_preferred_next_protocols, client | server, [binary()]} + {client_preferred_next_protocols, client | server, [binary()]} | + {log_alert, boolean()}

transportoption() = {cb_info, {CallbackModule::atom(), DataTag::atom(), ClosedTag::atom(), ErrTag:atom()}} @@ -446,7 +447,8 @@ fun(srp, Username :: string(), UserState :: term()) -> {psk_identity, string()} Specifies the server identity hint the server presents to the client. - + {log_alert, boolean()} + If false, error reports will not be displayed.

-- cgit v1.2.3 From 20641fe0f2ea745873fc7557448d3a7deb1bd639 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Mon, 16 Sep 2013 20:11:53 +0200 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 64 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 63 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 301ff21068..9f706d435e 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -25,7 +25,69 @@ notes.xml

This document describes the changes made to the SSL application.

-
SSL 5.3 +
SSL 5.3.1 + +
Fixed Bugs and Malfunctions + + +

+ Setopts during renegotiation caused the renegotiation to + be unsuccessful.

+

+ If calling setopts during a renegotiation the FSM state + might change during the handling of the setopts messages, + this is now handled correctly.

+

+ Own Id: OTP-11228

+ + +

+ Now handles signature_algorithm field in digitally_signed + properly with proper defaults. Prior to this change some + elliptic curve cipher suites could fail reporting the + error "bad certificate".

+

+ Own Id: OTP-11229

+ + +

+ The code emulating the inet header option was changed in + the belief that it made it inet compatible. However the + testing is a bit hairy as the inet option is actually + broken, now the tests are corrected and the header option + should work in the same broken way as inet again, + preferably use the bitsyntax instead.

+

+ Own Id: OTP-11230

+ + +
+ + +
Improvements and New Features + + +

+ Make the ssl manager name for erlang distribution over + SSL/TLS relative to the module name of the ssl_manager.

+

+ This can be beneficial when making tools that rename + modules for internal processing in the tool.

+

+ Own Id: OTP-11255

+ + +

+ Add documentation regarding log_alert option.

+

+ Own Id: OTP-11271

+ + +
+ +
+ +
SSL 5.3
Fixed Bugs and Malfunctions -- cgit v1.2.3 From 1fd424859cfaebd371a08ab5977623dd20d28067 Mon Sep 17 00:00:00 2001 From: Julien Barbot Date: Thu, 31 Oct 2013 17:33:13 +0100 Subject: Fix client_preferred_next_protocols documentation --- lib/ssl/doc/src/ssl.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 6029a09730..445a47c07b 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -86,7 +86,7 @@ {user_lookup_fun, {fun(), term()}}, {psk_identity, string()}, {srp_identity, {string(), string()}} | {ssl_imp, ssl_imp()} | {reuse_sessions, boolean()} | {reuse_session, fun()} {next_protocols_advertised, [binary()]} | - {client_preferred_next_protocols, client | server, [binary()]} | + {client_preferred_next_protocols, {client | server, [binary()]} | {client | server, [binary()], binary()}} | {log_alert, boolean()}

@@ -353,8 +353,8 @@ fun(srp, Username :: string(), UserState :: term()) -> when possible. - {client_preferred_next_protocols, Precedence :: server | client, ClientPrefs :: [binary()]} - {client_preferred_next_protocols, Precedence :: server | client, ClientPrefs :: [binary()], Default :: binary()} + {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()]}} + {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()], Default :: binary()}}

Indicates the client will try to perform Next Protocol Negotiation.

-- cgit v1.2.3 From bc8b6bf58c96f8d5a07146ddea145f71fe8c8956 Mon Sep 17 00:00:00 2001 From: Julien Barbot Date: Tue, 29 Oct 2013 22:29:01 +0100 Subject: Add SSL Server Name Indication (SNI) client support See RFC 6066 section 3 --- lib/ssl/doc/src/ssl.xml | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 445a47c07b..aac04095b4 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -52,6 +52,8 @@ CRL and policy certificate extensions are not supported yet. However CRL verification is supported by public_key, only not integrated in ssl yet. + Support for 'Server Name Indication' extension client side + (RFC 6066 section 3).
-- cgit v1.2.3 From d370fe05f5884691a89784aa73bfb4eb2176edab Mon Sep 17 00:00:00 2001 From: Julien Barbot Date: Sun, 3 Nov 2013 21:30:03 +0100 Subject: Add a new server_name_indication option to ssl:connect - Set to disable to explicitly disable SNI support. - Set to a hostname when upgrading from TCP to TLS. --- lib/ssl/doc/src/ssl.xml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index aac04095b4..b4182e6d61 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -89,7 +89,7 @@ {ssl_imp, ssl_imp()} | {reuse_sessions, boolean()} | {reuse_session, fun()} {next_protocols_advertised, [binary()]} | {client_preferred_next_protocols, {client | server, [binary()]} | {client | server, [binary()], binary()}} | - {log_alert, boolean()} + {log_alert, boolean()} | {server_name_indication, hostname() | disable}

transportoption() = {cb_info, {CallbackModule::atom(), DataTag::atom(), ClosedTag::atom(), ErrTag:atom()}} @@ -384,6 +384,14 @@ fun(srp, Username :: string(), UserState :: term()) -> {srp_identity, {Username :: string(), Password :: string()} Specifies the Username and Password to use to authenticate to the server. + {server_name_indication, hostname()} + {server_name_indication, disable} + +

This option can be specified when upgrading a tcp socket to a tls + socket to use the TLS Server Name Indication extension.

+

This option can also be set to disable to explicitly disable usage of + the Server Name Indication extension.

+
-- cgit v1.2.3 From 06d4f009136b853cd8b50a6b5e8ae0ff5bb54041 Mon Sep 17 00:00:00 2001 From: Julien Barbot Date: Mon, 4 Nov 2013 10:19:04 +0100 Subject: Update documentation --- lib/ssl/doc/src/ssl.xml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index b4182e6d61..19c0c8c9ee 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -387,10 +387,11 @@ fun(srp, Username :: string(), UserState :: term()) -> {server_name_indication, hostname()} {server_name_indication, disable} -

This option can be specified when upgrading a tcp socket to a tls +

This option can be specified when upgrading a TCP socket to a TLS socket to use the TLS Server Name Indication extension.

-

This option can also be set to disable to explicitly disable usage of - the Server Name Indication extension.

+

When starting a TLS connection without upgrade the Server Name + Indication extension will be sent if possible, this option may also be + used to disable that behavior.
-- cgit v1.2.3 From 0d57daec5738447eb033681834146bf31dfd266c Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Tue, 19 Nov 2013 16:05:24 +0100 Subject: ftp,ssl: Fixes broken type link (ssloption). --- lib/ssl/doc/src/ssl.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 19c0c8c9ee..1d74faf1b3 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -76,7 +76,7 @@ gen_tcp(3).

-

ssloption() = {verify, verify_type()} | +

ssloption() = {verify, verify_type()} | {verify_fun, {fun(), term()}} | {fail_if_no_peer_cert, boolean()} {depth, integer()} | -- cgit v1.2.3 From 25237481ccccd3ddfa74582dc267632ad618ba30 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Mon, 9 Dec 2013 20:12:33 +0100 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 64 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 63 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 9f706d435e..b1c34ca669 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -25,7 +25,69 @@ notes.xml

This document describes the changes made to the SSL application.

-
SSL 5.3.1 +
SSL 5.3.2 + +
Fixed Bugs and Malfunctions + + +

+ Honors the clients advertised support of elliptic curves + and no longer sends incorrect elliptic curve extension in + server hello.

+

+ Own Id: OTP-11370

+ + +

+ Fix initialization of DTLS fragment reassembler, in + previously contributed code, for future support of DTLS . + Thanks to Andreas Schultz.

+

+ Own Id: OTP-11376

+ + +

+ Corrected type error in client_preferred_next_protocols + documentation. Thanks to Julien Barbot.

+

+ Own Id: OTP-11457

+ + +
+ + +
Improvements and New Features + + +

+ TLS code has been refactored to prepare for future DTLS + support. Also some DTLS code is in place but not yet + runnable, some of it contributed by Andreas Schultz and + some of it written by the OTP team. Thanks to to Andreas + for his participation.

+

+ Own Id: OTP-11292

+ + +

+ Remove extraneous dev debug code left in the close + function. Thanks to Ken Key.

+

+ Own Id: OTP-11447

+ + +

+ Add SSL Server Name Indication (SNI) client support. + Thanks to Julien Barbot.

+

+ Own Id: OTP-11460

+ + +
+ +
+ +
SSL 5.3.1
Fixed Bugs and Malfunctions -- cgit v1.2.3 From cb16d84c66b6040ca668b2e23ad4e740a3f3d0af Mon Sep 17 00:00:00 2001 From: Andrew Thompson Date: Mon, 21 Oct 2013 23:19:34 -0400 Subject: Implement 'honor_cipher_order' SSL server-side option HonorCipherOrder as implemented in Apache, nginx, lighttpd, etc. This instructs the server to prefer its own cipher ordering rather than the client's and can help protect against things like BEAST while maintaining compatability with clients which only support older ciphers. This code is mostly written by Andrew Thompson, only the test case was added by Andreas Schultz. --- lib/ssl/doc/src/ssl.xml | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 80ef419fb7..910dca3889 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -460,6 +460,10 @@ fun(srp, Username :: string(), UserState :: term()) -> {log_alert, boolean()} If false, error reports will not be displayed. + {honor_cipher_order, boolean()} + If true, use the server's preference for cipher selection. If false + (the default), use the client's preference. +
-- cgit v1.2.3 From 23790daf1a2d384b0fc11c655fa825151d9fa420 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Fri, 24 Jan 2014 12:30:47 +0100 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 36 +++++++++++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index b1c34ca669..141f076eed 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -25,7 +25,41 @@ notes.xml

This document describes the changes made to the SSL application.

-
SSL 5.3.2 +
SSL 5.3.3 + +
Fixed Bugs and Malfunctions + + +

+ Add missing validation of the server_name_indication + option and test for its explicit use. It was not possible + to set or disable the default server_name_indication as + the validation of the option was missing.

+

+ Own Id: OTP-11567

+ + +

+ Elliptic curve selection in server mode now properly + selects a curve suggested by the client, if possible, and + the fallback alternative is changed to a more widely + supported curve.

+

+ Own Id: OTP-11575

+ + +

+ Bug in the TLS hello extension handling caused the server + to behave as it did not understand secure renegotiation.

+

+ Own Id: OTP-11595

+ + +
+ +
+ +
SSL 5.3.2
Fixed Bugs and Malfunctions -- cgit v1.2.3 From cc371d0ded3c705cdbca904e0b452fdf0a500514 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Mon, 24 Feb 2014 11:22:03 +0100 Subject: ssl: Improved documentation of the cacertfile option --- lib/ssl/doc/src/ssl.xml | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 910dca3889..4bc1a9a644 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -4,7 +4,7 @@
- 19992013 + 19992014 Ericsson AB. All Rights Reserved. @@ -184,12 +184,6 @@ The DER encoded trusted certificates. If this option is supplied it will override the cacertfile option. - {cacertfile, path()} - Path to file containing PEM encoded - CA certificates (trusted certificates used for verifying a peer - certificate). May be omitted if you do not want to verify - the peer. - {ciphers, ciphers()} The cipher suites that should be supported. The function cipher_suites/0 can be used to find all ciphers that are @@ -354,7 +348,13 @@ fun(srp, Username :: string(), UserState :: term()) -> Specifies if client should try to reuse sessions when possible. - + + {cacertfile, path()} + The path to a file containing PEM encoded CA certificates. The CA + certificates are used during server authentication and when building the + client certificate chain. + + {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()]}} {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()], Default :: binary()}} @@ -403,7 +403,17 @@ fun(srp, Username :: string(), UserState :: term()) -> meaning in the server than in the client.

- + + {cacertfile, path()} + The path to a file containing PEM encoded CA + certificates. The CA certificates are used to build the server + certificate chain, and for client authentication. Also the CAs + are used in the list of acceptable client CAs passed to the + client when a certificate is requested. May be omitted if there + is no need to verify the client and if there are not any + intermediate CAs for the server certificate. + + {dh, der_encoded()} The DER encoded Diffie Hellman parameters. If this option is supplied it will override the dhfile option. -- cgit v1.2.3 From 396ec26494008e18b573707986e32733e468346d Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Wed, 26 Mar 2014 15:50:40 +0100 Subject: ssl: Add possibility to specify ssl options when calling ssl:ssl_accept --- lib/ssl/doc/src/ssl.xml | 69 ++++++++++++++++++++++++++++--------------------- 1 file changed, 40 insertions(+), 29 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 4bc1a9a644..ffee4bd1af 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -768,39 +768,45 @@ fun(srp, Username :: string(), UserState :: term()) -> - ssl_accept(ListenSocket) -> - ssl_accept(ListenSocket, Timeout) -> ok | {error, Reason} - Perform server-side SSL handshake + ssl_accept(Socket) -> + ssl_accept(Socket, Timeout) -> ok | {error, Reason} + Perform server-side SSL/TLS handshake - ListenSocket = sslsocket() + Socket = sslsocket() Timeout = integer() Reason = term() -

The ssl_accept function establish the SSL connection - on the server side. It should be called directly after - transport_accept, in the spawned server-loop.

+

Performs the SSL/TLS server-side handshake Socket is a socket as returned + by ssl:transport_accept/[1,2] +

- ssl_accept(ListenSocket, SslOptions) -> - ssl_accept(ListenSocket, SslOptions, Timeout) -> {ok, Socket} | {error, Reason} - Perform server-side SSL handshake + ssl_accept(Socket, SslOptions) -> + ssl_accept(Socket, SslOptions, Timeout) -> {ok, Socket} | ok | {error, Reason} + Perform server-side SSL/TLS handshake - ListenSocket = socket() + Socket = socket() | sslsocket() SslOptions = ssloptions() Timeout = integer() Reason = term() -

Upgrades a gen_tcp, or - equivalent, socket to an ssl socket i.e. performs the - ssl server-side handshake.

+

If Socket is a socket() - upgrades a gen_tcp, or equivalent, socket to an ssl socket + i.e. performs the SSL/TLS server-side handshake and returns the ssl socket. +

+

Note that the listen socket should be in {active, false} mode before telling the client that the server is ready to upgrade - and calling this function, otherwise the upgrade may + by calling this function, otherwise the upgrade may or may not succeed depending on timing.

 + +

If Socket is an sslsocket() - provides additional SSL/TLS options to those specified in ssl:listen/2 and then performs the SSL/TLS handshake. +

@@ -842,33 +848,38 @@ fun(srp, Username :: string(), UserState :: term()) -> - transport_accept(Socket) -> - transport_accept(Socket, Timeout) -> + transport_accept(ListenSocket) -> + transport_accept(ListenSocket, Timeout) -> {ok, NewSocket} | {error, Reason} Accept an incoming connection and prepare for ssl_accept - Socket = NewSocket = sslsocket() + ListenSocket = NewSocket = sslsocket() Timeout = integer() Reason = reason()

Accepts an incoming connection request on a listen socket. - ListenSocket must be a socket returned from - listen/2. The socket returned should be passed to - ssl_accept to complete ssl handshaking and - establishing the connection.

+ ListenSocket must be a socket returned from + ssl:listen/2. + The socket returned should be passed to + ssl:ssl_accept[2,3] + to complete handshaking i.e + establishing the SSL/TLS connection.

-

The socket returned can only be used with ssl_accept, - no traffic can be sent or received before that call.

+

The socket returned can only be used with + ssl:ssl_accept[2,3] + no traffic can be sent or received before that call.

The accepted socket inherits the options set for - ListenSocket in listen/2.

+ ListenSocket in ssl:listen/2.

The default - value for Timeout is infinity. If - Timeout is specified, and no connection is accepted - within the given time, {error, timeout} is - returned.

+ value for Timeout is infinity. If + Timeout is specified, and no connection is accepted + within the given time, {error, timeout} is + returned.

 -- cgit v1.2.3 From f719d0fe308f00b85f92c29d7cdf9b0dc20d98a2 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Mon, 7 Apr 2014 19:52:48 +0200 Subject: Update release notes --- lib/ssl/doc/src/notes.xml | 159 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 158 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 0b28b1ebd4..c61b2a9c2f 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -25,7 +25,164 @@ notes.xml

This document describes the changes made to the SSL application.

-
SSL 5.3.3 +
SSL 5.3.4 + +
Fixed Bugs and Malfunctions + + +

+ Fix incorrect dialyzer spec and types, also enhance + documentation.

+

+ Thanks to Ayaz Tuncer.

+

+ Own Id: OTP-11627

+ + +

+ Fix possible mismatch between SSL/TLS version and default + ciphers. Could happen when you specified SSL/TLS-version + in optionlist to listen or accept.

+

+ Own Id: OTP-11712

+ + +

+ Application upgrade (appup) files are corrected for the + following applications:

+

+ asn1, common_test, compiler, crypto, debugger, + dialyzer, edoc, eldap, erl_docgen, et, eunit, gs, hipe, + inets, observer, odbc, os_mon, otp_mibs, parsetools, + percept, public_key, reltool, runtime_tools, ssh, + syntax_tools, test_server, tools, typer, webtool, wx, + xmerl

+

+ A new test utility for testing appup files is added to + test_server. This is now used by most applications in + OTP.

+

+ (Thanks to Tobias Schlager)

+

+ Own Id: OTP-11744

+ + +
+ + +
Improvements and New Features + + +

+ Moved elliptic curve definition from the crypto + NIF/OpenSSL into Erlang code, adds the RFC-5639 brainpool + curves and makes TLS use them (RFC-7027).

+

+ Thanks to Andreas Schultz

+

+ Own Id: OTP-11578

+ + +

+ Unicode adaptations

+

+ Own Id: OTP-11620

+ + +

+ Added option honor_cipher_order. This instructs the + server to prefer its own cipher ordering rather than the + client's and can help protect against things like BEAST + while maintaining compatability with clients which only + support older ciphers.

+

+ Thanks to Andrew Thompson for the implementation, and + Andreas Schultz for the test cases.

+

+ Own Id: OTP-11621

+ + +

+ Replace boolean checking in validate_option with + is_boolean guard.

+

+ Thanks to Andreas Schultz.

+

+ Own Id: OTP-11634

+ + +

+ Some function specs are corrected or moved and some edoc + comments are corrected in order to allow use of edoc. + (Thanks to Pierre Fenoll)

+

+ Own Id: OTP-11702

+ + +

+ Correct clean up of certificate database when certs are + inputed in pure DER format.The incorrect code could cause + a memory leek when certs where inputed in DER. Thanks to + Bernard Duggan for reporting this.

+

+ Own Id: OTP-11733

+ + +

+ Improved documentation of the cacertfile option

+

+ Own Id: OTP-11759 Aux Id: seq12535

+ + +

+ Avoid next protocol negotiation failure due to incorrect + option format.

+

+ Own Id: OTP-11760

+ + +

+ Handle v1 CRLs, with no extensions and fixes issues with + IDP (Issuing Distribution Point) comparison during CRL + validation.

+

+ Thanks to Andrew Thompson

+

+ Own Id: OTP-11761

+ + +

+ Server now ignores client ECC curves that it does not + support instead of crashing.

+

+ Thanks to Danil Zagoskin for reporting the issue and + suggesting a solution.

+

+ Own Id: OTP-11780

+ + +

+ Handle SNI (Server Name Indication) alert + unrecognized_name and gracefully deal with unexpected + alerts.

+

+ Thanks to Masatake Daimon for reporting this.

+

+ Own Id: OTP-11815

+ + +

+ Add possibility to specify ssl options when calling + ssl:ssl_accept

+

+ Own Id: OTP-11837

+ + +
+ +
+ +
SSL 5.3.3
Fixed Bugs and Malfunctions -- cgit v1.2.3 From 77da984614ae462912a1896ba1bb73c798ffd4f8 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Thu, 19 Jun 2014 13:47:21 +0200 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 114 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 113 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index c61b2a9c2f..1b37a2baa2 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -25,7 +25,119 @@ notes.xml

This document describes the changes made to the SSL application.

-
SSL 5.3.4 +
SSL 5.3.5 + +
Fixed Bugs and Malfunctions + + +

+ ssl:recv now returns {error, einval} if applied to a non + passive socket, the same as gen_tcp:recv.

+

+ Thanks to Danil Zagoskin for reporting this issue

+

+ Own Id: OTP-11878

+ + +

+ Corrected handling of default values for + signature_algorithms extension in TLS-1.2 and + corresponding values used in previous versions that does + not support this extension.

+

+ Thanks to Danil Zagoskin

+

+ Own Id: OTP-11886

+ + +

+ Handle socket option inheritance when pooling of accept + sockets is used

+

+ Own Id: OTP-11897

+ + +

+ Make sure that the list of versions, possibly supplied in + the versions option, is not order dependent.

+

+ Thanks to Ransom Richardson for reporting this issue

+

+ Own Id: OTP-11912

+ + +

+ Reject connection if the next_protocol message is sent + twice.

+

+ Own Id: OTP-11926

+ + +

+ Correct options handling when ssl:ssl_accept/3 is called + with new ssl options after calling ssl:listen/2

+

+ Own Id: OTP-11950

+ + +
+ + +
Improvements and New Features + + +

+ Gracefully handle unknown alerts

+

+ Thanks to Atul Atri for reporting this issue

+

+ Own Id: OTP-11874

+ + +

+ Gracefully ignore cipher suites sent by client not + supported by the SSL/TLS version that the client has + negotiated.

+

+ Thanks to Danil Zagoskin for reporting this issue

+

+ Own Id: OTP-11875

+ + +

+ Gracefully handle structured garbage, i.e a client sends + some garbage in a ssl record instead of a valid fragment.

+

+ Thanks to Danil Zagoskin

+

+ Own Id: OTP-11880

+ + +

+ Gracefully handle invalid alerts

+

+ Own Id: OTP-11890

+ + +

+ Generalize handling of default ciphers

+

+ Thanks to Andreas Schultz

+

+ Own Id: OTP-11966

+ + +

+ Make sure change cipher spec is correctly handled

+

+ Own Id: OTP-11975

+ + +
+ +
+ +
SSL 5.3.4
Fixed Bugs and Malfunctions -- cgit v1.2.3 From 63d7fbe5cdf2b714500467b771a237e9ec11aaa8 Mon Sep 17 00:00:00 2001 From: Tuncer Ayaz Date: Sun, 24 Aug 2014 19:05:02 +0200 Subject: Fix misspellings of 'another' --- lib/ssl/doc/src/ssl_protocol.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl_protocol.xml b/lib/ssl/doc/src/ssl_protocol.xml index cdfafe224b..80d9cc4ee8 100644 --- a/lib/ssl/doc/src/ssl_protocol.xml +++ b/lib/ssl/doc/src/ssl_protocol.xml @@ -83,7 +83,7 @@ subject. The certificate is signed with the private key of the issuer of the certificate. A chain of trust is build by having the issuer in its turn being - certified by an other certificate and so on until you reach the + certified by another certificate and so on until you reach the so called root certificate that is self signed i.e. issued by itself.

-- cgit v1.2.3 From 867e3974db7c48d147f1c2c54899c2834ad3ee3d Mon Sep 17 00:00:00 2001 From: Andreas Schultz Date: Sat, 17 May 2014 15:01:46 +0200 Subject: ssl: implement AES128-GCM suites --- lib/ssl/doc/src/ssl.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index ffee4bd1af..77e24ac952 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -136,7 +136,7 @@

cipher() = rc4_128 | des_cbc | '3des_ede_cbc' - | aes_128_cbc | aes_256_cbc

+ | aes_128_cbc | aes_256_cbc | aes_128_gcm | aes_256_gcm

hash() = md5 | sha

-- cgit v1.2.3 From 1c9e0651c4917b63f49d8505dba7e820da8e32d2 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Mon, 1 Sep 2014 15:39:21 +0200 Subject: ssl, public_key: Add new option partial_chain Check that the certificate chain ends with a trusted ROOT CA e.i. a self-signed certificate, but provide an option partial_chain to enable the application to define an intermediat CA as trusted. TLS RFC says: "unknown_ca A valid certificate chain or partial chain was received, but the certificate was not accepted because the CA certificate could not be located or couldn't be matched with a known, trusted CA. This message is always fatal." and also states: "certificate_list This is a sequence (chain) of certificates. The sender's certificate MUST come first in the list. Each following certificate MUST directly certify the one preceding it. Because certificate validation requires that root keys be distributed independently, the self-signed certificate that specifies the root certificate authority MAY be omitted from the chain, under the assumption that the remote end must already possess it in order to validate it in any case." X509 RFC says: "The selection of a trust anchor is a matter of policy: it could be the top CA in a hierarchical PKI, the CA that issued the verifier's own certificate(s), or any other CA in a network PKI. The path validation procedure is the same regardless of the choice of trust anchor. In addition, different applications may rely on different trust anchors, or may accept paths that begin with any of a set of trust anchors." --- lib/ssl/doc/src/ssl.xml | 28 ++++++++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index ffee4bd1af..f14d0b8bb7 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -226,7 +226,7 @@

The verification fun should be defined as:

-fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} | +fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom() | {revoked, atom()}} | {extension, #'Extension'{}}, InitialUserState :: term()) -> {valid, UserState :: term()} | {valid_peer, UserState :: term()} | {fail, Reason :: term()} | {unknown, UserState :: term()}. @@ -252,7 +252,7 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} | always returns {valid, UserState}, the TLS/SSL handshake will not be terminated with respect to verification failures and the connection will be established. If called with an - extension unknown to the user application the return value + extension unknown to the user application, the return value {unknown, UserState} should be used.

The default verify_fun option in verify_peer mode:

@@ -283,9 +283,29 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} | end, []} -

Possible path validation errors:

+

Possible path validation errors are given on the form {bad_cert, Reason} where Reason is:

-

{bad_cert, cert_expired}, {bad_cert, invalid_issuer}, {bad_cert, invalid_signature}, {bad_cert, unknown_ca},{bad_cert, selfsigned_peer}, {bad_cert, name_not_permitted}, {bad_cert, missing_basic_constraint}, {bad_cert, invalid_key_usage}

+ + unknown_ca + No trusted CA was found in the trusted store. The trusted CA is + normally a so called ROOT CA that is a self-signed cert. Trust may + be claimed for an intermediat CA (trusted anchor does not have to be self signed + according to X-509) by using the option partial_chain + + selfsigned_peer + The chain consisted only of one self-signed certificate. + + PKIX X-509-path validation error + Possible such reasons see public_key:pkix_path_validation/3 + + + + + {partial_chain, fun(Chain::[DerCert]) -> {trusted_ca, DerCert} | unknown_ca + + Claim an intermediat CA in the chain as trusted. TLS will then perform the public_key:pkix_path_validation/3 + with the selected CA as trusted anchor and the rest of the chain. {versions, [protocol()]} -- cgit v1.2.3 From 950d808c97a4c5b579f4f1cc16b95f2d419d3505 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Mon, 15 Sep 2014 12:02:14 +0200 Subject: Update release notes --- lib/ssl/doc/src/notes.xml | 42 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 41 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 1b37a2baa2..8643cd3745 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -25,7 +25,47 @@ notes.xml

This document describes the changes made to the SSL application.

-
SSL 5.3.5 +
SSL 5.3.6 + +
Fixed Bugs and Malfunctions + + +

+ Corrected handling of ECC certificates, there where + several small issues with the handling of such + certificates in the ssl and public_key application. Now + ECC signed ECC certificates shall work and not only RSA + signed ECC certificates.

+

+ Own Id: OTP-12026

+ + +

+ Check that the certificate chain ends with a trusted ROOT + CA e.i. a self-signed certificate, but provide an option + partial_chain to enable the application to define an + intermediat CA as trusted.

+

+ Own Id: OTP-12149

+ + +
+ + +
Improvements and New Features + + +

+ Add decode functions for SNI (Server Name Indication)

+

+ Own Id: OTP-12048

+ + +
+ +
+ +
SSL 5.3.5
Fixed Bugs and Malfunctions -- cgit v1.2.3 From 8e0b67645a2d4c2e4e219f18ceaff2aec2b3e57c Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Fri, 3 Oct 2014 14:51:26 +0200 Subject: ssl: Fix link error in documentation --- lib/ssl/doc/src/ssl.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index f14d0b8bb7..b53344e381 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -297,7 +297,7 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom() | {revo PKIX X-509-path validation error Possible such reasons see public_key:pkix_path_validation/3 + marker="public_key:public_key#pkix_path_validation-3"> public_key:pkix_path_validation/3 -- cgit v1.2.3 From 4e8e9be11bdcf852565fdf3612a6899950ea3f39 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Mon, 13 Oct 2014 09:39:01 +0200 Subject: Update release notes --- lib/ssl/doc/src/notes.xml | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 8643cd3745..62e9bd0165 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -25,7 +25,23 @@ notes.xml

This document describes the changes made to the SSL application.

-
SSL 5.3.6 +
SSL 5.3.7 + +
Fixed Bugs and Malfunctions + + +

+ Handle the fact that servers may send an empty SNI + extension to the client.

+

+ Own Id: OTP-12198

+ + +
+ +
+ +
SSL 5.3.6
Fixed Bugs and Malfunctions -- cgit v1.2.3 From a60c126e813cdef73ff6fbd4dc5414f385d2c8c6 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Mon, 11 Aug 2014 17:22:36 +0200 Subject: ssl: Separate session cache for client and server Even though in the most common case an erlang node will not be both client and server, it may happen (for instance when running the erlang ditribution over TLS). Also try to mitigate the affect of dumb clients that could cause a very lagre session cache on the client side that can cause long delays in the client. The server will have other means to handle a large session table and will not do any select operations on it anyhow. --- lib/ssl/doc/src/ssl_app.xml | 6 +++--- lib/ssl/doc/src/ssl_session_cache_api.xml | 20 ++++++++++++++------ 2 files changed, 17 insertions(+), 9 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index 43cb3934f7..c8024548b5 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -4,7 +4,7 @@
- 19992013 + 19992014 Ericsson AB. All Rights Reserved. @@ -75,10 +75,10 @@

- ]]> + ]]>

- List of arguments to the init function in session cache + List of additional user defined arguments to the init function in session cache callback module, defaults to [].

diff --git a/lib/ssl/doc/src/ssl_session_cache_api.xml b/lib/ssl/doc/src/ssl_session_cache_api.xml index 82de1784ca..cb97bbfbb2 100644 --- a/lib/ssl/doc/src/ssl_session_cache_api.xml +++ b/lib/ssl/doc/src/ssl_session_cache_api.xml @@ -4,7 +4,7 @@
- 19992013 + 19992014 Ericsson AB. All Rights Reserved. @@ -79,17 +79,25 @@ - init() -> opaque() + init(Args) -> opaque() Return cache reference - + Args = proplists:proplist() + Will always include the property {role, client | server}. Currently this + is the only predefined property, there may also be user defined properties. + See also application environment variable + session_cb_init_args +

Performs possible initializations of the cache and returns a reference to it that will be used as parameter to the other - api functions. Will be called by the cache handling processes - init function, hence putting the same requirements on it as - a normal process init function. + API functions. Will be called by the cache handling processes + init function, hence putting the same requirements on it as a + normal process init function. Note that this function will be + called twice when starting the ssl application, once with the + role client and once with the role server, as the ssl application + must be prepared to take on both roles.

-- cgit v1.2.3 From 7f3486a5ddc02a366f2945dfd009c4a2697a2b98 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Tue, 9 Dec 2014 15:21:47 +0100 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 31 ++++++++++++++++++++++++++++++- 1 file changed, 30 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 62e9bd0165..4349e5a456 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -25,7 +25,36 @@ notes.xml

This document describes the changes made to the SSL application.

-
SSL 5.3.7 +
SSL 5.3.8 + +
Fixed Bugs and Malfunctions + + +

+ Make sure the clean rule for ssh, ssl, eunit and otp_mibs + actually removes generated files.

+

+ Own Id: OTP-12200

+ + +
+ + +
Improvements and New Features + + +

+ Change code to reflect that state data may be secret to + avoid breaking dialyzer contracts.

+

+ Own Id: OTP-12341

+ + +
+ +
+ +
SSL 5.3.7
Fixed Bugs and Malfunctions -- cgit v1.2.3 From e53c55dd0ab69982bc511396ccf8655d27c6d38c Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Tue, 13 Jan 2015 15:16:20 +0100 Subject: ssl: Reenable padding check for TLS-1.0 and provide backwards compatible disable option Conflicts: lib/ssl/src/ssl_cipher.erl lib/ssl/src/ssl_record.erl lib/ssl/src/tls_record.erl lib/ssl/test/ssl_cipher_SUITE.erl --- lib/ssl/doc/src/ssl.xml | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index b53344e381..39b9b70579 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -4,7 +4,7 @@
- 19992014 + 19992015 Ericsson AB. All Rights Reserved. @@ -348,11 +348,23 @@ fun(srp, Username :: string(), UserState :: term()) ->

+ {padding_check, boolean()} + +

This option only affects TLS-1.0 connections. + If set to false it disables the block cipher padding check + to be able to interoperate with legacy software. +

+ +

Using this option makes TLS vulnerable to + the Poodle attack

 + + + - +
- -
+ +
SSL OPTION DESCRIPTIONS - CLIENT SIDE

Options described here are client specific or has a slightly different -- cgit v1.2.3 From 69de799fdce1c4cc5a582df6f2a86ccd3e62c3a9 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Mon, 12 Jan 2015 12:15:22 +0100 Subject: ssl: Remove sslv3 from the default supported protocol versions --- lib/ssl/doc/src/ssl.xml | 40 ++++++++++++++++++++++++++++++---------- 1 file changed, 30 insertions(+), 10 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 83e5ed82bb..bd2cb70e3f 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -4,7 +4,7 @@

- 19992014 + 19992015 Ericsson AB. All Rights Reserved. @@ -38,7 +38,9 @@ ssl requires the crypto and public_key applications. Supported SSL/TLS-versions are SSL-3.0, TLS-1.0, TLS-1.1 and TLS-1.2. - For security reasons sslv2 is not supported. + For security reasons SSL-2.0 is not supported. + For security reasons SSL-3.0 is no longer supported by default, + but may be configured. Ephemeral Diffie-Hellman cipher suites are supported but not Diffie Hellman Certificates cipher suites. Elliptic Curve cipher suites are supported if crypto @@ -302,7 +304,7 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom() | {revo - {partial_chain, fun(Chain::[DerCert]) -> {trusted_ca, DerCert} | unknown_ca + {partial_chain, fun(Chain::[DerCert]) -> {trusted_ca, DerCert} | unknown_ca } Claim an intermediat CA in the chain as trusted. TLS will then perform the public_key:pkix_path_validation/3 with the selected CA as trusted anchor and the rest of the chain. @@ -311,7 +313,7 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom() | {revo {versions, [protocol()]} TLS protocol versions that will be supported by started clients and servers. This option overrides the application environment option protocol_version. If the - environment option is not set it defaults to all versions supported by the SSL application. See also + environment option is not set it defaults to all versions, except SSL-3.0, supported by the SSL application. See also ssl(6) @@ -904,19 +906,37 @@ fun(srp, Username :: string(), UserState :: term()) -> - versions() -> - [{SslAppVer, SupportedSslVer, AvailableSslVsn}] + versions() -> [versions_info()] Returns version information relevant for the ssl application. - SslAppVer = string() - SupportedSslVer = [protocol()] - AvailableSslVsn = [protocol()] + versions_info() = {app_vsn, string()} | {supported | available, [protocol()]

Returns version information relevant for the - ssl application.

+ ssl application. +

+ + app_vsn + The application version of the OTP ssl application. + + supported + + TLS/SSL versions supported by default. + Overridden by a versions option on + connect/[2,3,4], listen/2 and ssl_accept/[1,2,3]. For the + negotiated TLS/SSL version see ssl:connection_info/1 + + + available + All TLS/SSL versions that the Erlang ssl application + can support. Note that TLS 1.2 requires sufficient support + from the crypto application. + -- cgit v1.2.3 From 519b07bca04bdd8585b48f2de6b7124ca6455358 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Tue, 13 Jan 2015 15:16:20 +0100 Subject: ssl: Reenable padding check for TLS-1.0 and provide backwards compatible disable option --- lib/ssl/doc/src/ssl.xml | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index bd2cb70e3f..d77c6440b0 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -350,11 +350,23 @@ fun(srp, Username :: string(), UserState :: term()) ->

+ {padding_check, boolean()} + +

This option only affects TLS-1.0 connections. + If set to false it disables the block cipher padding check + to be able to interoperate with legacy software. +

+ +

Using this option makes TLS vulnerable to + the Poodle attack

 + + + - +
- -
+ +
SSL OPTION DESCRIPTIONS - CLIENT SIDE

Options described here are client specific or has a slightly different -- cgit v1.2.3 From fa9fda4a50ad92bb55f2a5707f0ec1dc7cf47d79 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Mon, 2 Feb 2015 14:15:15 +0100 Subject: ssl: Improve PEM cache by validating entries The PEM cache is now validated by a background process, instead of always keeping it if it is small enough and clearing it otherwhiss. That strategy required that small caches where cleared by API function if a file changes on disk. However document the clearing API function as it can still be usefull. --- lib/ssl/doc/src/ssl.xml | 16 ++++++++++++++-- lib/ssl/doc/src/ssl_app.xml | 13 +++++++++++-- 2 files changed, 25 insertions(+), 4 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 39b9b70579..249fee5760 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -163,7 +163,7 @@ is supplied it will override the certfile option. {certfile, path()} - Path to a file containing the user's certificate. + Path to a file containing the user's PEM encoded certificate. {key, {'RSAPrivateKey'| 'DSAPrivateKey' | 'ECPrivateKey' |'PrivateKeyInfo', der_encoded()}} The DER encoded users private key. If this option @@ -550,7 +550,19 @@ fun(srp, Username :: string(), UserState :: term()) ->

- + + + clear_pem_cache() -> ok + Clears the pem cache + +

PEM files, used by ssl API-functions, are cached. The + cache is regularly checked to see if any cache entries should be + invalidated, however this function provides a way to + unconditionally clear the whole cache. +

+ + + connect(Socket, SslOptions) -> connect(Socket, SslOptions, Timeout) -> {ok, SslSocket} diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index 43cb3934f7..f1377cabda 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -4,7 +4,7 @@
- 19992013 + 19992015 Ericsson AB. All Rights Reserved. @@ -82,7 +82,16 @@ callback module, defaults to [].

- + + ]]> + +

+ Number of milliseconds between PEM cache validations. +

+ ssl:clear_pem_cache/0 + +
-- cgit v1.2.3 From ed540bd0e457fd43a5b3eaf41f9886cb63a2755a Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Wed, 25 Feb 2015 12:11:16 +0100 Subject: ssl: Implement support for TLS_FALLBACK_SCSV --- lib/ssl/doc/src/ssl.xml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 249fee5760..0c042f8571 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -425,6 +425,23 @@ fun(srp, Username :: string(), UserState :: term()) -> Indication extension will be sent if possible, this option may also be used to disable that behavior.

+ {fallback, boolean()} + +

Send special cipher suite TLS_FALLBACK_SCSV to avoid undesired TLS version downgrade. + Defaults to false

+

Note this option is not needed in normal TLS usage and should not be used + to implement new clients. But legacy clients that that retries connections in the following manner

+ +

ssl:connect(Host, Port, [...{versions, ['tlsv2', 'tlsv1.1', 'tlsv1', 'sslv3']}])

+

ssl:connect(Host, Port, [...{versions, [tlsv1.1', 'tlsv1', 'sslv3']}, {fallback, true}])

+

ssl:connect(Host, Port, [...{versions, ['tlsv1', 'sslv3']}, {fallback, true}])

+

ssl:connect(Host, Port, [...{versions, ['sslv3']}, {fallback, true}])

+ +

may use it to avoid undesired TLS version downgrade. Note that TLS_FALLBACK_SCSV must also + be supported by the server for the prevention to work. +

+ +
-- cgit v1.2.3 From 4e0a5e36b38e3f15ed8f7d700d26f2424a47111c Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Wed, 11 Feb 2015 14:53:10 +0100 Subject: ssl: Integrate public_key CRL verification with the ssl application --- lib/ssl/doc/src/Makefile | 4 +- lib/ssl/doc/src/refman.xml | 19 +----- lib/ssl/doc/src/ssl.xml | 45 ++++++++++++-- lib/ssl/doc/src/ssl_crl_cache.xml | 66 +++++++++++++++++++++ lib/ssl/doc/src/ssl_crl_cache_api.xml | 97 +++++++++++++++++++++++++++++++ lib/ssl/doc/src/ssl_session_cache_api.xml | 6 +- 6 files changed, 212 insertions(+), 25 deletions(-) create mode 100644 lib/ssl/doc/src/ssl_crl_cache.xml create mode 100644 lib/ssl/doc/src/ssl_crl_cache_api.xml (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/Makefile b/lib/ssl/doc/src/Makefile index fb12499ef7..cfbf98f6e3 100644 --- a/lib/ssl/doc/src/Makefile +++ b/lib/ssl/doc/src/Makefile @@ -1,7 +1,7 @@ # # %CopyrightBegin% # -# Copyright Ericsson AB 1999-2012. All Rights Reserved. +# Copyright Ericsson AB 1999-2015. All Rights Reserved. # # The contents of this file are subject to the Erlang Public License, # Version 1.1, (the "License"); you may not use this file except in @@ -37,7 +37,7 @@ RELSYSDIR = $(RELEASE_PATH)/lib/$(APPLICATION)-$(VSN) # Target Specs # ---------------------------------------------------- XML_APPLICATION_FILES = refman.xml -XML_REF3_FILES = ssl.xml ssl_session_cache_api.xml +XML_REF3_FILES = ssl.xml ssl_crl_cache.xml ssl_crl_cache.xml ssl_session_cache_api.xml XML_REF6_FILES = ssl_app.xml XML_PART_FILES = release_notes.xml usersguide.xml diff --git a/lib/ssl/doc/src/refman.xml b/lib/ssl/doc/src/refman.xml index ae11198edb..d5f2219af9 100644 --- a/lib/ssl/doc/src/refman.xml +++ b/lib/ssl/doc/src/refman.xml @@ -4,7 +4,7 @@
- 19992013 + 19992015 Ericsson AB. All Rights Reserved. @@ -28,23 +28,10 @@ B refman.sgml
- -

The SSL application provides secure communication over - sockets. -

-

This product includes software developed by the OpenSSL Project for - use in the OpenSSL Toolkit (http://www.openssl.org/). -

-

This product includes cryptographic software written by Eric Young - (eay@cryptsoft.com). -

-

This product includes software written by Tim Hudson - (tjh@cryptsoft.com). -

-

For full OpenSSL and SSLeay license texts, see Licenses.

- + + diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 7a5f72710a..c9b02d44ec 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -51,9 +51,9 @@ IDEA cipher suites are not supported as they have become deprecated by the latest TLS spec so there is not any real motivation to implement them. - CRL and policy certificate extensions are not supported - yet. However CRL verification is supported by public_key, only not integrated - in ssl yet. + CRL validation is supported. + Policy certificate extensions are not supported + yet. Support for 'Server Name Indication' extension client side (RFC 6066 section 3). @@ -301,10 +301,47 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom() | {revo Possible such reasons see public_key:pkix_path_validation/3 + + + {crl_check, boolean() | peer | best_effort ) + + Perform CRL (Certificate Revocation List) verification + + public_key:pkix_crls_validate/3, during the + public_key:pkix_path_validation/3 + invokation on all the certificates in the peer certificate chain. Defaults to + false. + +

peer - check is only performed on + the peer certificate.

+ +

best_effort - if certificate revokation status can not be determined + it will be accepted as valid.

+

The CA certificates specified for the connection will be used to + construct the certificate chain validating the CRLs.

+ +

The CRLs will be fetched from a local or external cache + ssl_crl_cache_api(3).

 - {partial_chain, fun(Chain::[DerCert]) -> {trusted_ca, DerCert} | unknown_ca } + {crl_cache, {Module::atom, {DbHandle::internal | term(), Args::list()}} + +

Module defaults to ssl_crl_cache with DbHandle internal and an + empty argument list. The following arguments may be specified for the internal cache.

+ + {http, timeout()} + + Enables fetching of CRLs specified as http URIs in X509 cerificate extensions. + Requires the OTP inets application. + + + + + {partial_chain, fun(Chain::[DerCert]) -> {trusted_ca, DerCert} | unknown_ca + Claim an intermediat CA in the chain as trusted. TLS will then perform the public_key:pkix_path_validation/3 with the selected CA as trusted anchor and the rest of the chain. diff --git a/lib/ssl/doc/src/ssl_crl_cache.xml b/lib/ssl/doc/src/ssl_crl_cache.xml new file mode 100644 index 0000000000..1ed76d3e2a --- /dev/null +++ b/lib/ssl/doc/src/ssl_crl_cache.xml @@ -0,0 +1,66 @@ + + + + +
+ + 20152015 + Ericsson AB. All Rights Reserved. + + + The contents of this file are subject to the Erlang Public License, + Version 1.1, (the "License"); you may not use this file except in + compliance with the License. You should have received a copy of the + Erlang Public License along with this software. If not, it can be + retrieved online at http://www.erlang.org/. + + Software distributed under the License is distributed on an "AS IS" + basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See + the License for the specific language governing rights and limitations + under the License. + + ssl_crl_cache + ssl_crl_cache.xml +
+ + ssl_crl_cache + CRL cache + +

+ Implements an internal CRL (Certificate Revocation List) cache. + In addition to implementing the ssl_cache_crl_api + the following functions are available. +

+ + + + + insert(CRLSrc) -> ok | {error, Reason} + insert(URI, CRLSrc) -> ok | {error, Reason} + + + CRLSrc = {file, string()} | {der, [ der_encoded() ]} + URI = http_uri:uri() + Reason = term() + + + Insert CRLs into the ssl applications local cache. + + + + + delete(Entries) -> ok | {error, Reason} + + + Entries = http_uri:uri() | {file, string()} | {der, [ der_encoded() ]} + Reason = term() + + + Delete CRLs from the ssl applications local cache. + + + + \ No newline at end of file diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml new file mode 100644 index 0000000000..24365c9f59 --- /dev/null +++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml @@ -0,0 +1,97 @@ + + + + +
+ + 20152015 + Ericsson AB. All Rights Reserved. + + + The contents of this file are subject to the Erlang Public License, + Version 1.1, (the "License"); you may not use this file except in + compliance with the License. You should have received a copy of the + Erlang Public License along with this software. If not, it can be + retrieved online at http://www.erlang.org/. + + Software distributed under the License is distributed on an "AS IS" + basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See + the License for the specific language governing rights and limitations + under the License. + + ssl_crl_cache_api + ssl_crl_cache_api.xml +
+ + ssl_crl_cache_api + API for a SSL/TLS CRL (Certificate Revocation List) cache. + +

+ When SSL/TLS performs certificate path validation according to + RFC 5280 it should + also perform CRL validation checks. To enable the CRL checks the application + needs access to CRLs. A database of CRLs can be set up in many different ways. + This module provides an API to integrate an arbitrary CRL cache with the erlang + ssl application. It is also used by the application itself to provide a simple + default implementation of a CRL cache. +

+ + +
+ Common Data Types + +

The following data types are used in the functions below: +

+ +

cache_ref() = opaque()

+

dist_point() = #'DistributionPoint'{} see X509 certificates records

+
+ + + + lookup(DistributionPoint, DbHandle) -> not_available | CRLs + + + DistributionPoint = dist_point() + DbHandle = cache_ref() + CRLs = [public_key:der_encoded()] + +

Lookup the CRLs belonging to the distribution point Distributionpoint

. + This function may choose to only look in the cache or to follow distribution point + links depending on how the cache is administrated. + + + + + select(Issuer, DbHandle) -> CRLs + Select the CRLs in the cache that are issued by Issuer + + Issuer = public_key:issuer_name() + DbHandle = cache_ref() + + +

Select the CRLs in the cache that are issued by Issuer

+ + + + + fresh_crl(DistributionPoint, CRL) -> FreshCRL + fun fresh_crl/2 will be used as input option update_crl to + public_key:pkix_crls_validate/3 + + DistributionPoint = dist_point() + CRL = [public_key:der_encoded()] + FreshCRL = [public_key:der_encoded()] + + +

fun fresh_crl/2 will be used as input option update_crl to + public_key:pkix_crls_validate/3

+ + + + \ No newline at end of file diff --git a/lib/ssl/doc/src/ssl_session_cache_api.xml b/lib/ssl/doc/src/ssl_session_cache_api.xml index cb97bbfbb2..9f87d31e90 100644 --- a/lib/ssl/doc/src/ssl_session_cache_api.xml +++ b/lib/ssl/doc/src/ssl_session_cache_api.xml @@ -4,7 +4,7 @@
- 19992014 + 19992015 Ericsson AB. All Rights Reserved. @@ -119,14 +119,14 @@ select_session(Cache, PartialKey) -> [session()] - >Selects sessions that could be reused. + Selects a sessions that could be reused. Cache = cache_ref() PartialKey = partialkey() Session = session() -

Selects sessions that could be reused. Should be callable +

Selects a sessions that could be reused. Should be callable from any process.

-- cgit v1.2.3 From 2c5ec58cedb6d88ea1ecdee4893bba54d397aeed Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Tue, 17 Mar 2015 10:47:42 +0100 Subject: ssl: Improve documentation --- lib/ssl/doc/src/ssl.xml | 18 +++++++++--------- lib/ssl/doc/src/ssl_crl_cache.xml | 2 +- lib/ssl/doc/src/ssl_crl_cache_api.xml | 16 +++++++++------- 3 files changed, 19 insertions(+), 17 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index c9b02d44ec..47100c0d81 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -94,7 +94,7 @@ {log_alert, boolean()} | {server_name_indication, hostname() | disable}

-

transportoption() = {cb_info, {CallbackModule::atom(), DataTag::atom(), ClosedTag::atom(), ErrTag:atom()}} +

transportoption() = {cb_info, {CallbackModule :: atom(), DataTag :: atom(), ClosedTag :: atom(), ErrTag:atom()}} - defaults to {gen_tcp, tcp, tcp_closed, tcp_error}. Can be used to customize the transport layer. The callback module must implement a reliable transport protocol and behave as gen_tcp and in addition have functions corresponding to @@ -303,20 +303,20 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom() | {revo - {crl_check, boolean() | peer | best_effort ) + {crl_check, boolean() | peer | best_effort } Perform CRL (Certificate Revocation List) verification - public_key:pkix_crls_validate/3, during the + (public_key:pkix_crls_validate/3) on all the certificates during the path validation public_key:pkix_path_validation/3 - invokation on all the certificates in the peer certificate chain. Defaults to - false. - + marker="public_key:public_key#pkix_path_validation-3">(public_key:pkix_path_validation/3) + + of the certificate chain. Defaults to false. +

peer - check is only performed on the peer certificate.

-

best_effort - if certificate revokation status can not be determined +

best_effort - if certificate revocation status can not be determined it will be accepted as valid.

The CA certificates specified for the connection will be used to @@ -326,7 +326,7 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom() | {revo ssl_crl_cache_api(3).

- {crl_cache, {Module::atom, {DbHandle::internal | term(), Args::list()}} + {crl_cache, {Module :: atom(), {DbHandle :: internal | term(), Args :: list()}}}

Module defaults to ssl_crl_cache with DbHandle internal and an empty argument list. The following arguments may be specified for the internal cache.

diff --git a/lib/ssl/doc/src/ssl_crl_cache.xml b/lib/ssl/doc/src/ssl_crl_cache.xml index 1ed76d3e2a..b291c7b633 100644 --- a/lib/ssl/doc/src/ssl_crl_cache.xml +++ b/lib/ssl/doc/src/ssl_crl_cache.xml @@ -29,7 +29,7 @@

Implements an internal CRL (Certificate Revocation List) cache. In addition to implementing the ssl_cache_crl_api + marker="ssl_cache_crl_api"> ssl_cache_crl_api behaviour the following functions are available.

diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml index 24365c9f59..3f518496be 100644 --- a/lib/ssl/doc/src/ssl_crl_cache_api.xml +++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml @@ -27,13 +27,15 @@ API for a SSL/TLS CRL (Certificate Revocation List) cache.

- When SSL/TLS performs certificate path validation according to - RFC 5280 it should - also perform CRL validation checks. To enable the CRL checks the application - needs access to CRLs. A database of CRLs can be set up in many different ways. - This module provides an API to integrate an arbitrary CRL cache with the erlang - ssl application. It is also used by the application itself to provide a simple - default implementation of a CRL cache. + When SSL/TLS performs certificate path validation according to + RFC 5280 + it should also perform CRL validation checks. To enable the CRL + checks the application needs access to CRLs. A database of CRLs + can be set up in many different ways. This module provides the + behavior of the API needed to integrate an arbitrary CRL cache + with the erlang ssl application. It is also used by the + application itself to provide a simple default implementation of + a CRL cache.

-- cgit v1.2.3 From 7cf85926c11d38ce5ebd181f9f98185f359d64a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Hoguin?= Date: Thu, 26 Feb 2015 18:55:16 +0100 Subject: ssl: Add TLS-ALPN support This commit adds support for RFC7301, application-layer protocol negotiation. ALPN is the standard based approach to the NPN extension, and is required for HTTP/2. ALPN lives side by side with NPN and provides an equivalent feature but in this case it is the server that decides what protocol to use, not the client. When both ALPN and NPN are sent by a client, and the server is configured with both ALPN and NPN options, ALPN will always take precedence. This behavior can also be found in the OpenSSL implementation of ALPN. ALPN and NPN share the ssl:negotiated_protocol/1 function for retrieving the negotiated protocol. The previously existing function ssl:negotiated_next_protocol/1 still exists, but has been deprecated and removed from the documentation. The tests against OpenSSL require OpenSSL version 1.0.2+. --- lib/ssl/doc/src/ssl.xml | 38 +++++++++++++++++++++++++++++++++----- 1 file changed, 33 insertions(+), 5 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index c9b02d44ec..3581a487a2 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -89,6 +89,8 @@ |{dh, der_encoded()} | {dhfile, path()} | {ciphers, ciphers()} | {user_lookup_fun, {fun(), term()}}, {psk_identity, string()}, {srp_identity, {string(), string()}} | {ssl_imp, ssl_imp()} | {reuse_sessions, boolean()} | {reuse_session, fun()} + {alpn_advertised_protocols, [binary()]} | + {alpn_preferred_protocols, [binary()]} | {next_protocols_advertised, [binary()]} | {client_preferred_next_protocols, {client | server, [binary()]} | {client | server, [binary()], binary()}} | {log_alert, boolean()} | {server_name_indication, hostname() | disable} @@ -425,7 +427,20 @@ fun(srp, Username :: string(), UserState :: term()) -> certificates are used during server authentication and when building the client certificate chain. - + + {alpn_advertised_protocols, [binary()]} + +

The list of protocols supported by the client to be sent to the + server to be used for an Application-Layer Protocol Negotiation (ALPN). + If the server supports ALPN then it will choose a protocol from this + list; otherwise it will fail the connection with a "no_application_protocol" + alert. A server that does not support ALPN will ignore this value.

+ +

The list of protocols must not contain an empty binary.

+ +

The negotiated protocol can be retrieved using the negotiated_protocol/1 function.

+ + {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()]}} {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()], Default :: binary()}} @@ -545,12 +560,25 @@ fun(srp, Username :: string(), UserState :: term()) -> and CipherSuite is of type ciphersuite(). + {alpn_preferred_protocols, [binary()]} + +

Indicates the server will try to perform Application-Layer + Protocol Negotiation (ALPN).

+ +

The list of protocols is in order of preference. The protocol + negotiated will be the first in the list that matches one of the + protocols advertised by the client. If no protocol matches, the + server will fail the connection with a "no_application_protocol" alert.

+ +

The negotiated protocol can be retrieved using the negotiated_protocol/1 function.

+ + {next_protocols_advertised, Protocols :: [binary()]} The list of protocols to send to the client if the client indicates it supports the Next Protocol extension. The client may select a protocol that is not on this list. The list of protocols must not contain an empty binary. If the server negotiates a Next Protocol it can be accessed - using negotiated_next_protocol/1 method. + using negotiated_protocol/1 function. {psk_identity, string()} @@ -1018,15 +1046,15 @@ fun(srp, Username :: string(), UserState :: term()) -> - negotiated_next_protocol(Socket) -> {ok, Protocol} | {error, next_protocol_not_negotiated} - Returns the Next Protocol negotiated. + negotiated_protocol(Socket) -> {ok, Protocol} | {error, protocol_not_negotiated} + Returns the protocol negotiated through ALPN or NPN extensions. Socket = sslsocket() Protocol = binary()

- Returns the Next Protocol negotiated. + Returns the protocol negotiated through ALPN or NPN extensions.

-- cgit v1.2.3 From 62870c998955e1498e71bfc90607885e96ecaa27 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Tue, 31 Mar 2015 12:24:04 +0200 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 75 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 74 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 4349e5a456..352563700b 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -25,7 +25,80 @@ notes.xml

This document describes the changes made to the SSL application.

-
SSL 5.3.8 +
SSL 6.0 + +
Fixed Bugs and Malfunctions + + +

+ Exclude self-signed trusted anchor certificates from + certificate prospective certification path according to + RFC 3280.

+

+ This will avoid some unnecessary certificate processing.

+

+ Own Id: OTP-12449

+ + +
+ + +
Improvements and New Features + + +

+ Separate client and server session cache internally.

+

+ Avoid session table growth when client starts many + connections in such a manner that many connections are + started before session reuse is possible. Only save a new + session in client if there is no equivalent session + already stored.

+

+ Own Id: OTP-11365

+ + +

+ The PEM cache is now validated by a background process, + instead of always keeping it if it is small enough and + clearing it otherwise. That strategy required that small + caches where cleared by API function if a file changes on + disk.

+

+ However export the API function to clear the cache as it + may still be useful.

+

+ Own Id: OTP-12391

+ + +

+ Add padding check for TLS-1.0 to remove Poodle + vulnerability from TLS 1.0, also add the option + padding_check. This option only affects TLS-1.0 + connections and if set to false it disables the block + cipher padding check to be able to interoperate with + legacy software.

+

+ *** POTENTIAL INCOMPATIBILITY ***

+

+ Own Id: OTP-12420

+ + +

+ Add support for TLS_FALLBACK_SCSV used to prevent + undesired TLS version downgrades. If used by a client + that is vulnerable to the POODLE attack, and the server + also supports TLS_FALLBACK_SCSV, the attack can be + prevented.

+

+ Own Id: OTP-12458

+ + +
+ +
+ +
SSL 5.3.8
Fixed Bugs and Malfunctions -- cgit v1.2.3 From 1776467988178ff24376499747fed836b1765e1d Mon Sep 17 00:00:00 2001 From: xsipewe Date: Mon, 16 Mar 2015 14:18:41 +0100 Subject: ssl: Editorial updates --- lib/ssl/doc/src/refman.xml | 4 +- lib/ssl/doc/src/ssl.xml | 1019 +++++++++++++++-------------- lib/ssl/doc/src/ssl_app.xml | 85 ++- lib/ssl/doc/src/ssl_distribution.xml | 255 ++++---- lib/ssl/doc/src/ssl_introduction.xml | 54 ++ lib/ssl/doc/src/ssl_protocol.xml | 126 ++-- lib/ssl/doc/src/ssl_session_cache_api.xml | 115 ++-- lib/ssl/doc/src/usersguide.xml | 5 +- lib/ssl/doc/src/using_ssl.xml | 101 +-- 9 files changed, 957 insertions(+), 807 deletions(-) create mode 100644 lib/ssl/doc/src/ssl_introduction.xml (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/refman.xml b/lib/ssl/doc/src/refman.xml index d5f2219af9..c6ebe5764a 100644 --- a/lib/ssl/doc/src/refman.xml +++ b/lib/ssl/doc/src/refman.xml @@ -1,7 +1,7 @@ - +
19992015 @@ -33,6 +33,6 @@ - + diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 47b0dbc206..1e6981f7e5 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -21,245 +21,282 @@ ssl + + + + ssl.xml
ssl Interface Functions for Secure Socket Layer -

This module contains interface functions to the Secure Socket - Layer. -

+

This module contains interface functions for the SSL.
SSL - ssl requires the crypto and public_key applications. + ssl requires the crypto and public_key + applications. Supported SSL/TLS-versions are SSL-3.0, TLS-1.0, - TLS-1.1 and TLS-1.2. + TLS-1.1, and TLS-1.2. For security reasons SSL-2.0 is not supported. For security reasons SSL-3.0 is no longer supported by default, - but may be configured. - Ephemeral Diffie-Hellman cipher suites are supported + but can be configured. + Ephemeral Diffie-Hellman cipher suites are supported, but not Diffie Hellman Certificates cipher suites. - Elliptic Curve cipher suites are supported if crypto - supports it and named curves are used. + Elliptic Curve cipher suites are supported if the crypto + application supports it and named curves are used. Export cipher suites are not supported as the U.S. lifted its export restrictions in early 2000. IDEA cipher suites are not supported as they have - become deprecated by the latest TLS spec so there is not any - real motivation to implement them. + become deprecated by the latest TLS specification so it is not + motivated to implement them. CRL validation is supported. - Policy certificate extensions are not supported - yet. - Support for 'Server Name Indication' extension client side - (RFC 6066 section 3). + Policy certificate extensions are not supported. + 'Server Name Indication' extension client side + (RFC 6066, Section 3) is supported.
- COMMON DATA TYPES -

The following data types are used in the functions below: -

+ DATA TYPES +

The following data types are used in the functions for ssl:

-

boolean() = true | false

+ -

option() = socketoption() | ssloption() | transportoption()

+ boolean() +

= true | false

 -

socketoption() = proplists:property() - The default socket options are - [{mode,list},{packet, 0},{header, 0},{active, true}]. -

+ option() +

= socketoption() | ssloption() | transportoption()

+ -

For valid options - see inet(3) and - gen_tcp(3). -

- -

ssloption() = {verify, verify_type()} | - {verify_fun, {fun(), term()}} | - {fail_if_no_peer_cert, boolean()} - {depth, integer()} | - {cert, der_encoded()}| {certfile, path()} | - {key, {'RSAPrivateKey'| 'DSAPrivateKey' | 'ECPrivateKey' |'PrivateKeyInfo', der_encoded()}} | - {keyfile, path()} | {password, string()} | - {cacerts, [der_encoded()]} | {cacertfile, path()} | - |{dh, der_encoded()} | {dhfile, path()} | {ciphers, ciphers()} | - {user_lookup_fun, {fun(), term()}}, {psk_identity, string()}, {srp_identity, {string(), string()}} | - {ssl_imp, ssl_imp()} | {reuse_sessions, boolean()} | {reuse_session, fun()} - {alpn_advertised_protocols, [binary()]} | - {alpn_preferred_protocols, [binary()]} | - {next_protocols_advertised, [binary()]} | - {client_preferred_next_protocols, {client | server, [binary()]} | {client | server, [binary()], binary()}} | - {log_alert, boolean()} | {server_name_indication, hostname() | disable} -

- -

transportoption() = {cb_info, {CallbackModule :: atom(), DataTag :: atom(), ClosedTag :: atom(), ErrTag:atom()}} - - defaults to {gen_tcp, tcp, tcp_closed, tcp_error}. Can be used to customize - the transport layer. The callback module must implement a reliable transport - protocol and behave as gen_tcp and in addition have functions corresponding to - inet:setopts/2, inet:getopts/2, inet:peername/1, inet:sockname/1 and inet:port/1. - The callback gen_tcp is treated specially and will call inet directly. -

- -

      CallbackModule = - atom() -

      DataTag = - atom() - tag used in socket data message.

-

      ClosedTag = atom() - tag used in - socket close message.

- -

verify_type() = verify_none | verify_peer

- -

path() = string() - representing a file path.

+ socketoption() +

= proplists:property()

+

The default socket options are + [{mode,list},{packet, 0},{header, 0},{active, true}].

+

For valid options, see the + inet(3) and + gen_tcp(3) manual pages + in kernel.

 + + ssloption() +

= {verify, verify_type()}

+

| {verify_fun, {fun(), term()}}

+

| {fail_if_no_peer_cert, boolean()} {depth, integer()}

+

| {cert, der_encoded()}

+

| {certfile, path()}

+

| {key, {'RSAPrivateKey'| 'DSAPrivateKey' | 'ECPrivateKey' + | 'PrivateKeyInfo', der_encoded()}}

+

| {keyfile, path()}

+

| {password, string()}

+

| {cacerts, [der_encoded()]}

+

| {cacertfile, path()}

+

| {dh, der_encoded()}

+

| {dhfile, path()}

+

| {ciphers, ciphers()}

+

| {user_lookup_fun, {fun(), term()}}, {psk_identity, string()}, + {srp_identity, {string(), string()}}

+

| {ssl_imp, ssl_imp()}

+

| {reuse_sessions, boolean()}

+

| {reuse_session, fun()} {next_protocols_advertised, [binary()]}

+

| {client_preferred_next_protocols, {client | server, + [binary()]} | {client | server, [binary()], binary()}}

+

| {log_alert, boolean()}

+

| {server_name_indication, hostname() | disable}

 + + transportoption() +

= {cb_info, {CallbackModule::atom(), DataTag::atom(), + ClosedTag::atom(), ErrTag:atom()}}

+

Defaults to {gen_tcp, tcp, tcp_closed, tcp_error}. Can be used + to customize the transport layer. The callback module must implement a + reliable transport protocol, behave as gen_tcp, and have functions + corresponding to inet:setopts/2, inet:getopts/2, + inet:peername/1, inet:sockname/1, and inet:port/1. + The callback gen_tcp is treated specially and calls inet + directly.

+ + CallbackModule +

= atom()

 + DataTag +

= atom()

p> +

Used in socket data message.

 + ClosedTag +

= atom()

+

Used in socket close message.

 + + -

der_encoded() = binary() -Asn1 DER encoded entity as an erlang binary.

- -

host() = hostname() | ipaddress()

- -

hostname() = string()

- -

- ip_address() = {N1,N2,N3,N4} % IPv4 - | {K1,K2,K3,K4,K5,K6,K7,K8} % IPv6

+ verify_type() +

= verify_none | verify_peer

 -

sslsocket() - opaque to the user.

- -

protocol() = sslv3 | tlsv1 | 'tlsv1.1' | 'tlsv1.2'

- -

ciphers() = [ciphersuite()] | string() (according to old API)

- -

ciphersuite() = - {key_exchange(), cipher(), hash()}

- -

key_exchange() = rsa | dhe_dss | dhe_rsa | dh_anon - | psk | dhe_psk | rsa_psk | srp_anon | srp_dss | srp_rsa - | ecdh_anon | ecdh_ecdsa | ecdhe_ecdsa | ecdh_rsa | ecdhe_rsa -

+ path() +

= string()

+

Represents a file path.

 + + der_encoded() +

= binary()

+

ASN.1 DER-encoded entity as an Erlang binary.

 + + host() +

= hostname() | ipaddress()

 + + hostname() +

= string()

 + + ip_address() +

= {N1,N2,N3,N4} % IPv4 | {K1,K2,K3,K4,K5,K6,K7,K8} % IPv6 +

-

cipher() = rc4_128 | des_cbc | '3des_ede_cbc' - | aes_128_cbc | aes_256_cbc | aes_128_gcm | aes_256_gcm

+ sslsocket() +

Opaque to the user.

 -

hash() = md5 | sha -

+ protocol() +

= sslv3 | tlsv1 | 'tlsv1.1' | 'tlsv1.2'

 -

prf_random() = client_random | server_random -

+ ciphers() +

= [ciphersuite()] | string()

+

According to old API.

 -

srp_param_type() = srp_1024 | srp_1536 | srp_2048 | srp_3072 - | srp_4096 | srp_6144 | srp_8192

+ ciphersuite() +

= {key_exchange(), cipher(), hash()}

 + key_exchange() +

= rsa | dhe_dss | dhe_rsa | dh_anon | psk | dhe_psk + | rsa_psk | srp_anon | srp_dss | srp_rsa | ecdh_anon | ecdh_ecdsa + | ecdhe_ecdsa | ecdh_rsa | ecdhe_rsa

 + + cipher() +

= rc4_128 | des_cbc | '3des_ede_cbc' + | aes_128_cbc | aes_256_cbc | aes_128_gcm | aes_256_gcm

 + + hash() +

= md5 | sha

 + + prf_random() +

= client_random | server_random

 + + srp_param_type() +

= srp_1024 | srp_1536 | srp_2048 | srp_3072 + | srp_4096 | srp_6144 | srp_8192

 + +
SSL OPTION DESCRIPTIONS - COMMON for SERVER and CLIENT -

Options described here are options that are have the same - meaning in the client and the server. -

+

The following options have the same meaning in the client and + the server:

- {cert, der_encoded()} - The DER encoded users certificate. If this option - is supplied it will override the certfile option. + {cert, der_encoded()} +

The DER-encoded users certificate. If this option + is supplied, it overrides option certfile.

 - {certfile, path()} - Path to a file containing the user's PEM encoded certificate. + {certfile, path()} +

Path to a file containing the user certificate.

 - {key, {'RSAPrivateKey'| 'DSAPrivateKey' | 'ECPrivateKey' |'PrivateKeyInfo', der_encoded()}} - The DER encoded users private key. If this option - is supplied it will override the keyfile option. + {key, {'RSAPrivateKey'| 'DSAPrivateKey' | 'ECPrivateKey' + |'PrivateKeyInfo', der_encoded()}} +

The DER-encoded user's private key. If this option + is supplied, it overrides option keyfile.

 - {keyfile, path()} - Path to file containing user's - private PEM encoded key. As PEM-files may contain several - entries this option defaults to the same file as given by - certfile option. - - {password, string()} - String containing the user's password. - Only used if the private keyfile is password protected. - - - {cacerts, [der_encoded()]} - The DER encoded trusted certificates. If this option - is supplied it will override the cacertfile option. - - {ciphers, ciphers()} - The cipher suites that should be supported. The function + {keyfile, path()} +

Path to the file containing the user's + private PEM-encoded key. As PEM-files can contain several + entries, this option defaults to the same file as given by + option certfile.

 + + {password, string()} +

String containing the user's password. Only used if the + private keyfile is password-protected.

 + + {cacerts, [der_encoded()]} +

The DER-encoded trusted certificates. If this option + is supplied it overrides option cacertfile.

 + + {ciphers, ciphers()} +

Supported cipher suites. The function cipher_suites/0 can be used to find all ciphers that are - supported by default. cipher_suites(all) may be called - to find all available cipher suites. - Pre-Shared Key (RFC 4279 and + supported by default. cipher_suites(all) can be called + to find all available cipher suites. Pre-Shared Key + (RFC 4279 and RFC 5487), - Secure Remote Password (RFC 5054) + Secure Remote Password + (RFC 5054), and anonymous cipher suites only work if explicitly enabled by - this option and they are supported/enabled by the peer also. - Note that anonymous cipher suites are supported for testing purposes - only and should not be used when security matters. + this option; they are supported/enabled by the peer also. + Anonymous cipher suites are supported for testing purposes + only and are not be used when security matters.

 + + {ssl_imp, new | old} +

Has no longer any meaning as the old implementation is + removed; it is ignored.

 + + {secure_renegotiate, boolean()} +

Specifies if to reject renegotiation attempt that does + not live up to + RFC 5746. + By default secure_renegotiate is set to false, + that is, secure renegotiation is used if possible, + but it fallback to unsecure renegotiation if the peer + does not support + RFC 5746.

 - {ssl_imp, new | old} - No longer has any meaning as the old implementation has - been removed, it will be ignored. - - - {secure_renegotiate, boolean()} - Specifies if to reject renegotiation attempt that does - not live up to RFC 5746. By default secure_renegotiate is - set to false i.e. secure renegotiation will be used if possible - but it will fallback to unsecure renegotiation if the peer - does not support RFC 5746. - - - {depth, integer()} - - The depth is the maximum number of non-self-issued - intermediate certificates that may follow the peer certificate - in a valid certification path. So if depth is 0 the PEER must - be signed by the trusted ROOT-CA directly, if 1 the path can - be PEER, CA, ROOT-CA, if it is 2 PEER, CA, CA, ROOT-CA and so - on. The default value is 1. - + {depth, integer()} +

Maximum number of non-self-issued + intermediate certificates that can follow the peer certificate + in a valid certification path. So, if depth is 0 the PEER must + be signed by the trusted ROOT-CA directly; if 1 the path can + be PEER, CA, ROOT-CA; if 2 the path can be PEER, CA, CA, + ROOT-CA, and so on. The default value is 1.

 - {verify_fun, {Verifyfun :: fun(), InitialUserState :: term()}} - -

The verification fun should be defined as:

+ {verify_fun, {Verifyfun :: fun(), InitialUserState :: + term()}} +

The verification fun is to be defined as follows:

-fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom() | {revoked, atom()}} | +fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom() | {revoked, +atom()}} | {extension, #'Extension'{}}, InitialUserState :: term()) -> {valid, UserState :: term()} | {valid_peer, UserState :: term()} | {fail, Reason :: term()} | {unknown, UserState :: term()}. -

The verify fun will be called during the X509-path - validation when an error or an extension unknown to the ssl - application is encountered. Additionally it will be called +

The verification fun is called during the X509-path + validation when an error or an extension unknown to the ssl + application is encountered. It is also called when a certificate is considered valid by the path validation to allow access to each certificate in the path to the user - application. Note that it will differentiate between the - peer certificate and CA certificates by using valid_peer or - valid as the second argument to the verify fun. See the public_key User's - Guide for definition of #'OTPCertificate'{} and - #'Extension'{}.

- -

If the verify callback fun returns {fail, Reason}, the - verification process is immediately stopped and an alert is - sent to the peer and the TLS/SSL handshake is terminated. If - the verify callback fun returns {valid, UserState}, the - verification process is continued. If the verify callback fun - always returns {valid, UserState}, the TLS/SSL handshake will - not be terminated with respect to verification failures and - the connection will be established. If called with an - extension unknown to the user application, the return value - {unknown, UserState} should be used.

- -

The default verify_fun option in verify_peer mode:

+ application. It differentiates between the peer + certificate and the CA certificates by using valid_peer or + valid as second argument to the verification fun. See the + public_key User's + Guide for definition of #'OTPCertificate'{} and + #'Extension'{}.

+ + +

If the verify callback fun returns {fail, Reason}, + the verification process is immediately stopped, an alert is + sent to the peer, and the TLS/SSL handshake terminates.

 +

If the verify callback fun returns {valid, UserState}, + the verification process continues.

 +

If the verify callback fun always returns + {valid, UserState}, the TLS/SSL handshake does not + terminate regarding verification failures and the connection is + established.

 +

If called with an extension unknown to the user application, + return value {unknown, UserState} is to be used.

 + + +

Default option verify_fun in verify_peer mode:

{fun(_,{bad_cert, _} = Reason, _) -> @@ -273,7 +310,7 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom() | {revo end, []} -

The default verify_fun option in verify_none mode:

+

Default option verify_fun in mode verify_none:

{fun(_,{bad_cert, _}, UserState) -> @@ -287,21 +324,24 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom() | {revo end, []} -

Possible path validation errors are given on the form {bad_cert, Reason} where Reason is:

+

The possible path validation errors are given on form + {bad_cert, Reason} where Reason is:

- unknown_ca - No trusted CA was found in the trusted store. The trusted CA is - normally a so called ROOT CA that is a self-signed cert. Trust may - be claimed for an intermediat CA (trusted anchor does not have to be self signed - according to X-509) by using the option partial_chain - - selfsigned_peer - The chain consisted only of one self-signed certificate. - - PKIX X-509-path validation error - Possible such reasons see public_key:pkix_path_validation/3 + unknown_ca +

No trusted CA was found in the trusted store. The trusted CA is + normally a so called ROOT CA, which is a self-signed certificate. Trust can + be claimed for an intermediat CA (trusted anchor does not have to be + self-signed according to X-509) by using option partial_chain.

+ + + selfsigned_peer +

The chain consisted only of one self-signed certificate.

 + + PKIX X-509-path validation error +

For possible reasons, see public_key:pkix_path_validation/3 +

@@ -341,32 +381,30 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom() | {revo - - {partial_chain, fun(Chain::[DerCert]) -> {trusted_ca, DerCert} | unknown_ca - - - Claim an intermediat CA in the chain as trusted. TLS will then perform the public_key:pkix_path_validation/3 - with the selected CA as trusted anchor and the rest of the chain. - - {versions, [protocol()]} - TLS protocol versions that will be supported by started clients and servers. - This option overrides the application environment option protocol_version. If the - environment option is not set it defaults to all versions, except SSL-3.0, supported by the SSL application. See also - ssl(6) - + {partial_chain, fun(Chain::[DerCert]) -> {trusted_ca, DerCert} | + unknown_ca } +

Claim an intermediate CA in the chain as trusted. TLS then + performs public_key:pkix_path_validation/3 + with the selected CA as trusted anchor and the rest of the chain.

 + + {versions, [protocol()]} +

TLS protocol versions supported by started clients and servers. + This option overrides the application environment option + protocol_version. If the environment option is not set, it defaults + to all versions, except SSL-3.0, supported by the ssl application. + See also ssl(6).

 + + {hibernate_after, integer()|undefined} +

When an integer-value is specified, ssl_connection + goes into hibernation after the specified number of milliseconds + of inactivity, thus reducing its memory footprint. When + undefined is specified (this is the default), the process + never goes into hibernation.

 + + {user_lookup_fun, {Lookupfun :: fun(), UserState :: term()}} +

The lookup fun is to defined as follows:

- {hibernate_after, integer()|undefined} - When an integer-value is specified, the ssl_connection - will go into hibernation after the specified number of milliseconds - of inactivity, thus reducing its memory footprint. When - undefined is specified (this is the default), the process - will never go into hibernation. - - - {user_lookup_fun, {Lookupfun :: fun(), UserState :: term()}} - -

The lookup fun should be defined as:

fun(psk, PSKIdentity ::string(), UserState :: term()) -> {ok, SharedSecret :: binary()} | error; @@ -374,59 +412,55 @@ fun(srp, Username :: string(), UserState :: term()) -> {ok, {SRPParams :: srp_param_type(), Salt :: binary(), DerivedKey :: binary()}} | error. -

For Pre-Shared Key (PSK) cipher suites, the lookup fun will - be called by the client and server to determine the shared - secret. When called by the client, PSKIdentity will be set to the - hint presented by the server or undefined. When called by the - server, PSKIdentity is the identity presented by the client. -

- -

For Secure Remote Password (SRP), the fun will only be used by the server to obtain - parameters that it will use to generate its session keys. DerivedKey should be - derived according to RFC 2945 and - RFC 5054: - crypto:sha([Salt, crypto:sha([Username, <<$:>>, Password])]) +

For Pre-Shared Key (PSK) cipher suites, the lookup fun is + called by the client and server to determine the shared + secret. When called by the client, PSKIdentity is set to the + hint presented by the server or to undefined. When called by the + server, PSKIdentity is the identity presented by the client.

+ +

For Secure Remote Password (SRP), the fun is only used by the server to + obtain parameters that it uses to generate its session keys. + DerivedKey is to be derived according to + RFC 2945 and + RFC 5054: + crypto:sha([Salt, crypto:sha([Username, <<$:>>, Password])])

- {padding_check, boolean()} - -

This option only affects TLS-1.0 connections. - If set to false it disables the block cipher padding check - to be able to interoperate with legacy software. -

- -

Using this option makes TLS vulnerable to - the Poodle attack

 - - - + {padding_check, boolean()} +

Affects TLS-1.0 connections only. + If set to false, it disables the block cipher padding check + to be able to interoperate with legacy software.

 + - + +

Using {padding_check, boolean()} makes TLS + vulnerable to the Poodle attack.

 +
SSL OPTION DESCRIPTIONS - CLIENT SIDE -

Options described here are client specific or has a slightly different - meaning in the client than in the server.

+

The following options are client-specific or have a slightly different + meaning in the client than in the server:

- {verify, verify_type()} - In verify_none mode the default behavior will be to - allow all x509-path validation errors. See also the verify_fun - option. - - {reuse_sessions, boolean()} - Specifies if client should try to reuse sessions - when possible. + + {verify, verify_type()} +

In mode verify_none the default behavior is to allow + all x509-path validation errors. See also option verify_fun.

 + + {reuse_sessions, boolean()} +

Specifies if the client is to try to reuse sessions + when possible.

 - {cacertfile, path()} - The path to a file containing PEM encoded CA certificates. The CA + {cacertfile, path()} +

Path to a file containing PEM-encoded CA certificates. The CA certificates are used during server authentication and when building the - client certificate chain. - + client certificate chain.

+ {alpn_advertised_protocols, [binary()]} @@ -444,39 +478,44 @@ fun(srp, Username :: string(), UserState :: term()) -> {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()]}} {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()], Default :: binary()}} -

Indicates the client will try to perform Next Protocol +

Indicates that the client is to try to perform Next Protocol Negotiation.

-

If precedence is server the negotiated protocol will be the - first protocol that appears on the server advertised list that is +

If precedence is server, the negotiated protocol is the + first protocol to be shown on the server advertised list, which is also on the client preference list.

-

If precedence is client the negotiated protocol will be the - first protocol that appears on the client preference list that is +

If precedence is client, the negotiated protocol is the + first protocol to be shown on the client preference list, which is also on the server advertised list.

If the client does not support any of the server advertised - protocols or the server does not advertise any protocols the - client will fallback to the first protocol in its list or if a - default is supplied it will fallback to that instead. If the - server does not support Next Protocol Negotiation the - connection will be aborted if no default protocol is supplied.

+ protocols or the server does not advertise any protocols, the + client falls back to the first protocol in its list or to the + default protocol (if a default is supplied). If the + server does not support Next Protocol Negotiation, the + connection terminates if no default protocol is supplied.

 - {psk_identity, string()} - Specifies the identity the client presents to the server. The matching secret is - found by calling the user_look_fun. - - {srp_identity, {Username :: string(), Password :: string()} - Specifies the Username and Password to use to authenticate to the server. + {psk_identity, string()} +

Specifies the identity the client presents to the server. + The matching secret is found by calling user_look_fun.

 - {server_name_indication, hostname()} - {server_name_indication, disable} + + {srp_identity, {Username :: string(), Password :: string()} + +

Specifies the username and password to use to authenticate + to the server.

 + + {server_name_indication, hostname()} + + {server_name_indication, disable} -

This option can be specified when upgrading a TCP socket to a TLS +

Can be specified when upgrading a TCP socket to a TLS socket to use the TLS Server Name Indication extension.

-

When starting a TLS connection without upgrade the Server Name - Indication extension will be sent if possible, this option may also be + +

When starting a TLS connection without upgrade, the Server Name + Indication extension is sent if possible. This option can also be used to disable that behavior.

 {fallback, boolean()} @@ -502,63 +541,58 @@ fun(srp, Username :: string(), UserState :: term()) ->
SSL OPTION DESCRIPTIONS - SERVER SIDE -

Options described here are server specific or has a slightly different - meaning in the server than in the client.

+

The following options are server-specific or have a slightly different + meaning in the server than in the client:

- {cacertfile, path()} - The path to a file containing PEM encoded CA + {cacertfile, path()} +

Path to a file containing PEM-encoded CA certificates. The CA certificates are used to build the server - certificate chain, and for client authentication. Also the CAs - are used in the list of acceptable client CAs passed to the - client when a certificate is requested. May be omitted if there - is no need to verify the client and if there are not any - intermediate CAs for the server certificate. - + certificate chain and for client authentication. The CAs are + also used in the list of acceptable client CAs passed to the + client when a certificate is requested. Can be omitted if there + is no need to verify the client and if there are no + intermediate CAs for the server certificate.

 - {dh, der_encoded()} - The DER encoded Diffie Hellman parameters. If this option - is supplied it will override the dhfile option. - - - {dhfile, path()} - Path to file containing PEM encoded Diffie Hellman parameters, - for the server to use if a cipher suite using Diffie Hellman key exchange - is negotiated. If not specified default parameters will be used. - - - {verify, verify_type()} - Servers only do the x509-path validation in verify_peer - mode, as it then will send a certificate request to the client - (this message is not sent if the verify option is verify_none) - and you may then also want to specify the option - fail_if_no_peer_cert. + {dh, der_encoded()} +

The DER-encoded Diffie-Hellman parameters. If specified, + it overrides option dhfile.

 + + {dhfile, path()} +

Path to a file containing PEM-encoded Diffie Hellman parameters + to be used by the server if a cipher suite using Diffie Hellman key + exchange is negotiated. If not specified, default parameters are used. +

+ + {verify, verify_type()} +

A server only does x509-path validation in mode verify_peer, + as it then sends a certificate request to the client + (this message is not sent if the verify option is verify_none). + You can then also want to specify option fail_if_no_peer_cert. +

+ + {fail_if_no_peer_cert, boolean()} +

Used together with {verify, verify_peer} by an SSL server. + If set to true, the server fails if the client does not have + a certificate to send, that is, sends an empty certificate. If set to + false, it fails only if the client sends an invalid + certificate (an empty certificate is considered valid).

 - {fail_if_no_peer_cert, boolean()} - Used together with {verify, verify_peer} by an ssl server. - If set to true, the server will fail if the client does not have - a certificate to send, i.e. sends a empty certificate, if set to - false it will only fail if the client sends an invalid - certificate (an empty certificate is considered valid). - + {reuse_sessions, boolean()} +

Specifies if the server is to agree to reuse sessions + when requested by the clients. See also option reuse_session. +

- {reuse_sessions, boolean()} - Specifies if the server should agree to reuse sessions - when the clients request to do so. See also the reuse_session - option. - - - {reuse_session, fun(SuggestedSessionId, - PeerCert, Compression, CipherSuite) -> boolean()} - Enables the ssl server to have a local policy - for deciding if a session should be reused or not, - only meaningful if reuse_sessions is set to true. - SuggestedSessionId is a binary(), PeerCert is a DER encoded - certificate, Compression is an enumeration integer - and CipherSuite is of type ciphersuite(). - + {reuse_session, fun(SuggestedSessionId, + PeerCert, Compression, CipherSuite) -> boolean()} +

Enables the SSL server to have a local policy + for deciding if a session is to be reused or not. + Meaningful only if reuse_sessions is set to true. + SuggestedSessionId is a binary(), PeerCert is + a DER-encoded certificate, Compression is an enumeration integer, + and CipherSuite is of type ciphersuite().

 {alpn_preferred_protocols, [binary()]} @@ -573,65 +607,62 @@ fun(srp, Username :: string(), UserState :: term()) ->

The negotiated protocol can be retrieved using the negotiated_protocol/1 function.

 - {next_protocols_advertised, Protocols :: [binary()]} - The list of protocols to send to the client if the client indicates - it supports the Next Protocol extension. The client may select a protocol + {next_protocols_advertised, Protocols :: [binary()]} +

List of protocols to send to the client if the client indicates that + it supports the Next Protocol extension. The client can select a protocol that is not on this list. The list of protocols must not contain an empty - binary. If the server negotiates a Next Protocol it can be accessed - using negotiated_protocol/1 function. - + binary. If the server negotiates a Next Protocol, it can be accessed + using the negotiated_next_protocol/1 method.

 - {psk_identity, string()} - Specifies the server identity hint the server presents to the client. - - {log_alert, boolean()} - If false, error reports will not be displayed. - {honor_cipher_order, boolean()} - If true, use the server's preference for cipher selection. If false - (the default), use the client's preference. - + {psk_identity, string()} +

Specifies the server identity hint, which the server presents to + the client.

 + + {log_alert, boolean()} +

If set to false, error reports are not displayed.

 + + {honor_cipher_order, boolean()} +

If set to true, use the server preference for cipher + selection. If set to false (the default), use the client + preference.

 + +
General -

When an ssl socket is in active mode (the default), data from the +

When an SSL socket is in active mode (the default), data from the socket is delivered to the owner of the socket in the form of - messages: -

+ messages:

+ - {ssl, Socket, Data} - - {ssl_closed, Socket} - - - {ssl_error, Socket, Reason} - +

{ssl, Socket, Data}

 +

{ssl_closed, Socket}

 +

{ssl_error, Socket, Reason}

 - -

A Timeout argument specifies a timeout in milliseconds. The - default value for a Timeout argument is infinity. -

+ +

A Timeout argument specifies a time-out in milliseconds. The + default value for argument Timeout is infinity.

cipher_suites() -> cipher_suites(Type) -> ciphers() - Returns a list of supported cipher suites + Returns a list of supported cipher suites. Type = erlang | openssl | all -

Returns a list of supported cipher suites. - cipher_suites() is equivalent to cipher_suites(erlang). - Type openssl is provided for backwards compatibility with - old ssl that used openssl. cipher_suites(all) returns + cipher_suites() is equivalent to cipher_suites(erlang). + Type openssl is provided for backwards compatibility with the + old SSL, which used OpenSSL. cipher_suites(all) returns all available cipher suites. The cipher suites not present - in cipher_suites(erlang) but in included in cipher_suites(all) - will not be used unless explicitly configured by the user. -

+ in cipher_suites(erlang) but included in + cipher_suites(all) are not used unless explicitly configured + by the user.

 @@ -651,17 +682,17 @@ fun(srp, Username :: string(), UserState :: term()) -> connect(Socket, SslOptions) -> connect(Socket, SslOptions, Timeout) -> {ok, SslSocket} | {error, Reason} - Upgrades a gen_tcp, or - equivalent, connected socket to an ssl socket. + Upgrades a gen_tcp, or + equivalent, connected socket to an SSL socket. - Socket = socket() - SslOptions = [ssloption()] + Socket = socket() + SslOptions = [ssloption()] Timeout = integer() | infinity SslSocket = sslsocket() Reason = term() -

Upgrades a gen_tcp, or equivalent, - connected socket to an ssl socket i.e. performs the +

Upgrades a gen_tcp, or equivalent, + connected socket to an SSL socket, that is, performs the client-side ssl handshake.

 @@ -670,7 +701,7 @@ fun(srp, Username :: string(), UserState :: term()) -> connect(Host, Port, Options) -> connect(Host, Port, Options, Timeout) -> {ok, SslSocket} | {error, Reason} - Opens an ssl connection to Host, Port. + Opens an SSL connection to Host, Port. Host = host() Port = integer() @@ -679,72 +710,70 @@ fun(srp, Username :: string(), UserState :: term()) -> SslSocket = sslsocket() Reason = term() -

Opens an ssl connection to Host, Port.

 +

Opens an SSL connection to Host, Port.

 close(SslSocket) -> ok | {error, Reason} - Close an ssl connection + Closes an SSL connection. SslSocket = sslsocket() Reason = term() -

Close an ssl connection.

+

Closes an SSL connection.

+ + + + + connection_info(SslSocket) -> + {ok, {ProtocolVersion, CipherSuite}} | {error, Reason} + Returns the Negotiated Protocol version and cipher suite. + + + CipherSuite = ciphersuite() + ProtocolVersion = protocol() + +

Returns the Negotiated Protocol version and cipher suite.

 controlling_process(SslSocket, NewOwner) -> ok | {error, Reason} - Assigns a new controlling process to the - ssl-socket. - + SSL socket. SslSocket = sslsocket() NewOwner = pid() Reason = term() -

Assigns a new controlling process to the ssl-socket. A - controlling process is the owner of an ssl-socket, and receives - all messages from the socket.

+

Assigns a new controlling process to the SSL socket. A + controlling process is the owner of an SSL socket, and receives + all messages from the socket.

 - connection_info(SslSocket) -> - {ok, {ProtocolVersion, CipherSuite}} | {error, Reason} - Returns the negotiated protocol version and cipher suite. - - - CipherSuite = ciphersuite() - ProtocolVersion = protocol() - -

Returns the negotiated protocol version and cipher suite.

- - - - format_error(Reason) -> string() - Return an error string. + Returns an error string. Reason = term() -

Presents the error returned by an ssl function as a printable string.

+

Presents the error returned by an SSL function as a printable string.

 getopts(Socket, OptionNames) -> {ok, [socketoption()]} | {error, Reason} - Get the value of the specified options. + Gets the values of the specified options. Socket = sslsocket() OptionNames = [atom()] -

Get the value of the specified socket options. +

Gets the values of the specified socket options.

@@ -752,34 +781,47 @@ fun(srp, Username :: string(), UserState :: term()) -> listen(Port, Options) -> {ok, ListenSocket} | {error, Reason} - Creates an ssl listen socket. + Creates an SSL listen socket. Port = integer() Options = options() ListenSocket = sslsocket() -

Creates an ssl listen socket.

+

Creates an SSL listen socket.

+ + + + + negotiated_next_protocol(Socket) -> {ok, Protocol} | {error, next_protocol_not_negotiated} + Returns the Next Protocol negotiated. + + Socket = sslsocket() + Protocol = binary() + + +

Returns the Next Protocol negotiated.

 peercert(Socket) -> {ok, Cert} | {error, Reason} - Return the peer certificate. + Returns the peer certificate. Socket = sslsocket() Cert = binary() -

The peer certificate is returned as a DER encoded binary. - The certificate can be decoded with public_key:pkix_decode_cert/2. -

+

The peer certificate is returned as a DER-encoded binary. + The certificate can be decoded with + public_key:pkix_decode_cert/2.

 + peername(Socket) -> {ok, {Address, Port}} | {error, Reason} - Return peer address and port. + Returns the peer address and port. Socket = sslsocket() Address = ipaddress() @@ -789,12 +831,32 @@ fun(srp, Username :: string(), UserState :: term()) ->

Returns the address and port number of the peer.

 + + + prf(Socket, Secret, Label, Seed, WantedLength) -> {ok, binary()} | {error, reason()} + Uses a session Pseudo-Random Function to generate key material. + + Socket = sslsocket() + Secret = binary() | master_secret + Label = binary() + Seed = [binary() | prf_random()] + WantedLength = non_neg_integer() + + +

Uses the Pseudo-Random Function (PRF) of a TLS session to generate + extra key material. It either takes user-generated values for + Secret and Seed or atoms directing it to use a specific + value from the session security parameters.

+

Can only be used with TLS connections; {error, undefined} + is returned for SSLv3 connections.

+ + recv(Socket, Length) -> recv(Socket, Length, Timeout) -> {ok, Data} | {error, Reason} - Receive data on a socket. + Receives data on a socket. Socket = sslsocket() Length = integer() @@ -802,63 +864,43 @@ fun(srp, Username :: string(), UserState :: term()) -> Data = [char()] | binary() -

This function receives a packet from a socket in passive - mode. A closed socket is indicated by a return value +

Receives a packet from a socket in passive + mode. A closed socket is indicated by return value {error, closed}.

-

The Length argument is only meaningful when - the socket is in raw mode and denotes the number of +

Argument Length is meaningful only when + the socket is in mode raw and denotes the number of bytes to read. If Length = 0, all available bytes are returned. If Length > 0, exactly Length bytes are returned, or an error; possibly discarding less than Length bytes of data when the socket gets closed from the other side.

-

The optional Timeout parameter specifies a timeout in +

Optional argument Timeout specifies a time-out in milliseconds. The default value is infinity.

 - - prf(Socket, Secret, Label, Seed, WantedLength) -> {ok, binary()} | {error, reason()} - Use a sessions pseudo random function to generate key material. - - Socket = sslsocket() - Secret = binary() | master_secret - Label = binary() - Seed = [binary() | prf_random()] - WantedLength = non_neg_integer() - - -

Use the pseudo random function (PRF) of a TLS session to generate - additional key material. It either takes user generated values for - Secret and Seed or atoms directing it use a specific - value from the session security parameters.

-

This function can only be used with TLS connections, {error, undefined} - is returned for SSLv3 connections.

- - - renegotiate(Socket) -> ok | {error, Reason} - Initiates a new handshake. + Initiates a new handshake. Socket = sslsocket()

Initiates a new handshake. A notable return value is {error, renegotiation_rejected} indicating that the peer - refused to go through with the renegotiation but the connection + refused to go through with the renegotiation, but the connection is still active using the previously negotiated session.

 send(Socket, Data) -> ok | {error, Reason} - Write data to a socket. + Writes data to a socket. Socket = sslsocket() Data = iodata() -

Writes Data to Socket.

+

Writes Data to Socket.

A notable return value is {error, closed} indicating that the socket is closed.

 @@ -866,31 +908,31 @@ fun(srp, Username :: string(), UserState :: term()) -> setopts(Socket, Options) -> ok | {error, Reason} - Set socket options. + Sets socket options. Socket = sslsocket() Options = [socketoption]() -

Sets options according to Options for the socket - Socket.

+

Sets options according to Options for socket + Socket.

 shutdown(Socket, How) -> ok | {error, Reason} - Immediately close a socket + Immediately closes a socket. Socket = sslsocket() How = read | write | read_write Reason = reason() -

Immediately close a socket in one or two directions.

+

Immediately closes a socket in one or two directions.

How == write means closing the socket for writing, reading from it is still possible.

To be able to handle that the peer has done a shutdown on - the write side, the {exit_on_close, false} option + the write side, option {exit_on_close, false} is useful.

 @@ -898,16 +940,16 @@ fun(srp, Username :: string(), UserState :: term()) -> ssl_accept(Socket) -> ssl_accept(Socket, Timeout) -> ok | {error, Reason} - Perform server-side SSL/TLS handshake + Performs server-side SSL/TLS handshake. Socket = sslsocket() Timeout = integer() Reason = term() -

Performs the SSL/TLS server-side handshake Socket is a socket as returned - by ssl:transport_accept/[1,2] +

Performs the SSL/TLS server-side handshake.

+

Socket is a socket as returned by + ssl:transport_accept/[1,2]

@@ -915,7 +957,7 @@ fun(srp, Username :: string(), UserState :: term()) -> ssl_accept(Socket, SslOptions) -> ssl_accept(Socket, SslOptions, Timeout) -> {ok, Socket} | ok | {error, Reason} - Perform server-side SSL/TLS handshake + Performs server-side SSL/TLS handshake. Socket = socket() | sslsocket() SslOptions = ssloptions() @@ -923,17 +965,19 @@ fun(srp, Username :: string(), UserState :: term()) -> Reason = term() -

If Socket is a socket() - upgrades a gen_tcp, or equivalent, socket to an ssl socket - i.e. performs the SSL/TLS server-side handshake and returns the ssl socket. -

+

If Socket is a socket(): upgrades a gen_tcp, + or equivalent, socket to an SSL socket, that is, performs + the SSL/TLS server-side handshake and returns the SSL socket.

-

Note that the listen socket should be in {active, false} mode +

The listen socket is to be in mode {active, false} before telling the client that the server is ready to upgrade - by calling this function, otherwise the upgrade may - or may not succeed depending on timing.

 + by calling this function, else the upgrade succeeds or does not + succeed depending on timing.

-

If Socket is an sslsocket() - provides additional SSL/TLS options to those specified in ssl:listen/2 and then performs the SSL/TLS handshake. +

If Socket is an sslsocket(): provides extra SSL/TLS + options to those specified in + ssl:listen/2 and then performs + the SSL/TLS handshake.

@@ -941,14 +985,14 @@ fun(srp, Username :: string(), UserState :: term()) -> sockname(Socket) -> {ok, {Address, Port}} | {error, Reason} - Return the local address and port. + Returns the local address and port. Socket = sslsocket() Address = ipaddress() Port = integer() -

Returns the local address and port number of the socket +

Returns the local address and port number of socket Socket.

 @@ -956,22 +1000,21 @@ fun(srp, Username :: string(), UserState :: term()) -> start() -> start(Type) -> ok | {error, Reason} - Starts the Ssl application. + Starts the sslapplication. - Type = permanent | transient | temporary + Type = permanent | transient | temporary -

Starts the Ssl application. Default type - is temporary. - application(3)

+

Starts the ssl application. Default type + is temporary.

 + stop() -> ok - Stops the Ssl application. + Stops the ssl application. -

Stops the Ssl application. - application(3)

+

Stops the ssl application.

 @@ -979,8 +1022,8 @@ fun(srp, Username :: string(), UserState :: term()) -> transport_accept(ListenSocket) -> transport_accept(ListenSocket, Timeout) -> {ok, NewSocket} | {error, Reason} - Accept an incoming connection and - prepare for ssl_accept + Accepts an incoming connection and + prepares for ssl_accept. ListenSocket = NewSocket = sslsocket() Timeout = integer() @@ -989,23 +1032,22 @@ fun(srp, Username :: string(), UserState :: term()) ->

Accepts an incoming connection request on a listen socket. ListenSocket must be a socket returned from - ssl:listen/2. - The socket returned should be passed to + ssl:listen/2. + The socket returned is to be passed to ssl:ssl_accept[2,3] - to complete handshaking i.e + to complete handshaking, that is, establishing the SSL/TLS connection.

The socket returned can only be used with - ssl:ssl_accept[2,3] - no traffic can be sent or received before that call.

+ ssl:ssl_accept[2,3]. + No traffic can be sent or received before that call.

The accepted socket inherits the options set for - ListenSocket in ssl:listen/2.

+ ListenSocket in + ssl:listen/2.

The default value for Timeout is infinity. If - Timeout is specified, and no connection is accepted + Timeout is specified and no connection is accepted within the given time, {error, timeout} is returned.

 @@ -1014,34 +1056,31 @@ fun(srp, Username :: string(), UserState :: term()) -> versions() -> [versions_info()] Returns version information relevant for the - ssl application. + ssl application. versions_info() = {app_vsn, string()} | {supported | available, [protocol()] -

- Returns version information relevant for the - ssl application. -

+

Returns version information relevant for the ssl + application.

app_vsn - The application version of the OTP ssl application. + The application version of the ssl application. supported - TLS/SSL versions supported by default. - Overridden by a versions option on - connect/[2,3,4], listen/2 and ssl_accept/[1,2,3]. For the - negotiated TLS/SSL version see connect/[2,3,4], + listen/2, and ssl_accept/[1,2,3]. + For the negotiated TLS/SSL version, see ssl:connection_info/1 - - + . + available - All TLS/SSL versions that the Erlang ssl application - can support. Note that TLS 1.2 requires sufficient support - from the crypto application. + All TLS/SSL versions supported by the ssl application. + TLS 1.2 requires sufficient support from the crypto + application. @@ -1063,8 +1102,8 @@ fun(srp, Username :: string(), UserState :: term()) ->
SEE ALSO -

inet(3) and - gen_tcp(3) +

inet(3) and + gen_tcp(3)

diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index e3a3fc27f2..2b2d08124f 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -22,66 +22,60 @@ ssl + + + + ssl_app.sgml
ssl - The SSL application provides secure communication over + The ssl application provides secure communication over sockets. +
DEPENDENCIES -

The ssl application uses the Erlang applications public_key and - crypto to handle public keys and encryption, hence these - applications needs to be loaded for the ssl application to work. In - an embedded environment that means they need to be started with - application:start/[1,2] before the ssl application is started. -

+

The ssl application uses the public_key and + crypto application to handle public keys and encryption, hence + these applications must be loaded for the ssl application to work. + In an embedded environment this means they must be started with + application:start/[1,2] before the ssl application is + started.

- ENVIRONMENT -

The following application environment configuration parameters - are defined for the SSL application. See application(3)for more - information about configuration parameters. -

-

Note that the environment parameters can be set on the command line, - for instance,

-

erl ... -ssl protocol_version '[sslv3, tlsv1]' .... -

+ CONFIGURATION +

The application environment configuration parameters in this section + are defined for the ssl application. For more information + about configuration parameters, see the + application(3) + manual page in kernel.

+ +

The environment parameters can be set on the command line, + for example:

+ +

erl ... -ssl protocol_version '[sslv3, tlsv1]' ....

+ ]]>. - -

Protocol that will be supported by started clients and - servers. If this option is not set it will default to all - protocols currently supported by the erlang ssl application. - Note that this option may be overridden by the version option - to ssl:connect/[2,3] and ssl:listen/2. -

- +

Protocol supported by started clients and + servers. If this option is not set, it defaults to all + protocols currently supported by the ssl application. + This option can be overridden by the version option + to ssl:connect/[2,3] and ssl:listen/2.

 ]]> - -

The lifetime of session data in seconds. -

- +

Lifetime of the session data in seconds.

 - ]]> - -

- Name of session cache callback module that implements - the ssl_session_cache_api behavior, defaults to - ssl_session_cache.erl. -

- + ]]> +

Name of the session cache callback module that implements + the ssl_session_cache_api behavior. Defaults to + ssl_session_cache.erl.

 ]]> - -

- List of additional user defined arguments to the init function in session cache - callback module, defaults to []. -

- + +

List of extra user-defined arguments to the init function + in the session cache callback module. Defaults to [].

 ]]> @@ -95,6 +89,11 @@
+
+ ERROR LOGGER AND EVENT HANDLERS +

The ssl applications has no error logger or event handlers.

+
+
SEE ALSO

application(3)

diff --git a/lib/ssl/doc/src/ssl_distribution.xml b/lib/ssl/doc/src/ssl_distribution.xml index 4b4d042f70..6d1a2f9ccc 100644 --- a/lib/ssl/doc/src/ssl_distribution.xml +++ b/lib/ssl/doc/src/ssl_distribution.xml @@ -31,23 +31,20 @@ B ssl_distribution.xml
-

This chapter describes how the Erlang distribution can use - SSL to get additional verification and security. -

+

This section describes how the Erlang distribution can use + SSL to get extra verification and security.

-
- Introduction -

The Erlang distribution can in theory use almost any connection - based protocol as bearer. A module that implements the protocol - specific parts of the connection setup is however needed. The - default distribution module is inet_tcp_dist which is - included in the Kernel application. When starting an +

The Erlang distribution can in theory use almost any + connection-based protocol as bearer. However, a module that + implements the protocol-specific parts of the connection setup is + needed. The default distribution module is inet_tcp_dist + in the kernel application. When starting an Erlang node distributed, net_kernel uses this module to - setup listen ports and connections.

+ set up listen ports and connections.

-

In the SSL application there is an additional distribution - module, inet_tls_dist which can be used as an - alternative. All distribution connections will be using SSL and +

In the ssl application, an exra distribution + module, inet_tls_dist, can be used as an + alternative. All distribution connections will use SSL and all participating Erlang nodes in a distributed system must use this distribution module.

@@ -55,35 +52,45 @@ SSL connection setup. Erlang node cookies are however always used, as they can be used to differentiate between two different Erlang networks.

-

Setting up Erlang distribution over SSL involves some simple but - necessary steps:

+ +

To set up Erlang distribution over SSL:

- Building boot scripts including the SSL application - Specifying the distribution module for net_kernel - Specifying security options and other SSL options + Step 1: Build boot scripts including the + ssl application. + Step 2: Specify the distribution module for + net_kernel. + Step 3: Specify the security options and other + SSL options. + Step 4: Set up the environment to always use SSL. -

The rest of this chapter describes the above mentioned steps in - more detail.

-
+ +

The following sections describe these steps.

- Building boot scripts including the SSL application + Building Boot Scripts Including the ssl Application

Boot scripts are built using the systools utility in the - SASL application. Refer to the SASL documentations - for more information on systools. This is only an example of + sasl application. For more information on systools, + see the sasl documentation. This is only an example of what can be done.

-

The simplest boot script possible includes only the Kernel - and STDLIB applications. Such a script is located in the - Erlang distributions bin directory. The source for the script - can be found under the Erlang installation top directory under - /start_clean.rel]]>. Copy that - script to another location (and preferably another name) - and add the applications crypto, public_key and SSL with their current version numbers - after the STDLIB application.

-

An example .rel file with SSL added may look like this:

+

The simplest boot script possible includes only the kernel + and stdlib applications. Such a script is located in the + bin directory of the Erlang distribution. The source for the + script is found under the Erlang installation top directory under + /start_clean.rel]]>.

+ +

Do the following:

+ +

Copy that script to another location (and preferably another + name).

 +

Add the applications crypto, public_key, and + ssl with their current version numbers after the + stdlibapplication.

 + +

The following shows an example .rel file with ssl + added:

{release, {"OTP APN 181 01","R15A"}, {erts, "5.9"}, [{kernel,"2.15"}, @@ -94,23 +101,29 @@ ]}. -

Note that the version numbers surely will differ in your system. - Whenever one of the applications included in the script is - upgraded, the script has to be changed.

-

Assuming the above .rel file is stored in a file - start_ssl.rel in the current directory, a boot script - can be built like this:

+

The version numbers differ in your system. Whenever one of the + applications included in the script is upgraded, change the script.

+

Do the following:

+ +

Build the boot script.

+

Assuming the .rel file is stored in a file + start_ssl.rel in the current directory, a boot script + can be built as follows:

 + 1> systools:make_script("start_ssl",[]). -

There will now be a file start_ssl.boot in the current - directory. To test the boot script, start Erlang with the - -boot command line parameter specifying this boot script - (with its full path but without the .boot suffix), in - Unix it could look like this:

-

+

There is now a start_ssl.boot file in the current + directory.

+

Do the following:

+ +

Test the boot script. To do this, start Erlang with the + -boot command-line parameter specifying this boot script + (with its full path, but without the .boot suffix). In + UNIX it can look as follows:

 + whereis(ssl_manager). <0.41.0> ]]> -

The whereis function call verifies that the SSL - application is really started.

- -

As an alternative to building a bootscript, one can explicitly - add the path to the SSL ebin directory on the command - line. This is done with the command line option -pa. This - works as the SSL application does not need to be started for the - distribution to come up, as a clone of the SSL application is - hooked into the kernel application, so as long as the - SSL applications code can be reached, the distribution will - start. The -pa method is only recommended for testing - purposes.

- -

Note that the clone of the SSL application is necessary to + +

The whereis function-call verifies that the ssl + application is started.

+ +

As an alternative to building a bootscript, you can explicitly + add the path to the ssl ebin directory on the command + line. This is done with command-line option -pa. This + works as the ssl application does not need to be started for the + distribution to come up, as a clone of the ssl application is + hooked into the kernel application. So, as long as the + ssl application code can be reached, the distribution starts. + The -pa method is only recommended for testing purposes.

+ +

The clone of the ssl application must enable the use of the SSL code in such an early bootstage as - needed to setup the distribution, however this will make it - impossible to soft upgrade the SSL application.

 + needed to set up the distribution. However, this makes it + impossible to soft upgrade the ssl application.
- Specifying distribution module for net_kernel -

The distribution module for SSL is named inet_tls_dist - and is specified on the command line with the -proto_dist - option. The argument to -proto_dist should be the module - name without the _dist suffix, so this distribution + Specifying Distribution Module for net_kernel +

The distribution module for ssl is named inet_tls_dist + and is specified on the command line with option -proto_dist. + The argument to -proto_dist is to be the module + name without suffix _dist. So, this distribution module is specified with -proto_dist inet_tls on the command line.

-

-

Extending the command line from above gives us the following:

+

Extending the command line gives the following:

$ erl -boot /home/me/ssl/start_ssl -proto_dist inet_tls -

For the distribution to actually be started, we need to give -the emulator a name as well:

+

For the distribution to be started, give the emulator a name as well:

$ erl -boot /home/me/ssl/start_ssl -proto_dist inet_tls -sname ssl_test Erlang (BEAM) emulator version 5.0 [source] Eshell V5.0 (abort with ^G) (ssl_test@myhost)1> -

Note however that a node started in this way will refuse to talk - to other nodes, as no ssl parameters are supplied - (see below).

+ +

However, a node started in this way refuses to talk + to other nodes, as no ssl parameters are supplied + (see the next section).

- Specifying SSL options

For SSL to work, at least - a public key and certificate needs to be specified for the server - side. In the following example the PEM-files consists of two - entries the servers certificate and its private key.

- -

On the erl command line one can specify options that the - SSL distribution will add when creating a socket.

- -

One can specify the simpler SSL options certfile, keyfile, - password, cacertfile, verify, reuse_sessions, - secure_renegotiate, depth, hibernate_after and ciphers (use old - string format) by adding the prefix server_ or client_ to the - option name. The server can also take the options dhfile and - fail_if_no_peer_cert (also prefixed). - client_-prfixed options are used when the distribution initiates a - connection to another node and the server_-prefixed options are used - when accepting a connection from a remote node.

- -

More complex options such as verify_fun are not available at - the moment but a mechanism to handle such options may be added in - a future release.

- -

Raw socket options such as packet and size must not be specified on - the command line

. - -

The command line argument for specifying the SSL options is named - -ssl_dist_opt and should be followed by pairs of - SSL options and their values. The -ssl_dist_opt argument can + Specifying SSL Options +

For SSL to work, at least + a public key and a certificate must be specified for the server + side. In the following example, the PEM-files consist of two + entries, the server certificate and its private key.

+ +

On the erl command line you can specify options that the + SSL distribution adds when creating a socket.

+ +

The simplest SSL options in the following list can be specified + by adding the + prefix server_ or client_ to the option name:

+ + certfile + keyfile + password + cacertfile + verify + reuse_sessions + secure_renegotiate + depth + hibernate_after + ciphers (use old string format) + + +

The server can also take the options dhfile and + fail_if_no_peer_cert (also prefixed).

+ +

client_-prefixed options are used when the distribution + initiates a connection to another node. server_-prefixed + options are used when accepting a connection from a remote node.

+ +

More complex options, such as verify_func>, are currently not + available, but a mechanism to handle such options may be added in + a future release.

+ +

Raw socket options, such as packet and size must not + be specified on the command line.

+ +

The command-line argument for specifying the SSL options is named + -ssl_dist_opt and is to be followed by pairs of + SSL options and their values. Argument -ssl_dist_opt can be repeated any number of times.

-

An example command line would now look something like this +

An example command line can now look as follows (line breaks in the command are for readability, - they should not be there when typed):

+ and are not be there when typed):

$ erl -boot /home/me/ssl/start_ssl -proto_dist inet_tls -ssl_dist_opt server_certfile "/home/me/ssl/erlserver.pem" @@ -207,20 +233,20 @@ Erlang (BEAM) emulator version 5.0 [source] Eshell V5.0 (abort with ^G) (ssl_test@myhost)1> -

A node started in this way will be fully functional, using SSL +

A node started in this way is fully functional, using SSL as the distribution protocol.

- Setting up environment to always use SSL -

A convenient way to specify arguments to Erlang is to use the - ERL_FLAGS environment variable. All the flags needed to - use SSL distribution can be specified in that variable and will - then be interpreted as command line arguments for all + Setting up Environment to Always Use SSL +

A convenient way to specify arguments to Erlang is to use environment + variable ERL_FLAGS. All the flags needed to + use the SSL distribution can be specified in that variable and are + then interpreted as command-line arguments for all subsequent invocations of Erlang.

-

-

In a Unix (Bourne) shell it could look like this (line breaks for - readability, they should not be there when typed):

+ +

In a Unix (Bourne) shell, it can look as follows (line breaks are for + readability, they are not to be there when typed):

$ ERL_FLAGS="-boot /home/me/ssl/start_ssl -proto_dist inet_tls -ssl_dist_opt server_certfile /home/me/ssl/erlserver.pem @@ -240,7 +266,8 @@ Eshell V5.0 (abort with ^G) {ssl_dist_opt,["server_secure_renegotiate","true", "client_secure_renegotiate","true"] {home,["/home/me"]}] +

The init:get_arguments() call verifies that the correct - arguments are supplied to the emulator.

+ arguments are supplied to the emulator.

 diff --git a/lib/ssl/doc/src/ssl_introduction.xml b/lib/ssl/doc/src/ssl_introduction.xml new file mode 100644 index 0000000000..6138749b79 --- /dev/null +++ b/lib/ssl/doc/src/ssl_introduction.xml @@ -0,0 +1,54 @@ + + + + +
+ + 2015 + 2015 + Ericsson AB, All Rights Reserved + + + The contents of this file are subject to the Erlang Public License, + Version 1.1, (the "License"); you may not use this file except in + compliance with the License. You should have received a copy of the + Erlang Public License along with this software. If not, it can be + retrieved online at http://www.erlang.org/. + + Software distributed under the License is distributed on an "AS IS" + basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See + the License for the specific language governing rights and limitations + under the License. + + The Initial Developer of the Original Code is Ericsson AB. + + + Introduction + OTP team + + 2015-03-05 + A + ssl_introduction.xml +
+ +
+ Purpose +

Transport Layer Security (TLS) and its predecessor, the Secure + Sockets Layer (SSL) are cryptographic protocols designed to + provide communications security over a computer network. They + use x.509 certificates and hence asymmetric cryptography to + authenticate the counterparty with whom they are communicating, + and to exchange a symmetric key. This session key is then used + to encrypt data flowing between the parties. This allows for + data/message confidentiality, and message authentication codes + for message integrity.

+
+ +
+ Prerequisites +

It is assumed that the reader is familiar with the Erlang + programming language, the concepts of OTP, and has a basic + understanding of SSL/TSP.

+
+ + diff --git a/lib/ssl/doc/src/ssl_protocol.xml b/lib/ssl/doc/src/ssl_protocol.xml index 80d9cc4ee8..79162389ae 100644 --- a/lib/ssl/doc/src/ssl_protocol.xml +++ b/lib/ssl/doc/src/ssl_protocol.xml @@ -21,33 +21,42 @@ - Transport Layer Security (TLS) and its predecessor, Secure Socket Layer (SSL) + TLS and its Predecessor, SSL + + + + + + + ssl_protocol.xml
-

The erlang SSL application currently implements the protocol SSL/TLS - for currently supported versions see ssl(3) +

The Erlang ssl application implements the SSL/TLS protocol + for the currently supported versions, see the + ssl(3) manual page.

-

By default erlang SSL is run over the TCP/IP protocol even - though you could plug in any other reliable transport protocol - with the same API as gen_tcp.

+

By default ssl is run over the TCP/IP protocol even + though you can plug in any other reliable transport protocol + with the same Application Programming Interface (API) as the + gen_tcp module in kernel.

-

If a client and server wants to use an upgrade mechanism, such as - defined by RFC2817, to upgrade a regular TCP/IP connection to an SSL - connection the erlang SSL API supports this. This can be useful for - things such as supporting HTTP and HTTPS on the same port and +

If a client and a server wants to use an upgrade mechanism, such as + defined by RFC 2817, to upgrade a regular TCP/IP connection to an SSL + connection, this is supported by the Erlang ssl API. This can be + useful for, for example, supporting HTTP and HTTPS on the same port and implementing virtual hosting.

- Security overview + Security Overview -

To achieve authentication and privacy the client and server will - perform a TLS Handshake procedure before transmitting or receiving - any data. During the handshake they agree on a protocol version and - cryptographic algorithms, they generate shared secrets using public - key cryptographics and optionally authenticate each other with +

To achieve authentication and privacy, the client and server + perform a TLS handshake procedure before transmitting or receiving + any data. During the handshake, they agree on a protocol version and + cryptographic algorithms, generate shared secrets using public + key cryptographies, and optionally authenticate each other with digital certificates.

@@ -55,20 +64,21 @@ Data Privacy and Integrity

A symmetric key algorithm has one key only. The key is - used for both encryption and decryption. These algorithms are fast - compared to public key algorithms (using two keys, a public and a - private one) and are therefore typically used for encrypting bulk + used for both encryption and decryption. These algorithms are fast, + compared to public key algorithms (using two keys, one public and one + private) and are therefore typically used for encrypting bulk data.

The keys for the symmetric encryption are generated uniquely for each connection and are based on a secret negotiated - in the TLS handshake.

+ in the TLS handshake.

-

The TLS handshake protocol and data transfer is run on top of - the TLS Record Protocol that uses a keyed-hash MAC (Message - Authenticity Code), or HMAC, to protect the message's data - integrity. From the TLS RFC "A Message Authentication Code is a +

The TLS handshake protocol and data transfer is run on top of + the TLS Record Protocol, which uses a keyed-hash Message + Authenticity Code (MAC), or a Hash-based MAC (HMAC), + to protect the message data + integrity. From the TLS RFC: "A Message Authentication Code is a one-way hash computed from a message and some secret data. It is difficult to forge without knowing the secret data. Its purpose is to detect if the message has been altered." @@ -82,15 +92,14 @@ passport. The holder of the certificate is called the subject. The certificate is signed with the private key of the issuer of the certificate. A chain - of trust is build by having the issuer in its turn being - certified by another certificate and so on until you reach the - so called root certificate that is self signed i.e. issued + of trust is built by having the issuer in its turn being + certified by another certificate, and so on, until you reach the + so called root certificate, which is self-signed, that is, issued by itself.

-

Certificates are issued by certification - authorities (CAs) only. There are a handful of - top CAs in the world that issue root certificates. You can - examine the certificates of several of them by clicking +

Certificates are issued by Certification Authorities (CAs) only. + A handful of top CAs in the world issue root certificates. You can + examine several of these certificates by clicking through the menus of your web browser.

@@ -99,23 +108,27 @@ Authentication of Sender

Authentication of the sender is done by public key path - validation as defined in RFC 3280. Simplified that means that - each certificate in the certificate chain is issued by the one - before, the certificates attributes are valid ones, and the - root cert is a trusted cert that is present in the trusted - certs database kept by the peer.

+ validation as defined in RFC 3280. This means basically + the following:

+ + Each certificate in the certificate chain is issued by the + previous one. + The certificates attributes are valid. + The root certificate is a trusted certificate that is present + in the trusted certificate database kept by the peer./ + -

The server will always send a certificate chain as part of - the TLS handshake, but the client will only send one if - the server requests it. If the client does not have - an appropriate certificate it may send an "empty" certificate +

The server always sends a certificate chain as part of + the TLS handshake, but the client only sends one if requested + by the server. If the client does not have + an appropriate certificate, it can send an "empty" certificate to the server.

-

The client may choose to accept some path evaluation errors - for instance a web browser may ask the user if they want to - accept an unknown CA root certificate. The server, if it request - a certificate, will on the other hand not accept any path validation - errors. It is configurable if the server should accept +

The client can choose to accept some path evaluation errors, + for example, a web browser can ask the user whether to + accept an unknown CA root certificate. The server, if it requests + a certificate, does however not accept any path validation + errors. It is configurable if the server is to accept or reject an "empty" certificate as response to a certificate request.

@@ -123,25 +136,24 @@
TLS Sessions -

From the TLS RFC "A TLS session is an association between a - client and a server. Sessions are created by the handshake +

From the TLS RFC: "A TLS session is an association between a + client and a server. Sessions are created by the handshake protocol. Sessions define a set of cryptographic security parameters, which can be shared among multiple connections. Sessions are used to avoid the expensive negotiation of new security parameters for each connection."

-

Session data is by default kept by the SSL application in a - memory storage hence session data will be lost at application - restart or takeover. Users may define their own callback module +

Session data is by default kept by the ssl application in a + memory storage, hence session data is lost at application + restart or takeover. Users can define their own callback module to handle session data storage if persistent data storage is - required. Session data will also be invalidated after 24 hours - from it was saved, for security reasons. It is of course - possible to configure the amount of time the session data should be - saved.

+ required. Session data is also invalidated after 24 hours + from it was saved, for security reasons. The amount of time the + session data is to be saved can be configured.

-

SSL clients will by default try to reuse an available session, - SSL servers will by default agree to reuse sessions when clients - ask to do so.

+

By default the SSL clients try to reuse an available session and + by default the SSL servers agree to reuse sessions when clients + ask for it.

diff --git a/lib/ssl/doc/src/ssl_session_cache_api.xml b/lib/ssl/doc/src/ssl_session_cache_api.xml index 9f87d31e90..39db03c91c 100644 --- a/lib/ssl/doc/src/ssl_session_cache_api.xml +++ b/lib/ssl/doc/src/ssl_session_cache_api.xml @@ -21,6 +21,10 @@ ssl + + + + ssl_session_cache_api.xml ssl_session_cache_api @@ -28,35 +32,43 @@ that the data storage scheme can be replaced by defining a new callback module implementing this API. +
- Common Data Types + DATA TYPES -

The following data types are used in the functions below: -

+

The following data types are used in the functions for + ssl_session_cache_api:

-

cache_ref() = opaque()

- -

key() = {partialkey(), session_id()}

- -

partialkey() = opaque()

- -

session_id() = binary()

+ + cache_ref() +

= opaque()

 + + key() +

= {partialkey(), session_id()}

 + + partialkey() +

= opaque()

 + + session_id() +

= binary()

 + + session() +

= opaque()

 + -

session() = opaque()

-
delete(Cache, Key) -> _ - + Deletes a cache entry. - Cache = cache_ref() - Key = key() + Cache = cache_ref() + Key = key() -

Deletes a cache entry. Will only be called from the cache +

Deletes a cache entry. Is only called from the cache handling process.

@@ -69,49 +81,50 @@ -

Calls Fun(Elem, AccIn) on successive elements of the - cache, starting with AccIn == Acc0. Fun/2 must return a new - accumulator which is passed to the next call. The function returns - the final value of the accumulator. Acc0 is returned if the cache is - empty. +

Calls Fun(Elem, AccIn) on successive elements of the + cache, starting with AccIn == Acc0. Fun/2 must + return a new accumulator, which is passed to the next call. + The function returns the final value of the accumulator. + Acc0 is returned if the cache is empty.

init(Args) -> opaque() - Return cache reference + Returns cache reference. Args = proplists:proplist() - Will always include the property {role, client | server}. Currently this - is the only predefined property, there may also be user defined properties. - See also application environment variable - session_cb_init_args - +

Includes property {role, client | server}. + Currently this is the only predefined property, + there can also be user-defined properties. See also + application environment variable + session_cb_init_args. +

Performs possible initializations of the cache and returns - a reference to it that will be used as parameter to the other - API functions. Will be called by the cache handling processes - init function, hence putting the same requirements on it as a - normal process init function. Note that this function will be - called twice when starting the ssl application, once with the - role client and once with the role server, as the ssl application - must be prepared to take on both roles. + a reference to it that is used as parameter to the other + API functions. Is called by the cache handling processes + init function, hence putting the same requirements on it + as a normal process init function. This function is + called twice when starting the ssl application, once with + the role client and once with the role server, as the ssl + application must be prepared to take on both roles.

lookup(Cache, Key) -> Entry - Looks up a cache entry. + Looks up a cache entry. - Cache = cache_ref() - Key = key() - Entry = session() | undefined + Cache = cache_ref() + Key = key() + Entry = session() | undefined -

Looks up a cache entry. Should be callable from any +

Looks up a cache entry. Is to be callable from any process.

@@ -119,14 +132,14 @@ select_session(Cache, PartialKey) -> [session()] - Selects a sessions that could be reused. + Selects sessions that can be reused. - Cache = cache_ref() - PartialKey = partialkey() - Session = session() + Cache = cache_ref() + PartialKey = partialkey() + Session = session() -

Selects a sessions that could be reused. Should be callable +

Selects sessions that can be reused. Is to be callable from any process.

@@ -137,7 +150,7 @@ Called by the process that handles the cache when it is about to terminate. - Cache = term() - as returned by init/0 + Cache = term() - as returned by init/0

Takes care of possible cleanup that is needed when the @@ -148,15 +161,15 @@ update(Cache, Key, Session) -> _ - Caches a new session or updates a already cached one. + Caches a new session or updates an already cached one. - Cache = cache_ref() - Key = key() - Session = session() + Cache = cache_ref() + Key = key() + Session = session() -

Caches a new session or updates a already cached one. Will - only be called from the cache handling process. +

Caches a new session or updates an already cached one. Is + only called from the cache handling process.

diff --git a/lib/ssl/doc/src/usersguide.xml b/lib/ssl/doc/src/usersguide.xml index b1c7190085..6fce022507 100644 --- a/lib/ssl/doc/src/usersguide.xml +++ b/lib/ssl/doc/src/usersguide.xml @@ -23,14 +23,17 @@ SSL User's Guide OTP Team + 2003-05-26 + usersguide.sgml -

The SSL application provides secure communication over +

The Secure Socket Layer (SSL) application provides secure communication over sockets.

+ diff --git a/lib/ssl/doc/src/using_ssl.xml b/lib/ssl/doc/src/using_ssl.xml index cce388d02a..e3ebca9410 100644 --- a/lib/ssl/doc/src/using_ssl.xml +++ b/lib/ssl/doc/src/using_ssl.xml @@ -21,126 +21,129 @@ - Using the SSL API + Using SSL API + + + + + + + using_ssl.xml - -
- General information -

To see relevant version information for ssl you can - call ssl:versions/0

+

To see relevant version information for ssl, call ssl:versions/0.

-

To see all supported cipher suites - call ssl:cipher_suites/0. Note that available cipher suites - for a connection will depend on your certificate. It is also - possible to specify a specific cipher suite(s) that you - want your connection to use. Default is to use the strongest - available.

- -
+

To see all supported cipher suites, call ssl:cipher_suites/0. + The available cipher suites for a connection depend on your certificate. + Specific cipher suites that you want your connection to use can also be + specified. Default is to use the strongest available.

- Setting up connections + Setting up Connections -

Here follows some small example of how to set up client/server connections - using the erlang shell. The returned value of the sslsocket has been abbreviated with - [...] as it can be fairly large and is opaque.

+

This section shows a small example of how to set up client/server connections + using the Erlang shell. The returned value of the sslsocket is abbreviated + with [...] as it can be fairly large and is opaque.

- Minmal example + Minimal Example -

The minimal setup is not the most secure setup of ssl.

+

The minimal setup is not the most secure setup of SSL.

 - -

Start server side

+ +

To set up client/server connections:

+ +

Step 1: Start the server side:

1 server> ssl:start(). ok -

Create an ssl listen socket

+

Step 2: Create an SSL listen socket:

2 server> {ok, ListenSocket} = ssl:listen(9999, [{certfile, "cert.pem"}, {keyfile, "key.pem"},{reuseaddr, true}]). {ok,{sslsocket, [...]}} -

Do a transport accept on the ssl listen socket

+

Step 3: Do a transport accept on the SSL listen socket:

3 server> {ok, Socket} = ssl:transport_accept(ListenSocket). {ok,{sslsocket, [...]}} -

Start client side

+

Step 4: Start the client side:

1 client> ssl:start(). ok 2 client> {ok, Socket} = ssl:connect("localhost", 9999, [], infinity). {ok,{sslsocket, [...]}} -

Do the ssl handshake

+

Step 5: Do the SSL handshake:

4 server> ok = ssl:ssl_accept(Socket). ok -

Send a messag over ssl

+

Step 6: Send a message over SSL:

5 server> ssl:send(Socket, "foo"). ok -

Flush the shell message queue to see that we got the message - sent on the server side

+

Step 7: Flush the shell message queue to see that the message + was sent on the server side:

3 client> flush(). Shell got {ssl,{sslsocket,[...]},"foo"} ok
- Upgrade example + Upgrade Example -

To upgrade a TCP/IP connection to an ssl connection the - client and server have to aggre to do so. Agreement - may be accompliced by using a protocol such the one used by HTTP - specified in RFC 2817.

 +

To upgrade a TCP/IP connection to an SSL connection, the + client and server must agree to do so. The agreement + can be accomplished by using a protocol, for example, the one used by HTTP + specified in RFC 2817.

 + +

To upgrade to an SSL connection:

-

Start server side

+

Step 1: Start the server side:

1 server> ssl:start(). ok -

Create a normal tcp listen socket

+

Step 2: Create a normal TCP listen socket:

2 server> {ok, ListenSocket} = gen_tcp:listen(9999, [{reuseaddr, true}]). {ok, #Port<0.475>} -

Accept client connection

+

Step 3: Accept client connection:

3 server> {ok, Socket} = gen_tcp:accept(ListenSocket). {ok, #Port<0.476>} -

Start client side

+

Step 4: Start the client side:

1 client> ssl:start(). ok 2 client> {ok, Socket} = gen_tcp:connect("localhost", 9999, [], infinity). -

Make sure active is set to false before trying - to upgrade a connection to an ssl connection, otherwhise - ssl handshake messages may be deliverd to the wrong process.

+

Step 5: Ensure active is set to false before trying + to upgrade a connection to an SSL connection, otherwise + SSL handshake messages can be delivered to the wrong process:

4 server> inet:setopts(Socket, [{active, false}]). ok -

Do the ssl handshake.

+

Step 6: Do the SSL handshake:

5 server> {ok, SSLSocket} = ssl:ssl_accept(Socket, [{cacertfile, "cacerts.pem"}, {certfile, "cert.pem"}, {keyfile, "key.pem"}]). {ok,{sslsocket,[...]}} -

Upgrade to an ssl connection. Note that the client and server - must agree upon the upgrade and the server must call - ssl:accept/2 before the client calls ssl:connect/3.

+

Step 7: Upgrade to an SSL connection. The client and server + must agree upon the upgrade. The server must call + ssl:accept/2 before the client calls ssl:connect/3.

3 client>{ok, SSLSocket} = ssl:connect(Socket, [{cacertfile, "cacerts.pem"}, {certfile, "cert.pem"}, {keyfile, "key.pem"}], infinity). {ok,{sslsocket,[...]}} -

Send a messag over ssl

+

Step 8: Send a message over SSL:

4 client> ssl:send(SSLSocket, "foo"). ok -

Set active true on the ssl socket

+

Step 9: Set active true on the SSL socket:

4 server> ssl:setopts(SSLSocket, [{active, true}]). ok -

Flush the shell message queue to see that we got the message - sent on the client side

+

Step 10: Flush the shell message queue to see that the message + was sent on the client side:

5 server> flush(). Shell got {ssl,{sslsocket,[...]},"foo"} ok -- cgit v1.2.3 From 3c49c9949feb45341f2cf85321d67b45c45abda9 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Wed, 1 Apr 2015 09:39:38 +0200 Subject: ssl: Technically clarify description Change description proposed by technical writer to make better use of technical terms. Also add some new language improvments discussed with the technical writer. --- lib/ssl/doc/src/ssl_introduction.xml | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl_introduction.xml b/lib/ssl/doc/src/ssl_introduction.xml index 6138749b79..64607a393a 100644 --- a/lib/ssl/doc/src/ssl_introduction.xml +++ b/lib/ssl/doc/src/ssl_introduction.xml @@ -34,21 +34,20 @@
Purpose

Transport Layer Security (TLS) and its predecessor, the Secure - Sockets Layer (SSL) are cryptographic protocols designed to - provide communications security over a computer network. They - use x.509 certificates and hence asymmetric cryptography to - authenticate the counterparty with whom they are communicating, - and to exchange a symmetric key. This session key is then used - to encrypt data flowing between the parties. This allows for - data/message confidentiality, and message authentication codes - for message integrity.

+ Sockets Layer (SSL), are cryptographic protocols designed to + provide communications security over a computer network. The protocols use + use X.509 certificates and hence public key (asymmetric) cryptography to + authenticate the counterpart with whom they communicate, + and to exchange a symmetric key for payload encryption. The protocol provides + data/message confidentiality (encryption), integrity (through message authentication code checks) + and host verification (through certificate path validation).

Prerequisites

It is assumed that the reader is familiar with the Erlang programming language, the concepts of OTP, and has a basic - understanding of SSL/TSP.

+ understanding of SSL/TLS.

-- cgit v1.2.3 From 6af3195c80ab7ce522602d50eb1db3b6916dcde6 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Wed, 1 Apr 2015 11:29:52 +0200 Subject: ssl: Correct XML-tag --- lib/ssl/doc/src/refman.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/refman.xml b/lib/ssl/doc/src/refman.xml index c6ebe5764a..d5f2219af9 100644 --- a/lib/ssl/doc/src/refman.xml +++ b/lib/ssl/doc/src/refman.xml @@ -1,7 +1,7 @@ - +
19992015 @@ -33,6 +33,6 @@ - + -- cgit v1.2.3 From 7461639d24f5d28e2b43ec10e1aa2376b4ba8936 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Thu, 2 Apr 2015 16:48:50 +0200 Subject: ssl: Correct typos --- lib/ssl/doc/src/ssl.xml | 2 +- lib/ssl/doc/src/ssl_crl_cache_api.xml | 2 +- lib/ssl/doc/src/ssl_distribution.xml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 1e6981f7e5..b8f7501915 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -123,7 +123,7 @@ CallbackModule

= atom()

 DataTag -

= atom()

p> +

= atom()

Used in socket data message.

 ClosedTag

= atom()

diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml index 3f518496be..d18eadd2f2 100644 --- a/lib/ssl/doc/src/ssl_crl_cache_api.xml +++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml @@ -60,7 +60,7 @@ CRLs = [public_key:der_encoded()] -

Lookup the CRLs belonging to the distribution point Distributionpoint

. +

Lookup the CRLs belonging to the distribution point Distributionpoint .

This function may choose to only look in the cache or to follow distribution point links depending on how the cache is administrated. diff --git a/lib/ssl/doc/src/ssl_distribution.xml b/lib/ssl/doc/src/ssl_distribution.xml index 6d1a2f9ccc..c9f7b1b27f 100644 --- a/lib/ssl/doc/src/ssl_distribution.xml +++ b/lib/ssl/doc/src/ssl_distribution.xml @@ -209,7 +209,7 @@ Eshell V5.0 (abort with ^G) initiates a connection to another node. server_-prefixed options are used when accepting a connection from a remote node.

-

More complex options, such as verify_func>, are currently not +

More complex options, such as verify_fun, are currently not available, but a mechanism to handle such options may be added in a future release.

-- cgit v1.2.3 From 1521bc5840d754ebb38a991855def17a5d9974b9 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Thu, 2 Apr 2015 17:06:19 +0200 Subject: ssl: Add links --- lib/ssl/doc/src/ssl_crl_cache.xml | 8 ++++---- lib/ssl/doc/src/using_ssl.xml | 12 +++++++----- 2 files changed, 11 insertions(+), 9 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl_crl_cache.xml b/lib/ssl/doc/src/ssl_crl_cache.xml index b291c7b633..ce5bc15215 100644 --- a/lib/ssl/doc/src/ssl_crl_cache.xml +++ b/lib/ssl/doc/src/ssl_crl_cache.xml @@ -41,8 +41,8 @@ CRLSrc = {file, string()} | {der, [ der_encoded() ]} - URI = http_uri:uri() + marker="public_key:public_key"> public_key:der_encoded() ]} + URI = http_uri:uri() Reason = term() @@ -54,8 +54,8 @@ delete(Entries) -> ok | {error, Reason} - Entries = http_uri:uri() | {file, string()} | {der, [ der_encoded() ]} + Entries = http_uri:uri() | {file, string()} | {der, [ public_key:der_encoded() ]} Reason = term() diff --git a/lib/ssl/doc/src/using_ssl.xml b/lib/ssl/doc/src/using_ssl.xml index e3ebca9410..01b7970fb6 100644 --- a/lib/ssl/doc/src/using_ssl.xml +++ b/lib/ssl/doc/src/using_ssl.xml @@ -31,12 +31,14 @@ using_ssl.xml
-

To see relevant version information for ssl, call ssl:versions/0.

+

To see relevant version information for ssl, call + ssl:versions/0 + .

-

To see all supported cipher suites, call ssl:cipher_suites/0. - The available cipher suites for a connection depend on your certificate. - Specific cipher suites that you want your connection to use can also be - specified. Default is to use the strongest available.

+

To see all supported cipher suites, call ssl:cipher_suites(all) . + The available cipher suites for a connection depend on your certificate. + Specific cipher suites that you want your connection to use can also be + specified. Default is to use the strongest available.

Setting up Connections -- cgit v1.2.3 From e6ec11f2c79c1dd51da9750aac6730184a06668b Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Tue, 7 Apr 2015 15:51:56 +0200 Subject: ssl: Correct merge error --- lib/ssl/doc/src/ssl.xml | 25 +++++++------------------ 1 file changed, 7 insertions(+), 18 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index b8f7501915..eb31b35e1e 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -793,17 +793,19 @@ fun(srp, Username :: string(), UserState :: term()) -> - negotiated_next_protocol(Socket) -> {ok, Protocol} | {error, next_protocol_not_negotiated} - Returns the Next Protocol negotiated. + negotiated_protocol(Socket) -> {ok, Protocol} | {error, protocol_not_negotiated} + Returns the protocol negotiated through ALPN or NPN extensions. Socket = sslsocket() Protocol = binary() -

Returns the Next Protocol negotiated.

+

+ Returns the protocol negotiated through ALPN or NPN extensions. +

- + peercert(Socket) -> {ok, Cert} | {error, Reason} Returns the peer certificate. @@ -1084,20 +1086,7 @@ fun(srp, Username :: string(), UserState :: term()) -> - - negotiated_protocol(Socket) -> {ok, Protocol} | {error, protocol_not_negotiated} - Returns the protocol negotiated through ALPN or NPN extensions. - - Socket = sslsocket() - Protocol = binary() - - -

- Returns the protocol negotiated through ALPN or NPN extensions. -

- - - +
-- cgit v1.2.3 From 7090827c70d21826c66fed092247e3773c318150 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Tue, 7 Apr 2015 16:05:41 +0200 Subject: ssl: Align with editorial changes --- lib/ssl/doc/src/ssl.xml | 22 +++++++++++----------- lib/ssl/doc/src/ssl_crl_cache_api.xml | 2 +- 2 files changed, 12 insertions(+), 12 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index eb31b35e1e..f357e90526 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -345,7 +345,7 @@ marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_valid - {crl_check, boolean() | peer | best_effort } + {crl_check, boolean() | peer | best_effort } Perform CRL (Certificate Revocation List) verification @@ -368,12 +368,12 @@ marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_valid ssl_crl_cache_api(3).

 - {crl_cache, {Module :: atom(), {DbHandle :: internal | term(), Args :: list()}}} + {crl_cache, {Module :: atom(), {DbHandle :: internal | term(), Args :: list()}}}

Module defaults to ssl_crl_cache with DbHandle internal and an empty argument list. The following arguments may be specified for the internal cache.

- {http, timeout()} + {http, timeout()} Enables fetching of CRLs specified as http URIs in X509 cerificate extensions. @@ -462,7 +462,7 @@ fun(srp, Username :: string(), UserState :: term()) -> client certificate chain.

 - {alpn_advertised_protocols, [binary()]} + {{alpn_advertised_protocols, [binary()]}

The list of protocols supported by the client to be sent to the server to be used for an Application-Layer Protocol Negotiation (ALPN). @@ -475,8 +475,8 @@ fun(srp, Username :: string(), UserState :: term()) ->

The negotiated protocol can be retrieved using the negotiated_protocol/1 function.

 - {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()]}} - {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()], Default :: binary()}} + {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()]}} + {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()], Default :: binary()}}

Indicates that the client is to try to perform Next Protocol Negotiation.

@@ -518,7 +518,7 @@ fun(srp, Username :: string(), UserState :: term()) -> Indication extension is sent if possible. This option can also be used to disable that behavior.

 - {fallback, boolean()} + {fallback, boolean()}

Send special cipher suite TLS_FALLBACK_SCSV to avoid undesired TLS version downgrade. Defaults to false

@@ -594,7 +594,7 @@ fun(srp, Username :: string(), UserState :: term()) -> a DER-encoded certificate, Compression is an enumeration integer, and CipherSuite is of type ciphersuite().

 - {alpn_preferred_protocols, [binary()]} + {alpn_preferred_protocols, [binary()]}

Indicates the server will try to perform Application-Layer Protocol Negotiation (ALPN).

@@ -1066,10 +1066,10 @@ fun(srp, Username :: string(), UserState :: term()) ->

Returns version information relevant for the ssl application.

- app_vsn + app_vsn The application version of the ssl application. - supported + supported TLS/SSL versions supported by default. Overridden by a version option on connect/[2,3,4], @@ -1079,7 +1079,7 @@ fun(srp, Username :: string(), UserState :: term()) -> marker="#connection_info-1">ssl:connection_info/1 . - available + available All TLS/SSL versions supported by the ssl application. TLS 1.2 requires sufficient support from the crypto application. diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml index d18eadd2f2..dafb067131 100644 --- a/lib/ssl/doc/src/ssl_crl_cache_api.xml +++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml @@ -40,7 +40,7 @@
- Common Data Types + DATA TYPES

The following data types are used in the functions below:

-- cgit v1.2.3 From a0e30203ab652e50215244944f1ffbf12ee3b8ef Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Tue, 7 Apr 2015 19:08:46 +0200 Subject: ssl: Align with alphabetical order --- lib/ssl/doc/src/ssl_crl_cache_api.xml | 50 ++++++++++++++++++++--------------- 1 file changed, 28 insertions(+), 22 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml index dafb067131..557b7814b8 100644 --- a/lib/ssl/doc/src/ssl_crl_cache_api.xml +++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml @@ -45,12 +45,35 @@

The following data types are used in the functions below:

-

cache_ref() = opaque()

-

dist_point() = #'DistributionPoint'{} see X509 certificates records

+ + + cache_ref() + = opaque() + dist_point() + = #'DistributionPoint'{} see X509 certificates records + + +
- + + fresh_crl(DistributionPoint, CRL) -> FreshCRL + fun fresh_crl/2 will be used as input option update_crl to + public_key:pkix_crls_validate/3 + + DistributionPoint = dist_point() + CRL = [public_key:der_encoded()] + FreshCRL = [public_key:der_encoded()] + + +

fun fresh_crl/2 will be used as input option update_crl to + public_key:pkix_crls_validate/3

+ + + lookup(DistributionPoint, DbHandle) -> not_available | CRLs @@ -60,7 +83,7 @@ CRLs = [public_key:der_encoded()] -

Lookup the CRLs belonging to the distribution point Distributionpoint .

+

Lookup the CRLs belonging to the distribution point Distributionpoint.

This function may choose to only look in the cache or to follow distribution point links depending on how the cache is administrated. @@ -78,22 +101,5 @@

Select the CRLs in the cache that are issued by Issuer

- - - fresh_crl(DistributionPoint, CRL) -> FreshCRL - fun fresh_crl/2 will be used as input option update_crl to - public_key:pkix_crls_validate/3 - - DistributionPoint = dist_point() - CRL = [public_key:der_encoded()] - FreshCRL = [public_key:der_encoded()] - - -

fun fresh_crl/2 will be used as input option update_crl to - public_key:pkix_crls_validate/3

- - \ No newline at end of file -- cgit v1.2.3 From 76943d42da43395f6d3f2dfb7f52e2552a47be26 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Tue, 7 Apr 2015 22:06:39 +0200 Subject: ssl: Document enhancements --- lib/ssl/doc/src/ssl.xml | 56 +++++++++++++++---------------- lib/ssl/doc/src/ssl_app.xml | 6 ++-- lib/ssl/doc/src/ssl_crl_cache.xml | 47 +++++++++++++------------- lib/ssl/doc/src/ssl_protocol.xml | 8 ++--- lib/ssl/doc/src/ssl_session_cache_api.xml | 8 ++--- 5 files changed, 61 insertions(+), 64 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index f357e90526..d070cb4019 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -88,20 +88,19 @@

= {verify, verify_type()}

| {verify_fun, {fun(), term()}}

| {fail_if_no_peer_cert, boolean()} {depth, integer()}

-

| {cert, der_encoded()}

+

| {cert, public_key:der_encoded()}

| {certfile, path()}

| {key, {'RSAPrivateKey'| 'DSAPrivateKey' | 'ECPrivateKey' - | 'PrivateKeyInfo', der_encoded()}}

+ | 'PrivateKeyInfo', public_key:der_encoded()}}

| {keyfile, path()}

| {password, string()}

-

| {cacerts, [der_encoded()]}

+

| {cacerts, [public_key:der_encoded()]}

| {cacertfile, path()}

-

| {dh, der_encoded()}

+

| {dh, public_key:der_encoded()}

| {dhfile, path()}

| {ciphers, ciphers()}

| {user_lookup_fun, {fun(), term()}}, {psk_identity, string()}, {srp_identity, {string(), string()}}

-

| {ssl_imp, ssl_imp()}

| {reuse_sessions, boolean()}

| {reuse_session, fun()} {next_protocols_advertised, [binary()]}

| {client_preferred_next_protocols, {client | server, @@ -138,7 +137,7 @@

= string()

Represents a file path.

 - der_encoded() + public_key:der_encoded()

= binary()

ASN.1 DER-encoded entity as an Erlang binary.

 @@ -195,7 +194,7 @@ - {cert, der_encoded()} + {cert, public_key:der_encoded()}

The DER-encoded users certificate. If this option is supplied, it overrides option certfile.

 @@ -203,7 +202,7 @@

Path to a file containing the user certificate.

 {key, {'RSAPrivateKey'| 'DSAPrivateKey' | 'ECPrivateKey' - |'PrivateKeyInfo', der_encoded()}} + |'PrivateKeyInfo', public_key:der_encoded()}}

The DER-encoded user's private key. If this option is supplied, it overrides option keyfile.

 @@ -217,10 +216,6 @@

String containing the user's password. Only used if the private keyfile is password-protected.

 - {cacerts, [der_encoded()]} -

The DER-encoded trusted certificates. If this option - is supplied it overrides option cacertfile.

 - {ciphers, ciphers()}

Supported cipher suites. The function cipher_suites/0 can be used to find all ciphers that are @@ -229,16 +224,12 @@ (RFC 4279 and RFC 5487), Secure Remote Password - (RFC 5054), + (RFC 5054), RC4 cipher suites, and anonymous cipher suites only work if explicitly enabled by this option; they are supported/enabled by the peer also. Anonymous cipher suites are supported for testing purposes only and are not be used when security matters.

 - {ssl_imp, new | old} -

Has no longer any meaning as the old implementation is - removed; it is ignored.

 - {secure_renegotiate, boolean()}

Specifies if to reject renegotiation attempt that does not live up to @@ -364,7 +355,7 @@ marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_valid

The CA certificates specified for the connection will be used to construct the certificate chain validating the CRLs.

-

The CRLs will be fetched from a local or external cache +

The CRLs will be fetched from a local or external cache see ssl_crl_cache_api(3).

 @@ -455,6 +446,10 @@ fun(srp, Username :: string(), UserState :: term()) -> {reuse_sessions, boolean()}

Specifies if the client is to try to reuse sessions when possible.

 + + {cacerts, [public_key:der_encoded()]} +

The DER-encoded trusted certificates. If this option + is supplied it overrides option cacertfile.

 {cacertfile, path()}

Path to a file containing PEM-encoded CA certificates. The CA @@ -462,7 +457,7 @@ fun(srp, Username :: string(), UserState :: term()) -> client certificate chain.

 - {{alpn_advertised_protocols, [binary()]} + {alpn_advertised_protocols, [binary()]}

The list of protocols supported by the client to be sent to the server to be used for an Application-Layer Protocol Negotiation (ALPN). @@ -499,7 +494,7 @@ fun(srp, Username :: string(), UserState :: term()) -> {psk_identity, string()}

Specifies the identity the client presents to the server. - The matching secret is found by calling user_look_fun.

+ The matching secret is found by calling user_lookup_fun.

 {srp_identity, {Username :: string(), Password :: string()} @@ -508,14 +503,13 @@ fun(srp, Username :: string(), UserState :: term()) -> to the server.

 {server_name_indication, hostname()} - - {server_name_indication, disable} - -

Can be specified when upgrading a TCP socket to a TLS - socket to use the TLS Server Name Indication extension.

+

Can be specified when upgrading a TCP socket to a TLS + socket to use the TLS Server Name Indication extension.

 + {server_name_indication, disable} +

When starting a TLS connection without upgrade, the Server Name - Indication extension is sent if possible. This option can also be + Indication extension is sent if possible. This option can be used to disable that behavior.

 {fallback, boolean()} @@ -523,7 +517,7 @@ fun(srp, Username :: string(), UserState :: term()) ->

Send special cipher suite TLS_FALLBACK_SCSV to avoid undesired TLS version downgrade. Defaults to false

Note this option is not needed in normal TLS usage and should not be used - to implement new clients. But legacy clients that that retries connections in the following manner

+ to implement new clients. But legacy clients that retries connections in the following manner

ssl:connect(Host, Port, [...{versions, ['tlsv2', 'tlsv1.1', 'tlsv1', 'sslv3']}])

ssl:connect(Host, Port, [...{versions, [tlsv1.1', 'tlsv1', 'sslv3']}, {fallback, true}])

@@ -545,6 +539,10 @@ fun(srp, Username :: string(), UserState :: term()) -> meaning in the server than in the client:

+ + {cacerts, [public_key:der_encoded()]} +

The DER-encoded trusted certificates. If this option + is supplied it overrides option cacertfile.

 {cacertfile, path()}

Path to a file containing PEM-encoded CA @@ -555,7 +553,7 @@ fun(srp, Username :: string(), UserState :: term()) -> is no need to verify the client and if there are no intermediate CAs for the server certificate.

 - {dh, der_encoded()} + {dh, public_key:der_encoded()}

The DER-encoded Diffie-Hellman parameters. If specified, it overrides option dhfile.

 @@ -577,7 +575,7 @@ fun(srp, Username :: string(), UserState :: term()) -> If set to true, the server fails if the client does not have a certificate to send, that is, sends an empty certificate. If set to false, it fails only if the client sends an invalid - certificate (an empty certificate is considered valid).

+ certificate (an empty certificate is considered valid). Defaults to false.

 {reuse_sessions, boolean()} diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index 2b2d08124f..43c69ba377 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -54,10 +54,10 @@

The environment parameters can be set on the command line, for example:

-

erl ... -ssl protocol_version '[sslv3, tlsv1]' ....

+

erl -ssl protocol_version "['tlsv1.2', 'tlsv1.1']"

- ]]>. + ssl:protocol() ]]>.

Protocol supported by started clients and servers. If this option is not set, it defaults to all protocols currently supported by the ssl application. @@ -91,7 +91,7 @@

ERROR LOGGER AND EVENT HANDLERS -

The ssl applications has no error logger or event handlers.

+

The ssl applications uses the default OTP error logger to log unexpected errors and TLS alerts. The logging of TLS alerts may be turned off with the log_alert option.

diff --git a/lib/ssl/doc/src/ssl_crl_cache.xml b/lib/ssl/doc/src/ssl_crl_cache.xml index ce5bc15215..62bf2ea7b7 100644 --- a/lib/ssl/doc/src/ssl_crl_cache.xml +++ b/lib/ssl/doc/src/ssl_crl_cache.xml @@ -36,31 +36,30 @@ - insert(CRLSrc) -> ok | {error, Reason} - insert(URI, CRLSrc) -> ok | {error, Reason} - - - CRLSrc = {file, string()} | {der, [ delete(Entries) -> ok | {error, Reason} + + + Entries = http_uri:uri() | {file, string()} | {der, [ public_key:der_encoded() ]} + Reason = term() + + + Delete CRLs from the ssl applications local cache. + + + + insert(CRLSrc) -> ok | {error, Reason} + insert(URI, CRLSrc) -> ok | {error, Reason} + + + CRLSrc = {file, string()} | {der, [ public_key:der_encoded() ]} - URI = http_uri:uri() - Reason = term() - - + URI = http_uri:uri() + Reason = term() + + Insert CRLs into the ssl applications local cache. - - - - - delete(Entries) -> ok | {error, Reason} - - - Entries = http_uri:uri() | {file, string()} | {der, [ public_key:der_encoded() ]} - Reason = term() - - - Delete CRLs from the ssl applications local cache. - - + + \ No newline at end of file diff --git a/lib/ssl/doc/src/ssl_protocol.xml b/lib/ssl/doc/src/ssl_protocol.xml index 79162389ae..20f53c98e1 100644 --- a/lib/ssl/doc/src/ssl_protocol.xml +++ b/lib/ssl/doc/src/ssl_protocol.xml @@ -4,7 +4,7 @@
- 20032013 + 20032015 Ericsson AB. All Rights Reserved. @@ -105,9 +105,9 @@
- Authentication of Sender + Peer Authentication -

Authentication of the sender is done by public key path +

Authentication of the peer is done by public key path validation as defined in RFC 3280. This means basically the following:

@@ -115,7 +115,7 @@ previous one. The certificates attributes are valid. The root certificate is a trusted certificate that is present - in the trusted certificate database kept by the peer./ + in the trusted certificate database kept by the peer.

The server always sends a certificate chain as part of diff --git a/lib/ssl/doc/src/ssl_session_cache_api.xml b/lib/ssl/doc/src/ssl_session_cache_api.xml index 39db03c91c..9cd16c5f58 100644 --- a/lib/ssl/doc/src/ssl_session_cache_api.xml +++ b/lib/ssl/doc/src/ssl_session_cache_api.xml @@ -28,11 +28,11 @@ ssl_session_cache_api.xml ssl_session_cache_api - Defines the API for the TLS session cache so - that the data storage scheme can be replaced by - defining a new callback module implementing this API. + TLS session cache API - + Defines the API for the TLS session cache so + that the data storage scheme can be replaced by + defining a new callback module implementing this API.

DATA TYPES -- cgit v1.2.3 From 0688a013a9ffa1a4a9d6a5eaeda6b4bb1f68328e Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Thu, 30 Apr 2015 09:16:06 +0200 Subject: ssl: Correct makefile --- lib/ssl/doc/src/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/Makefile b/lib/ssl/doc/src/Makefile index cfbf98f6e3..143756bd39 100644 --- a/lib/ssl/doc/src/Makefile +++ b/lib/ssl/doc/src/Makefile @@ -37,7 +37,7 @@ RELSYSDIR = $(RELEASE_PATH)/lib/$(APPLICATION)-$(VSN) # Target Specs # ---------------------------------------------------- XML_APPLICATION_FILES = refman.xml -XML_REF3_FILES = ssl.xml ssl_crl_cache.xml ssl_crl_cache.xml ssl_session_cache_api.xml +XML_REF3_FILES = ssl.xml ssl_crl_cache.xml ssl_crl_cache_api.xml ssl_session_cache_api.xml XML_REF6_FILES = ssl_app.xml XML_PART_FILES = release_notes.xml usersguide.xml -- cgit v1.2.3 From 4025ea36fc731c3bb6898dec5687146e6c372151 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Thu, 30 Apr 2015 09:17:09 +0200 Subject: ssl: Keep information in one place only --- lib/ssl/doc/src/ssl.xml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index d070cb4019..c5fe8b69a4 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -37,8 +37,7 @@ SSL - ssl requires the crypto and public_key - applications. + For application dependencies see ssl(6) Supported SSL/TLS-versions are SSL-3.0, TLS-1.0, TLS-1.1, and TLS-1.2. For security reasons SSL-2.0 is not supported. -- cgit v1.2.3 From 0af20bdcfb54a648d4b0c907565171a46afd1457 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Thu, 30 Apr 2015 09:47:45 +0200 Subject: ssl: Align with application naming rules ssl SSL crypto Crypto stdlib STDLIB kernel Kernel public_key Public Key --- lib/ssl/doc/src/ssl.xml | 29 ++++++++++++----------- lib/ssl/doc/src/ssl_app.xml | 16 ++++++------- lib/ssl/doc/src/ssl_distribution.xml | 38 +++++++++++++++---------------- lib/ssl/doc/src/ssl_protocol.xml | 10 ++++---- lib/ssl/doc/src/ssl_session_cache_api.xml | 4 ++-- 5 files changed, 48 insertions(+), 49 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index c5fe8b69a4..14873848d1 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -45,7 +45,7 @@ but can be configured. Ephemeral Diffie-Hellman cipher suites are supported, but not Diffie Hellman Certificates cipher suites. - Elliptic Curve cipher suites are supported if the crypto + Elliptic Curve cipher suites are supported if the Crypto application supports it and named curves are used. Export cipher suites are not supported as the @@ -63,7 +63,7 @@
DATA TYPES -

The following data types are used in the functions for ssl:

+

The following data types are used in the functions for SSL:

@@ -81,7 +81,7 @@

For valid options, see the inet(3) and gen_tcp(3) manual pages - in kernel.

+ in Kernel.

ssloption()

= {verify, verify_type()}

@@ -261,7 +261,7 @@ atom()}} |

The verification fun is called during the X509-path - validation when an error or an extension unknown to the ssl + validation when an error or an extension unknown to the SSL application is encountered. It is also called when a certificate is considered valid by the path validation to allow access to each certificate in the path to the user @@ -382,7 +382,7 @@ marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_valid

TLS protocol versions supported by started clients and servers. This option overrides the application environment option protocol_version. If the environment option is not set, it defaults - to all versions, except SSL-3.0, supported by the ssl application. + to all versions, except SSL-3.0, supported by the SSL application. See also ssl(6).

 {hibernate_after, integer()|undefined} @@ -999,21 +999,21 @@ fun(srp, Username :: string(), UserState :: term()) -> start() -> start(Type) -> ok | {error, Reason} - Starts the sslapplication. + Starts the SSL application. Type = permanent | transient | temporary -

Starts the ssl application. Default type +

Starts the SSL application. Default type is temporary.

 stop() -> ok - Stops the ssl application. + Stops the SSL application. -

Stops the ssl application.

+

Stops the SSL application.

 @@ -1055,16 +1055,16 @@ fun(srp, Username :: string(), UserState :: term()) -> versions() -> [versions_info()] Returns version information relevant for the - ssl application. + SSL application. versions_info() = {app_vsn, string()} | {supported | available, [protocol()] -

Returns version information relevant for the ssl +

Returns version information relevant for the SSL application.

app_vsn - The application version of the ssl application. + The application version of the SSL application. supported TLS/SSL versions supported by default. @@ -1077,8 +1077,8 @@ fun(srp, Username :: string(), UserState :: term()) -> . available - All TLS/SSL versions supported by the ssl application. - TLS 1.2 requires sufficient support from the crypto + All TLS/SSL versions supported by the SSL application. + TLS 1.2 requires sufficient support from the Crypto application. @@ -1094,4 +1094,3 @@ fun(srp, Username :: string(), UserState :: term()) ->
- diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index 43c69ba377..f17f5cb9fe 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -35,21 +35,21 @@
DEPENDENCIES -

The ssl application uses the public_key and - crypto application to handle public keys and encryption, hence - these applications must be loaded for the ssl application to work. +

The SSL application uses the public_key and + Crypto application to handle public keys and encryption, hence + these applications must be loaded for the SSL application to work. In an embedded environment this means they must be started with - application:start/[1,2] before the ssl application is + application:start/[1,2] before the SSL application is started.

CONFIGURATION

The application environment configuration parameters in this section - are defined for the ssl application. For more information + are defined for the SSL application. For more information about configuration parameters, see the application(3) - manual page in kernel.

+ manual page in Kernel.

The environment parameters can be set on the command line, for example:

@@ -60,7 +60,7 @@ ssl:protocol() ]]>.

Protocol supported by started clients and servers. If this option is not set, it defaults to all - protocols currently supported by the ssl application. + protocols currently supported by the SSL application. This option can be overridden by the version option to ssl:connect/[2,3] and ssl:listen/2.

 @@ -91,7 +91,7 @@
ERROR LOGGER AND EVENT HANDLERS -

The ssl applications uses the default OTP error logger to log unexpected errors and TLS alerts. The logging of TLS alerts may be turned off with the log_alert option.

+

The SSL application uses the default OTP error logger to log unexpected errors and TLS alerts. The logging of TLS alerts may be turned off with the log_alert option.

diff --git a/lib/ssl/doc/src/ssl_distribution.xml b/lib/ssl/doc/src/ssl_distribution.xml index c9f7b1b27f..effb304938 100644 --- a/lib/ssl/doc/src/ssl_distribution.xml +++ b/lib/ssl/doc/src/ssl_distribution.xml @@ -38,11 +38,11 @@ connection-based protocol as bearer. However, a module that implements the protocol-specific parts of the connection setup is needed. The default distribution module is inet_tcp_dist - in the kernel application. When starting an + in the Kernel application. When starting an Erlang node distributed, net_kernel uses this module to set up listen ports and connections.

-

In the ssl application, an exra distribution +

In the SSL application, an exra distribution module, inet_tls_dist, can be used as an alternative. All distribution connections will use SSL and all participating Erlang nodes in a distributed system must use @@ -57,7 +57,7 @@ Step 1: Build boot scripts including the - ssl application. + SSL application. Step 2: Specify the distribution module for net_kernel. Step 3: Specify the security options and other @@ -74,8 +74,8 @@ see the sasl documentation. This is only an example of what can be done.

-

The simplest boot script possible includes only the kernel - and stdlib applications. Such a script is located in the +

The simplest boot script possible includes only the Kernel + and STDLIB applications. Such a script is located in the bin directory of the Erlang distribution. The source for the script is found under the Erlang installation top directory under /start_clean.rel]]>.

@@ -84,12 +84,12 @@

Copy that script to another location (and preferably another name).

 -

Add the applications crypto, public_key, and - ssl with their current version numbers after the - stdlibapplication.

 +

Add the applications Crypto, Public Key, and + SSL with their current version numbers after the + STDLIB application.

 -

The following shows an example .rel file with ssl +

The following shows an example .rel file with SSL added:

{release, {"OTP APN 181 01","R15A"}, {erts, "5.9"}, @@ -132,27 +132,27 @@ Eshell V5.0 (abort with ^G) 1> whereis(ssl_manager). <0.41.0> ]]> -

The whereis function-call verifies that the ssl +

The whereis function-call verifies that the SSL application is started.

As an alternative to building a bootscript, you can explicitly - add the path to the ssl ebin directory on the command + add the path to the SSL ebin directory on the command line. This is done with command-line option -pa. This - works as the ssl application does not need to be started for the - distribution to come up, as a clone of the ssl application is - hooked into the kernel application. So, as long as the - ssl application code can be reached, the distribution starts. + works as the SSL application does not need to be started for the + distribution to come up, as a clone of the SSL application is + hooked into the Kernel application. So, as long as the + SSL application code can be reached, the distribution starts. The -pa method is only recommended for testing purposes.

-

The clone of the ssl application must +

The clone of the SSL application must enable the use of the SSL code in such an early bootstage as needed to set up the distribution. However, this makes it - impossible to soft upgrade the ssl application.

 + impossible to soft upgrade the SSL application.

Specifying Distribution Module for net_kernel -

The distribution module for ssl is named inet_tls_dist +

The distribution module for SSL is named inet_tls_dist and is specified on the command line with option -proto_dist. The argument to -proto_dist is to be the module name without suffix _dist. So, this distribution @@ -172,7 +172,7 @@ Eshell V5.0 (abort with ^G) (ssl_test@myhost)1>

However, a node started in this way refuses to talk - to other nodes, as no ssl parameters are supplied + to other nodes, as no SSL parameters are supplied (see the next section).

diff --git a/lib/ssl/doc/src/ssl_protocol.xml b/lib/ssl/doc/src/ssl_protocol.xml index 20f53c98e1..cc49515066 100644 --- a/lib/ssl/doc/src/ssl_protocol.xml +++ b/lib/ssl/doc/src/ssl_protocol.xml @@ -32,19 +32,19 @@ ssl_protocol.xml -

The Erlang ssl application implements the SSL/TLS protocol +

The Erlang SSL application implements the SSL/TLS protocol for the currently supported versions, see the ssl(3) manual page.

-

By default ssl is run over the TCP/IP protocol even +

By default SSL/TLS is run over the TCP/IP protocol even though you can plug in any other reliable transport protocol with the same Application Programming Interface (API) as the - gen_tcp module in kernel.

+ gen_tcp module in Kernel.

If a client and a server wants to use an upgrade mechanism, such as defined by RFC 2817, to upgrade a regular TCP/IP connection to an SSL - connection, this is supported by the Erlang ssl API. This can be + connection, this is supported by the Erlang SSL application API. This can be useful for, for example, supporting HTTP and HTTPS on the same port and implementing virtual hosting.

@@ -143,7 +143,7 @@ connections. Sessions are used to avoid the expensive negotiation of new security parameters for each connection."

-

Session data is by default kept by the ssl application in a +

Session data is by default kept by the SSL application in a memory storage, hence session data is lost at application restart or takeover. Users can define their own callback module to handle session data storage if persistent data storage is diff --git a/lib/ssl/doc/src/ssl_session_cache_api.xml b/lib/ssl/doc/src/ssl_session_cache_api.xml index 9cd16c5f58..c89d3874a1 100644 --- a/lib/ssl/doc/src/ssl_session_cache_api.xml +++ b/lib/ssl/doc/src/ssl_session_cache_api.xml @@ -108,8 +108,8 @@ API functions. Is called by the cache handling processes init function, hence putting the same requirements on it as a normal process init function. This function is - called twice when starting the ssl application, once with - the role client and once with the role server, as the ssl + called twice when starting the SSL application, once with + the role client and once with the role server, as the SSL application must be prepared to take on both roles.

-- cgit v1.2.3 From 4375a9f9ec158c149ccc861b2f736c984fa54ac9 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Thu, 30 Apr 2015 10:42:55 +0200 Subject: ssl: Fix links --- lib/ssl/doc/src/ssl.xml | 5 +++-- lib/ssl/doc/src/ssl_crl_cache.xml | 2 +- lib/ssl/doc/src/ssl_crl_cache_api.xml | 2 +- lib/ssl/doc/src/using_ssl.xml | 4 ++-- 4 files changed, 7 insertions(+), 6 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 14873848d1..78b758226d 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -338,7 +338,7 @@ marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_valid {crl_check, boolean() | peer | best_effort } Perform CRL (Certificate Revocation List) verification - + (public_key:pkix_crls_validate/3) on all the certificates during the path validation (public_key:pkix_path_validation/3) @@ -375,7 +375,8 @@ marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_valid {partial_chain, fun(Chain::[DerCert]) -> {trusted_ca, DerCert} | unknown_ca }

Claim an intermediate CA in the chain as trusted. TLS then - performs public_key:pkix_path_validation/3 + performs public_key:pkix_path_validation/3 with the selected CA as trusted anchor and the rest of the chain.

 {versions, [protocol()]} diff --git a/lib/ssl/doc/src/ssl_crl_cache.xml b/lib/ssl/doc/src/ssl_crl_cache.xml index 62bf2ea7b7..23a2b69d61 100644 --- a/lib/ssl/doc/src/ssl_crl_cache.xml +++ b/lib/ssl/doc/src/ssl_crl_cache.xml @@ -29,7 +29,7 @@

Implements an internal CRL (Certificate Revocation List) cache. In addition to implementing the ssl_cache_crl_api behaviour + marker="ssl_crl_cache_api"> ssl_crl_cache_api behaviour the following functions are available.

diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml index 557b7814b8..1d9353a2cc 100644 --- a/lib/ssl/doc/src/ssl_crl_cache_api.xml +++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml @@ -70,7 +70,7 @@

fun fresh_crl/2 will be used as input option update_crl to - public_key:pkix_crls_validate/3

+ public_key:pkix_crls_validate/3

diff --git a/lib/ssl/doc/src/using_ssl.xml b/lib/ssl/doc/src/using_ssl.xml index 01b7970fb6..dbbc1aa9d3 100644 --- a/lib/ssl/doc/src/using_ssl.xml +++ b/lib/ssl/doc/src/using_ssl.xml @@ -32,10 +32,10 @@ using_ssl.xml

To see relevant version information for ssl, call - ssl:versions/0 + ssl:versions/0 .

-

To see all supported cipher suites, call ssl:cipher_suites(all) . +

To see all supported cipher suites, call ssl:cipher_suites(all) . The available cipher suites for a connection depend on your certificate. Specific cipher suites that you want your connection to use can also be specified. Default is to use the strongest available.

-- cgit v1.2.3 From d3047a56424fc892c551b203286b111bb9205415 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Thu, 30 Apr 2015 14:18:16 +0200 Subject: ssl: Put back marker --- lib/ssl/doc/src/ssl.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 78b758226d..cdf6870c25 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -83,7 +83,7 @@ gen_tcp(3) manual pages in Kernel.

 - ssloption() + ssloption()

= {verify, verify_type()}

| {verify_fun, {fun(), term()}}

| {fail_if_no_peer_cert, boolean()} {depth, integer()}

-- cgit v1.2.3 From 3ca0dbbcfaab00810c2c19980a2e7041d6ba5567 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Mon, 4 May 2015 10:36:38 +0200 Subject: ssl: Add missing tag --- lib/ssl/doc/src/ssl_crl_cache.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl_crl_cache.xml b/lib/ssl/doc/src/ssl_crl_cache.xml index 23a2b69d61..83b03375b1 100644 --- a/lib/ssl/doc/src/ssl_crl_cache.xml +++ b/lib/ssl/doc/src/ssl_crl_cache.xml @@ -44,7 +44,7 @@ Reason = term() - Delete CRLs from the ssl applications local cache. +

Delete CRLs from the ssl applications local cache.

@@ -58,7 +58,7 @@ Reason = term() - Insert CRLs into the ssl applications local cache. +

Insert CRLs into the ssl applications local cache.

-- cgit v1.2.3 From 0f2d15c95f98e7b271111c9311210a808c624adb Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Fri, 8 May 2015 15:57:15 +0200 Subject: public_key, ssl: Align public_key and ssl doc Make sure that links from ssl to public_key work. OTP-12670 - Ignoring 1.2 extension in 1.0 or TLS-1.1 solved by 5edda23ee854038c9d4bcddd0d676ee0ffd20da5 is mentioned here to make the release scripts happy, as the branch solving this accidently had a name ending 1267 instead of 12670 --- lib/ssl/doc/src/ssl.xml | 8 ++++---- lib/ssl/doc/src/ssl_crl_cache_api.xml | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index cdf6870c25..46dc93e343 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -268,7 +268,7 @@ atom()}} | application. It differentiates between the peer certificate and the CA certificates by using valid_peer or valid as second argument to the verification fun. See the - public_key User's + public_key User's Guide for definition of #'OTPCertificate'{} and #'Extension'{}.

@@ -364,10 +364,10 @@ marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_valid empty argument list. The following arguments may be specified for the internal cache.

{http, timeout()} - +

Enables fetching of CRLs specified as http URIs in X509 cerificate extensions. - Requires the OTP inets application. + marker="public_key:public_key_records"> X509 cerificate extensions. + Requires the OTP inets application.

 diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml index 1d9353a2cc..90aa895aff 100644 --- a/lib/ssl/doc/src/ssl_crl_cache_api.xml +++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml @@ -50,8 +50,8 @@ cache_ref() = opaque() dist_point() - = #'DistributionPoint'{} see X509 certificates records +

= #'DistributionPoint'{} see X509 certificates records

 -- cgit v1.2.3 From be5abeec807ab642881898033a3d23503ec91ce3 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Mon, 11 May 2015 16:54:05 +0200 Subject: ssl: Align "=" sign in type declarations to decided policy --- lib/ssl/doc/src/ssl.xml | 124 ++++++++++++++++++++++++------------------------ 1 file changed, 63 insertions(+), 61 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 46dc93e343..c4651d051c 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -67,15 +67,15 @@ - boolean() -

= true | false

 + boolean() = +

true | false

 - option() -

= socketoption() | ssloption() | transportoption()

+ option() = +

socketoption() | ssloption() | transportoption()

 - socketoption() -

= proplists:property()

+ socketoption() = +

proplists:property()

The default socket options are [{mode,list},{packet, 0},{header, 0},{active, true}].

For valid options, see the @@ -83,32 +83,34 @@ gen_tcp(3) manual pages in Kernel.

 - ssloption() -

= {verify, verify_type()}

-

| {verify_fun, {fun(), term()}}

-

| {fail_if_no_peer_cert, boolean()} {depth, integer()}

-

| {cert, public_key:der_encoded()}

-

| {certfile, path()}

-

| {key, {'RSAPrivateKey'| 'DSAPrivateKey' | 'ECPrivateKey' - | 'PrivateKeyInfo', public_key:der_encoded()}}

-

| {keyfile, path()}

-

| {password, string()}

-

| {cacerts, [public_key:der_encoded()]}

-

| {cacertfile, path()}

-

| {dh, public_key:der_encoded()}

-

| {dhfile, path()}

-

| {ciphers, ciphers()}

-

| {user_lookup_fun, {fun(), term()}}, {psk_identity, string()}, - {srp_identity, {string(), string()}}

-

| {reuse_sessions, boolean()}

-

| {reuse_session, fun()} {next_protocols_advertised, [binary()]}

-

| {client_preferred_next_protocols, {client | server, - [binary()]} | {client | server, [binary()], binary()}}

-

| {log_alert, boolean()}

-

| {server_name_indication, hostname() | disable}

 - - transportoption() -

= {cb_info, {CallbackModule::atom(), DataTag::atom(), + ssloption() = + +

{verify, verify_type()}

+

| {verify_fun, {fun(), term()}}

+

| {fail_if_no_peer_cert, boolean()} {depth, integer()}

+

| {cert, public_key:der_encoded()}

+

| {certfile, path()}

+

| {key, {'RSAPrivateKey'| 'DSAPrivateKey' | 'ECPrivateKey' + | 'PrivateKeyInfo', public_key:der_encoded()}}

+

| {keyfile, path()}

+

| {password, string()}

+

| {cacerts, [public_key:der_encoded()]}

+

| {cacertfile, path()}

+

| {dh, public_key:der_encoded()}

+

| {dhfile, path()}

+

| {ciphers, ciphers()}

+

| {user_lookup_fun, {fun(), term()}}, {psk_identity, string()}, + {srp_identity, {string(), string()}}

+

| {reuse_sessions, boolean()}

+

| {reuse_session, fun()} {next_protocols_advertised, [binary()]}

+

| {client_preferred_next_protocols, {client | server, + [binary()]} | {client | server, [binary()], binary()}}

+

| {log_alert, boolean()}

+

| {server_name_indication, hostname() | disable}

+ + + transportoption() = +

{cb_info, {CallbackModule::atom(), DataTag::atom(), ClosedTag::atom(), ErrTag:atom()}}

Defaults to {gen_tcp, tcp, tcp_closed, tcp_error}. Can be used to customize the transport layer. The callback module must implement a @@ -129,57 +131,57 @@ - verify_type() -

= verify_none | verify_peer

 + verify_type() = +

verify_none | verify_peer

 - path() -

= string()

+ path() = +

string()

Represents a file path.

 - public_key:der_encoded() -

= binary()

+ public_key:der_encoded() = +

binary()

ASN.1 DER-encoded entity as an Erlang binary.

 - host() -

= hostname() | ipaddress()

 + host() = +

hostname() | ipaddress()

 - hostname() -

= string()

 + hostname() = +

string()

 - ip_address() -

= {N1,N2,N3,N4} % IPv4 | {K1,K2,K3,K4,K5,K6,K7,K8} % IPv6 + ip_address() = +

{N1,N2,N3,N4} % IPv4 | {K1,K2,K3,K4,K5,K6,K7,K8} % IPv6

- sslsocket() -

Opaque to the user.

 + sslsocket() = +

opaque()

 - protocol() -

= sslv3 | tlsv1 | 'tlsv1.1' | 'tlsv1.2'

 + protocol() = +

sslv3 | tlsv1 | 'tlsv1.1' | 'tlsv1.2'

 - ciphers() + ciphers() =

= [ciphersuite()] | string()

According to old API.

 - ciphersuite() -

= {key_exchange(), cipher(), hash()}

 + ciphersuite() = +

{key_exchange(), cipher(), hash()}

 - key_exchange() -

= rsa | dhe_dss | dhe_rsa | dh_anon | psk | dhe_psk + key_exchange()= +

rsa | dhe_dss | dhe_rsa | dh_anon | psk | dhe_psk | rsa_psk | srp_anon | srp_dss | srp_rsa | ecdh_anon | ecdh_ecdsa | ecdhe_ecdsa | ecdh_rsa | ecdhe_rsa

 - cipher() -

= rc4_128 | des_cbc | '3des_ede_cbc' + cipher() = +

rc4_128 | des_cbc | '3des_ede_cbc' | aes_128_cbc | aes_256_cbc | aes_128_gcm | aes_256_gcm

 - hash() -

= md5 | sha

 + hash() = +

md5 | sha

 - prf_random() -

= client_random | server_random

 + prf_random() = +

client_random | server_random

 - srp_param_type() -

= srp_1024 | srp_1536 | srp_2048 | srp_3072 + srp_param_type() = +

srp_1024 | srp_1536 | srp_2048 | srp_3072 | srp_4096 | srp_6144 | srp_8192

 -- cgit v1.2.3 From 53ae813221c2dee502e2c114e68c2674c96b89cd Mon Sep 17 00:00:00 2001 From: Qijiang Fan Date: Tue, 30 Dec 2014 22:44:20 +0800 Subject: ssl: docs: SNI server, connection_information/1,2 --- lib/ssl/doc/src/ssl.xml | 47 +++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 45 insertions(+), 2 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index c4651d051c..77f63dcecf 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -106,7 +106,8 @@

| {client_preferred_next_protocols, {client | server, [binary()]} | {client | server, [binary()], binary()}}

| {log_alert, boolean()}

-

| {server_name_indication, hostname() | disable}

+

| {server_name_indication, hostname() | disable}

+

| {sni_hosts, [{hostname(), ssloptions()}]}

transportoption() = @@ -626,7 +627,10 @@ fun(srp, Username :: string(), UserState :: term()) -> selection. If set to false (the default), use the client preference.

- + {sni_hosts, [{hostname(), ssloptions()}]} +

If the server receives a SNI (Server Name Indication) from the client + matching a host listed in the sni_hosts option, the speicific options for + that host will override previously specified options.
@@ -753,6 +757,45 @@ fun(srp, Username :: string(), UserState :: term()) -> + + connection_information(SslSocket) -> + {ok, Info} | {error, Reason} + Returns all the connection information. + + + Info = [InfoTuple] + InfoTuple = {protocol, Protocol} | {cipher_suite, CipherSuite} | {sni_hostname, SNIHostname} + CipherSuite = ciphersuite() + ProtocolVersion = protocol() + SNIHostname = string() + Reason = term() + +

Return all the connection information containing negotiated protocol version, cipher suite, and the hostname of SNI extension. + Info will be a proplists containing all the connection information on success, otherwise {error, Reason} will be returned.

+ + + + + connection_information(SslSocket, Items) -> + {ok, Info} | {error, Reason} + Returns the requested connection information. + + + Items = [Item] + Item = protocol | cipher_suite | sni_hostname + Info = [InfoTuple] + InfoTuple = {protocol, Protocol} | {cipher_suite, CipherSuite} | {sni_hostname, SNIHostname} + CipherSuite = ciphersuite() + ProtocolVersion = protocol() + SNIHostname = string() + Reason = term() + +

Returns the connection information you requested. The connection information you can request contains protocol, cipher_suite, and sni_hostname. + {ok, Info} will be returned if it executes sucessfully. The Info is a proplists containing the information you requested. + Otherwise, {error, Reason} will be returned.

+ + + format_error(Reason) -> string() Returns an error string. -- cgit v1.2.3 From db509dd5debcd72d7f1d024d289315274f9b788b Mon Sep 17 00:00:00 2001 From: Qijiang Fan Date: Thu, 16 Apr 2015 22:25:57 +0800 Subject: ssl: add option sni_fun The newly added function sni_fun allows dynamic update of SSL options like keys and certificates depending on different SNI hostname, rather than a predefined rules of SSL options. --- lib/ssl/doc/src/ssl.xml | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 77f63dcecf..8a0bf69be4 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -108,10 +108,12 @@

| {log_alert, boolean()}

| {server_name_indication, hostname() | disable}

| {sni_hosts, [{hostname(), ssloptions()}]}

+

| {sni_fun, SNIfun::fun()}

 transportoption() =

{cb_info, {CallbackModule::atom(), DataTag::atom(), + ClosedTag::atom(), ErrTag:atom()}}

Defaults to {gen_tcp, tcp, tcp_closed, tcp_error}. Can be used to customize the transport layer. The callback module must implement a @@ -185,6 +187,9 @@

srp_1024 | srp_1536 | srp_2048 | srp_3072 | srp_4096 | srp_6144 | srp_8192

 + SNIfun::fun() +

= fun(ServerName :: string()) -> ssloptions()

 +
@@ -630,7 +635,21 @@ fun(srp, Username :: string(), UserState :: term()) -> {sni_hosts, [{hostname(), ssloptions()}]}

If the server receives a SNI (Server Name Indication) from the client matching a host listed in the sni_hosts option, the speicific options for - that host will override previously specified options.

 + that host will override previously specified options. + + The option sni_fun, and sni_hosts are mutually exclusive.

+ + {sni_fun, SNIfun::fun()} +

If the server receives a SNI (Server Name Indication) from the client, + the given function will be called to retrive ssloptions() for indicated server. + These options will be merged into predefined ssloptions(). + + The function should be defined as: + fun(ServerName :: string()) -> ssloptions() + and can be specified as a fun or as named fun module:function/1 + + The option sni_fun, and sni_hosts are mutually exclusive.

 +
-- cgit v1.2.3 From e09dd66dc4d89c62ddfd8c19791f9678d5d787c6 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Tue, 12 May 2015 18:18:55 +0200 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 63 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 62 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 352563700b..e0992d317c 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -25,7 +25,68 @@ notes.xml

This document describes the changes made to the SSL application.

-
SSL 6.0 +
SSL 7.0 + +
Fixed Bugs and Malfunctions + + +

+ Ignore signature_algorithm (TLS 1.2 extension) sent to + TLS 1.0 or TLS 1.1 server

+

+ Own Id: OTP-12670

+ + +
+ + +
Improvements and New Features + + +

+ Add new API functions to handle CRL-verification

+

+ Own Id: OTP-10362 Aux Id: kunagi-215 [126]

+ + +

+ Remove default support for SSL-3.0, due to Poodle + vunrability in protocol specification.

+

+ Add padding check for TLS-1.0 to remove Poodle + vunrability from TLS 1.0, also add the option + padding_check. This option only affects TLS-1.0 + connections and if set to false it disables the block + cipher padding check to be able to interoperate with + legacy software.

+

+ Remove default support for RC4 cipher suites, as they are + consider too weak.

+

+ *** POTENTIAL INCOMPATIBILITY ***

+

+ Own Id: OTP-12390

+ + +

+ Add support for TLS ALPN (Application-Layer Protocol + Negotiation) extension.

+

+ Own Id: OTP-12580

+ + +

+ Add SNI (Server Name Indication) support for the server + side.

+

+ Own Id: OTP-12736

+ + +
+ +
+ +
SSL 6.0
Fixed Bugs and Malfunctions -- cgit v1.2.3 From 9a81b28598fadc44bf506354c9227e41aac786f6 Mon Sep 17 00:00:00 2001 From: Henrik Nord Date: Wed, 13 May 2015 09:40:16 +0200 Subject: Revert "Prepare release" This reverts commit e09dd66dc4d89c62ddfd8c19791f9678d5d787c6. --- lib/ssl/doc/src/notes.xml | 63 +---------------------------------------------- 1 file changed, 1 insertion(+), 62 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index e0992d317c..352563700b 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -25,68 +25,7 @@ notes.xml

This document describes the changes made to the SSL application.

-
SSL 7.0 - -
Fixed Bugs and Malfunctions - - -

- Ignore signature_algorithm (TLS 1.2 extension) sent to - TLS 1.0 or TLS 1.1 server

-

- Own Id: OTP-12670

- - -
- - -
Improvements and New Features - - -

- Add new API functions to handle CRL-verification

-

- Own Id: OTP-10362 Aux Id: kunagi-215 [126]

- - -

- Remove default support for SSL-3.0, due to Poodle - vunrability in protocol specification.

-

- Add padding check for TLS-1.0 to remove Poodle - vunrability from TLS 1.0, also add the option - padding_check. This option only affects TLS-1.0 - connections and if set to false it disables the block - cipher padding check to be able to interoperate with - legacy software.

-

- Remove default support for RC4 cipher suites, as they are - consider too weak.

-

- *** POTENTIAL INCOMPATIBILITY ***

-

- Own Id: OTP-12390

- - -

- Add support for TLS ALPN (Application-Layer Protocol - Negotiation) extension.

-

- Own Id: OTP-12580

- - -

- Add SNI (Server Name Indication) support for the server - side.

-

- Own Id: OTP-12736

- - -
- -
- -
SSL 6.0 +
SSL 6.0
Fixed Bugs and Malfunctions -- cgit v1.2.3 From 3b46b3040b82436c904f497bd51cda79a181b500 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Wed, 13 May 2015 16:39:13 +0200 Subject: ssl: Align "=" sign in type declarations to decided policy --- lib/ssl/doc/src/ssl.xml | 12 ++++++------ lib/ssl/doc/src/ssl_crl_cache_api.xml | 8 ++++---- lib/ssl/doc/src/ssl_session_cache_api.xml | 20 ++++++++++---------- 3 files changed, 20 insertions(+), 20 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 8a0bf69be4..18d98e5efb 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -123,13 +123,13 @@ The callback gen_tcp is treated specially and calls inet directly.

- CallbackModule -

= atom()

 - DataTag -

= atom()

+ CallbackModule = +

atom()

 + DataTag = +

atom()

Used in socket data message.

 - ClosedTag -

= atom()

+ ClosedTag = +

atom()

Used in socket close message.

 diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml index 90aa895aff..9230442ae0 100644 --- a/lib/ssl/doc/src/ssl_crl_cache_api.xml +++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml @@ -47,10 +47,10 @@ - cache_ref() - = opaque() - dist_point() -

= #'DistributionPoint'{} see cache_ref() = + opaque() + dist_point() = +

#'DistributionPoint'{} see X509 certificates records

 diff --git a/lib/ssl/doc/src/ssl_session_cache_api.xml b/lib/ssl/doc/src/ssl_session_cache_api.xml index c89d3874a1..28b5f4ce23 100644 --- a/lib/ssl/doc/src/ssl_session_cache_api.xml +++ b/lib/ssl/doc/src/ssl_session_cache_api.xml @@ -40,20 +40,20 @@ ssl_session_cache_api:

- cache_ref() -

= opaque()

 + cache_ref() = +

opaque()

 - key() -

= {partialkey(), session_id()}

 + key() = +

{partialkey(), session_id()}

 - partialkey() -

= opaque()

 + partialkey() = +

opaque()

 - session_id() -

= binary()

 + session_id() = +

binary()

 - session() -

= opaque()

 + session() = +

opaque()
-- cgit v1.2.3 From 69f114203690b84d7261b68b1893cb578536eca9 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Mon, 1 Jun 2015 12:06:48 +0200 Subject: Update release notes --- lib/ssl/doc/src/notes.xml | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 352563700b..fe0606b1a3 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -25,7 +25,23 @@ notes.xml

This document describes the changes made to the SSL application.

-
SSL 6.0 +
SSL 6.0.1 + +
Fixed Bugs and Malfunctions + + +

+ Terminate gracefully when receving bad input to premaster + secret calculation

+

+ Own Id: OTP-12783

+ + +
+ +
+ +
SSL 6.0
Fixed Bugs and Malfunctions -- cgit v1.2.3 From 916226427901f40d695d0d7d91106b0188900055 Mon Sep 17 00:00:00 2001 From: Fred Hebert Date: Tue, 2 Jun 2015 10:51:22 -0400 Subject: Add disable client-initiated renegotiation option Client-initiated renegotiation is more costly for the server than the client, and this feature can be abused in denial of service attempts. Although the ssl application already takes counter-measure for these (via cooldown periods between renegotiations), it can be useful to disable the feature entirely. This patch adds the `{client_renegotiation, boolean()}' option to the server-side of the SSL application (defaulting to `true' to be compatible with the current behaviour). The option disables the ability to do any renegotiation at all in the protocol's state, reusing the existing denial code, but without opening the code path that sets up a timed message to eventually reopen it up. --- lib/ssl/doc/src/ssl.xml | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 0c042f8571..923ecdd618 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -514,6 +514,18 @@ fun(srp, Username :: string(), UserState :: term()) -> using negotiated_next_protocol/1 method. + {client_renegotiation, boolean()} + In protocols that support client-initiated renegotiation, the cost + of resources of such an operation is higher for the server than the + client. This can act as a vector for denial of service attacks. The SSL + application already takes measures to counter-act such attempts, + but client-initiated renegotiation can be stricly disabled by setting + this option to false. The default value is true. + Note that disabling renegotiation can result in long-lived connections + becoming unusable due to limits on the number of messages the underlying + cipher suite can encipher. + + {psk_identity, string()} Specifies the server identity hint the server presents to the client. -- cgit v1.2.3 From 738c34d4bb8f1a3811acd00af8c6c12107f8315b Mon Sep 17 00:00:00 2001 From: Bruce Yinhe Date: Thu, 18 Jun 2015 11:31:02 +0200 Subject: Change license text to APLv2 --- lib/ssl/doc/src/Makefile | 19 ++++++++++--------- lib/ssl/doc/src/book.xml | 21 +++++++++++---------- lib/ssl/doc/src/notes.xml | 21 +++++++++++---------- lib/ssl/doc/src/pkix_certs.xml | 21 +++++++++++---------- lib/ssl/doc/src/refman.xml | 19 ++++++++++--------- lib/ssl/doc/src/release_notes.xml | 21 +++++++++++---------- lib/ssl/doc/src/ssl.xml | 21 +++++++++++---------- lib/ssl/doc/src/ssl_app.xml | 19 ++++++++++--------- lib/ssl/doc/src/ssl_crl_cache.xml | 19 ++++++++++--------- lib/ssl/doc/src/ssl_crl_cache_api.xml | 19 ++++++++++--------- lib/ssl/doc/src/ssl_distribution.xml | 21 +++++++++++---------- lib/ssl/doc/src/ssl_introduction.xml | 19 ++++++++++--------- lib/ssl/doc/src/ssl_protocol.xml | 21 +++++++++++---------- lib/ssl/doc/src/ssl_session_cache_api.xml | 21 +++++++++++---------- lib/ssl/doc/src/usersguide.xml | 19 ++++++++++--------- lib/ssl/doc/src/using_ssl.xml | 21 +++++++++++---------- 16 files changed, 169 insertions(+), 153 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/Makefile b/lib/ssl/doc/src/Makefile index 143756bd39..669062779e 100644 --- a/lib/ssl/doc/src/Makefile +++ b/lib/ssl/doc/src/Makefile @@ -3,16 +3,17 @@ # # Copyright Ericsson AB 1999-2015. All Rights Reserved. # -# The contents of this file are subject to the Erlang Public License, -# Version 1.1, (the "License"); you may not use this file except in -# compliance with the License. You should have received a copy of the -# Erlang Public License along with this software. If not, it can be -# retrieved online at http://www.erlang.org/. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at # -# Software distributed under the License is distributed on an "AS IS" -# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See -# the License for the specific language governing rights and limitations -# under the License. +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # %CopyrightEnd% # diff --git a/lib/ssl/doc/src/book.xml b/lib/ssl/doc/src/book.xml index 317997b22b..a0890a028d 100644 --- a/lib/ssl/doc/src/book.xml +++ b/lib/ssl/doc/src/book.xml @@ -8,16 +8,17 @@ Ericsson AB. All Rights Reserved. - The contents of this file are subject to the Erlang Public License, - Version 1.1, (the "License"); you may not use this file except in - compliance with the License. You should have received a copy of the - Erlang Public License along with this software. If not, it can be - retrieved online at http://www.erlang.org/. - - Software distributed under the License is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See - the License for the specific language governing rights and limitations - under the License. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index fe0606b1a3..43ed006781 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -8,16 +8,17 @@ Ericsson AB. All Rights Reserved. - The contents of this file are subject to the Erlang Public License, - Version 1.1, (the "License"); you may not use this file except in - compliance with the License. You should have received a copy of the - Erlang Public License along with this software. If not, it can be - retrieved online at http://www.erlang.org/. - - Software distributed under the License is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See - the License for the specific language governing rights and limitations - under the License. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/lib/ssl/doc/src/pkix_certs.xml b/lib/ssl/doc/src/pkix_certs.xml index cfbc6b08d7..a5793af5ca 100644 --- a/lib/ssl/doc/src/pkix_certs.xml +++ b/lib/ssl/doc/src/pkix_certs.xml @@ -8,16 +8,17 @@ Ericsson AB. All Rights Reserved. - The contents of this file are subject to the Erlang Public License, - Version 1.1, (the "License"); you may not use this file except in - compliance with the License. You should have received a copy of the - Erlang Public License along with this software. If not, it can be - retrieved online at http://www.erlang.org/. - - Software distributed under the License is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See - the License for the specific language governing rights and limitations - under the License. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/lib/ssl/doc/src/refman.xml b/lib/ssl/doc/src/refman.xml index d5f2219af9..317da00414 100644 --- a/lib/ssl/doc/src/refman.xml +++ b/lib/ssl/doc/src/refman.xml @@ -8,16 +8,17 @@ Ericsson AB. All Rights Reserved. - The contents of this file are subject to the Erlang Public License, - Version 1.1, (the "License"); you may not use this file except in - compliance with the License. You should have received a copy of the - Erlang Public License along with this software. If not, it can be - retrieved online at http://www.erlang.org/. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 - Software distributed under the License is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See - the License for the specific language governing rights and limitations - under the License. + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/lib/ssl/doc/src/release_notes.xml b/lib/ssl/doc/src/release_notes.xml index 123e8e1451..4c9b18f900 100644 --- a/lib/ssl/doc/src/release_notes.xml +++ b/lib/ssl/doc/src/release_notes.xml @@ -8,16 +8,17 @@ Ericsson AB. All Rights Reserved. - The contents of this file are subject to the Erlang Public License, - Version 1.1, (the "License"); you may not use this file except in - compliance with the License. You should have received a copy of the - Erlang Public License along with this software. If not, it can be - retrieved online at http://www.erlang.org/. - - Software distributed under the License is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See - the License for the specific language governing rights and limitations - under the License. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 9122066787..f23b71e28b 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -8,16 +8,17 @@ Ericsson AB. All Rights Reserved. - The contents of this file are subject to the Erlang Public License, - Version 1.1, (the "License"); you may not use this file except in - compliance with the License. You should have received a copy of the - Erlang Public License along with this software. If not, it can be - retrieved online at http://www.erlang.org/. - - Software distributed under the License is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See - the License for the specific language governing rights and limitations - under the License. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. ssl diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index f17f5cb9fe..2b6dc7e8be 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -8,16 +8,17 @@ Ericsson AB. All Rights Reserved. - The contents of this file are subject to the Erlang Public License, - Version 1.1, (the "License"); you may not use this file except in - compliance with the License. You should have received a copy of the - Erlang Public License along with this software. If not, it can be - retrieved online at http://www.erlang.org/. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 - Software distributed under the License is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See - the License for the specific language governing rights and limitations - under the License. + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/lib/ssl/doc/src/ssl_crl_cache.xml b/lib/ssl/doc/src/ssl_crl_cache.xml index 83b03375b1..7a67de3971 100644 --- a/lib/ssl/doc/src/ssl_crl_cache.xml +++ b/lib/ssl/doc/src/ssl_crl_cache.xml @@ -8,16 +8,17 @@ Ericsson AB. All Rights Reserved. - The contents of this file are subject to the Erlang Public License, - Version 1.1, (the "License"); you may not use this file except in - compliance with the License. You should have received a copy of the - Erlang Public License along with this software. If not, it can be - retrieved online at http://www.erlang.org/. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 - Software distributed under the License is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See - the License for the specific language governing rights and limitations - under the License. + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. ssl_crl_cache ssl_crl_cache.xml diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml index 9230442ae0..71c1c61fe8 100644 --- a/lib/ssl/doc/src/ssl_crl_cache_api.xml +++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml @@ -8,16 +8,17 @@ Ericsson AB. All Rights Reserved. - The contents of this file are subject to the Erlang Public License, - Version 1.1, (the "License"); you may not use this file except in - compliance with the License. You should have received a copy of the - Erlang Public License along with this software. If not, it can be - retrieved online at http://www.erlang.org/. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 - Software distributed under the License is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See - the License for the specific language governing rights and limitations - under the License. + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. ssl_crl_cache_api ssl_crl_cache_api.xml diff --git a/lib/ssl/doc/src/ssl_distribution.xml b/lib/ssl/doc/src/ssl_distribution.xml index effb304938..a347ce5ae6 100644 --- a/lib/ssl/doc/src/ssl_distribution.xml +++ b/lib/ssl/doc/src/ssl_distribution.xml @@ -8,16 +8,17 @@ Ericsson AB. All Rights Reserved. - The contents of this file are subject to the Erlang Public License, - Version 1.1, (the "License"); you may not use this file except in - compliance with the License. You should have received a copy of the - Erlang Public License along with this software. If not, it can be - retrieved online at http://www.erlang.org/. - - Software distributed under the License is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See - the License for the specific language governing rights and limitations - under the License. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/lib/ssl/doc/src/ssl_introduction.xml b/lib/ssl/doc/src/ssl_introduction.xml index 64607a393a..d3e39dbb01 100644 --- a/lib/ssl/doc/src/ssl_introduction.xml +++ b/lib/ssl/doc/src/ssl_introduction.xml @@ -9,16 +9,17 @@ Ericsson AB, All Rights Reserved - The contents of this file are subject to the Erlang Public License, - Version 1.1, (the "License"); you may not use this file except in - compliance with the License. You should have received a copy of the - Erlang Public License along with this software. If not, it can be - retrieved online at http://www.erlang.org/. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 - Software distributed under the License is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See - the License for the specific language governing rights and limitations - under the License. + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. The Initial Developer of the Original Code is Ericsson AB. diff --git a/lib/ssl/doc/src/ssl_protocol.xml b/lib/ssl/doc/src/ssl_protocol.xml index cc49515066..31a22db58b 100644 --- a/lib/ssl/doc/src/ssl_protocol.xml +++ b/lib/ssl/doc/src/ssl_protocol.xml @@ -8,16 +8,17 @@ Ericsson AB. All Rights Reserved. - The contents of this file are subject to the Erlang Public License, - Version 1.1, (the "License"); you may not use this file except in - compliance with the License. You should have received a copy of the - Erlang Public License along with this software. If not, it can be - retrieved online at http://www.erlang.org/. - - Software distributed under the License is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See - the License for the specific language governing rights and limitations - under the License. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/lib/ssl/doc/src/ssl_session_cache_api.xml b/lib/ssl/doc/src/ssl_session_cache_api.xml index 28b5f4ce23..bd9330056d 100644 --- a/lib/ssl/doc/src/ssl_session_cache_api.xml +++ b/lib/ssl/doc/src/ssl_session_cache_api.xml @@ -8,16 +8,17 @@ Ericsson AB. All Rights Reserved. - The contents of this file are subject to the Erlang Public License, - Version 1.1, (the "License"); you may not use this file except in - compliance with the License. You should have received a copy of the - Erlang Public License along with this software. If not, it can be - retrieved online at http://www.erlang.org/. - - Software distributed under the License is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See - the License for the specific language governing rights and limitations - under the License. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. ssl diff --git a/lib/ssl/doc/src/usersguide.xml b/lib/ssl/doc/src/usersguide.xml index 6fce022507..7bd0ae5c4c 100644 --- a/lib/ssl/doc/src/usersguide.xml +++ b/lib/ssl/doc/src/usersguide.xml @@ -8,16 +8,17 @@ Ericsson AB. All Rights Reserved. - The contents of this file are subject to the Erlang Public License, - Version 1.1, (the "License"); you may not use this file except in - compliance with the License. You should have received a copy of the - Erlang Public License along with this software. If not, it can be - retrieved online at http://www.erlang.org/. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 - Software distributed under the License is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See - the License for the specific language governing rights and limitations - under the License. + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/lib/ssl/doc/src/using_ssl.xml b/lib/ssl/doc/src/using_ssl.xml index dbbc1aa9d3..b6a4bb5bec 100644 --- a/lib/ssl/doc/src/using_ssl.xml +++ b/lib/ssl/doc/src/using_ssl.xml @@ -8,16 +8,17 @@ Ericsson AB. All Rights Reserved. - The contents of this file are subject to the Erlang Public License, - Version 1.1, (the "License"); you may not use this file except in - compliance with the License. You should have received a copy of the - Erlang Public License along with this software. If not, it can be - retrieved online at http://www.erlang.org/. - - Software distributed under the License is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See - the License for the specific language governing rights and limitations - under the License. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. -- cgit v1.2.3 From 2955ddebc32837b66d9bacb4e925ad0ed0033168 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Tue, 23 Jun 2015 10:24:26 +0200 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 83 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 82 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 43ed006781..b87b1b4fa7 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -26,7 +26,88 @@ notes.xml

This document describes the changes made to the SSL application.

-
SSL 6.0.1 +
SSL 7.0 + +
Fixed Bugs and Malfunctions + + +

+ Ignore signature_algorithm (TLS 1.2 extension) sent to + TLS 1.0 or TLS 1.1 server

+

+ Own Id: OTP-12670

+ + +

+ Improve error handling in TLS distribution module to + avoid lingering sockets.

+

+ Own Id: OTP-12799 Aux Id: Tom Briden

+ + +

+ Add option {client_renegotiation, boolean()} option to + the server-side of the SSL application.

+

+ Own Id: OTP-12815

+ + +

+ Gracefully ignore proprietary hash_sign algorithms

+

+ Own Id: OTP-12829

+ + +
+ + +
Improvements and New Features + + +

+ Add new API functions to handle CRL-verification

+

+ Own Id: OTP-10362 Aux Id: kunagi-215 [126]

+ + +

+ Remove default support for SSL-3.0, due to Poodle + vunrability in protocol specification.

+

+ Add padding check for TLS-1.0 to remove Poodle + vunrability from TLS 1.0, also add the option + padding_check. This option only affects TLS-1.0 + connections and if set to false it disables the block + cipher padding check to be able to interoperate with + legacy software.

+

+ Remove default support for RC4 cipher suites, as they are + consider too weak.

+

+ *** POTENTIAL INCOMPATIBILITY ***

+

+ Own Id: OTP-12390

+ + +

+ Add support for TLS ALPN (Application-Layer Protocol + Negotiation) extension.

+

+ Own Id: OTP-12580

+ + +

+ Add SNI (Server Name Indication) support for the server + side.

+

+ Own Id: OTP-12736

+ + +
+ +
+ +
SSL 6.0.1
Fixed Bugs and Malfunctions -- cgit v1.2.3 From b71856c612f82a44400f85d8fd2eafcf446202c5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eric=20Meadows-J=C3=B6nsson?= Date: Thu, 25 Jun 2015 11:29:54 +0200 Subject: Fix formatting of depth option --- lib/ssl/doc/src/ssl.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index f23b71e28b..52d68c1b4a 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -88,7 +88,8 @@

{verify, verify_type()}

| {verify_fun, {fun(), term()}}

-

| {fail_if_no_peer_cert, boolean()} {depth, integer()}

+

| {fail_if_no_peer_cert, boolean()}

+

| {depth, integer()}

| {cert, public_key:der_encoded()}

| {certfile, path()}

| {key, {'RSAPrivateKey'| 'DSAPrivateKey' | 'ECPrivateKey' -- cgit v1.2.3 From 85524e912e645d528ecd601aaaf8b1697ec92114 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Wed, 19 Aug 2015 17:07:48 +0200 Subject: ssl: Remove duplicate documentation Correct merge that went wrong. --- lib/ssl/doc/src/ssl.xml | 5 ----- 1 file changed, 5 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 52d68c1b4a..6c977bdb74 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -664,11 +664,6 @@ fun(srp, Username :: string(), UserState :: term()) -> cipher suite can encipher. - {psk_identity, string()} - Specifies the server identity hint the server presents to the client. - - {log_alert, boolean()} - If false, error reports will not be displayed. {honor_cipher_order, boolean()} If true, use the server's preference for cipher selection. If false (the default), use the client's preference. -- cgit v1.2.3 From 1b06210c16465bcb995b0a54ba1b24ef1de3c5a4 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Tue, 25 Aug 2015 18:19:38 +0200 Subject: ssl: Improve shutdown logic Add possibility to downgrade an SSL/TLS connection to a tcp connection, and give back the socket control to a user process. Add application setting to be able to change fatal alert shutdown timeout, also shorten the default timeout. The fatal alert timeout is the number of milliseconds between sending of a fatal alert and closing the connection. Waiting a little while improves the peers chances to properly receiving the alert so it may shutdown gracefully. --- lib/ssl/doc/src/ssl.xml | 15 +++++++++++++++ lib/ssl/doc/src/ssl_app.xml | 11 +++++++++++ 2 files changed, 26 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 6c977bdb74..22ac98c24e 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -765,6 +765,21 @@ fun(srp, Username :: string(), UserState :: term()) -> + + close(SslSocket, How) -> ok | {ok, port()} | {error, Reason} + Closes an SSL connection. + + SslSocket = sslsocket() + How = timeout() | {NewController::pid(), timeout()} + Reason = term() + +

Closes or downgrades an SSL connection, in the later case the transport + connection will be handed over to the NewController process after reciving + the TLS close alert from the peer. The retuned transport socket will have + the following options set [{active, false}, {packet, 0}, {mode, binary}].

+ + + connection_info(SslSocket) -> {ok, {ProtocolVersion, CipherSuite}} | {error, Reason} diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index 2b6dc7e8be..51ce0cedf1 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -87,6 +87,17 @@ marker="ssl#clear_pem_cache-0">ssl:clear_pem_cache/0 + ]]> + +

+ Number of milliseconds between sending of a fatal alert and + closing the connection. Waiting a little while improves the + peers chances to properly receiving the alert so it may + shutdown gracefully. Defaults to 5000 milliseconds. +

+ + +
-- cgit v1.2.3 From 6738d356a279835222b951fd213ed4cf9897eb7e Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Mon, 21 Sep 2015 17:09:23 +0200 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 58 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 57 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index b87b1b4fa7..6faa3d5f9a 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -26,7 +26,63 @@ notes.xml

This document describes the changes made to the SSL application.

-
SSL 7.0 +
SSL 7.1 + +
Fixed Bugs and Malfunctions + + +

+ Add DER encoded ECPrivateKey as valid input format for + key option.

+

+ Own Id: OTP-12974

+ + +

+ Correct return value of default session callback module

+

+ This error had the symptom that the client check for + unique session would always fail, potentially making the + client session table grow a lot and causing long setup + times.

+

+ Own Id: OTP-12980

+ + +
+ + +
Improvements and New Features + + +

+ Add possibility to downgrade an SSL/TLS connection to a + tcp connection, and give back the socket control to a + user process.

+

+ This also adds the possibility to specify a timeout to + the ssl:close function.

+

+ Own Id: OTP-11397

+ + +

+ Add application setting to be able to change fatal alert + shutdown timeout, also shorten the default timeout. The + fatal alert timeout is the number of milliseconds between + sending of a fatal alert and closing the connection. + Waiting a little while improves the peers chances to + properly receiving the alert so it may shutdown + gracefully.

+

+ Own Id: OTP-12832

+ + +
+ +
+ +
SSL 7.0
Fixed Bugs and Malfunctions -- cgit v1.2.3 From a2ba44595027e09fb562aaede5651d4397bfd23a Mon Sep 17 00:00:00 2001 From: Magnus Henoch Date: Tue, 1 Dec 2015 16:00:54 +0000 Subject: Fix typos in ssl.xml --- lib/ssl/doc/src/ssl.xml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 22ac98c24e..100e0e7cbd 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -245,7 +245,7 @@ RFC 5746. By default secure_renegotiate is set to false, that is, secure renegotiation is used if possible, - but it fallback to unsecure renegotiation if the peer + but it falls back to insecure renegotiation if the peer does not support RFC 5746.

@@ -331,7 +331,7 @@ atom()}} | unknown_ca

No trusted CA was found in the trusted store. The trusted CA is normally a so called ROOT CA, which is a self-signed certificate. Trust can - be claimed for an intermediat CA (trusted anchor does not have to be + be claimed for an intermediate CA (trusted anchor does not have to be self-signed according to X-509) by using option partial_chain.

 @@ -376,7 +376,7 @@ marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_valid {http, timeout()}

Enables fetching of CRLs specified as http URIs in X509 cerificate extensions. + marker="public_key:public_key_records"> X509 certificate extensions. Requires the OTP inets application.

 @@ -636,14 +636,14 @@ fun(srp, Username :: string(), UserState :: term()) -> {sni_hosts, [{hostname(), ssloptions()}]}

If the server receives a SNI (Server Name Indication) from the client - matching a host listed in the sni_hosts option, the speicific options for + matching a host listed in the sni_hosts option, the specific options for that host will override previously specified options. The option sni_fun, and sni_hosts are mutually exclusive.

 {sni_fun, SNIfun::fun()}

If the server receives a SNI (Server Name Indication) from the client, - the given function will be called to retrive ssloptions() for indicated server. + the given function will be called to retrieve ssloptions() for the indicated server. These options will be merged into predefined ssloptions(). The function should be defined as: @@ -657,7 +657,7 @@ fun(srp, Username :: string(), UserState :: term()) -> of resources of such an operation is higher for the server than the client. This can act as a vector for denial of service attacks. The SSL application already takes measures to counter-act such attempts, - but client-initiated renegotiation can be stricly disabled by setting + but client-initiated renegotiation can be strictly disabled by setting this option to false. The default value is true. Note that disabling renegotiation can result in long-lived connections becoming unusable due to limits on the number of messages the underlying @@ -773,10 +773,10 @@ fun(srp, Username :: string(), UserState :: term()) -> How = timeout() | {NewController::pid(), timeout()} Reason = term() -

Closes or downgrades an SSL connection, in the later case the transport - connection will be handed over to the NewController process after reciving - the TLS close alert from the peer. The retuned transport socket will have - the following options set [{active, false}, {packet, 0}, {mode, binary}].

+

Closes or downgrades an SSL connection. In the latter case the transport + connection will be handed over to the NewController process after receiving + the TLS close alert from the peer. The returned transport socket will have + the following options set: [{active, false}, {packet, 0}, {mode, binary}]

 @@ -843,7 +843,7 @@ fun(srp, Username :: string(), UserState :: term()) -> Reason = term()

Returns the connection information you requested. The connection information you can request contains protocol, cipher_suite, and sni_hostname. - {ok, Info} will be returned if it executes sucessfully. The Info is a proplists containing the information you requested. + {ok, Info} will be returned if it executes successfully. Info is a proplist containing the information you requested. Otherwise, {error, Reason} will be returned.

 -- cgit v1.2.3 From ad50eefb67a69d755d46126bf5e436bf85644c8b Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Thu, 3 Dec 2015 11:11:17 +0100 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index fe0606b1a3..14df10b571 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -25,7 +25,22 @@ notes.xml

This document describes the changes made to the SSL application.

-
SSL 6.0.1 +
SSL 6.0.1.1 + +
Fixed Bugs and Malfunctions + + +

+ Gracefully ignore proprietary hash_sign algorithms

+

+ Own Id: OTP-13151

+ + +
+ +
+ +
SSL 6.0.1
Fixed Bugs and Malfunctions -- cgit v1.2.3 From 42b8a29dbae1d626f32bc16dd81a129caf741138 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Mon, 16 Nov 2015 21:58:36 +0100 Subject: ssl: Add upper limit for session cache If upper limit is reached invalidate the current cache entries, e.i the session lifetime is the max time a session will be keept, but it may be invalidated earlier if the max limit for the table is reached. This will keep the ssl manager process well behaved, not exhusting memeory. Invalidating the entries will incrementally empty the cache to make room for fresh sessions entries. --- lib/ssl/doc/src/ssl_app.xml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index 51ce0cedf1..257175a33f 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -66,7 +66,7 @@ to ssl:connect/[2,3] and ssl:listen/2.

]]> -

Lifetime of the session data in seconds.

 +

Maximum lifetime of the session data in seconds.

 ]]>

Name of the session cache callback module that implements @@ -77,6 +77,13 @@

List of extra user-defined arguments to the init function in the session cache callback module. Defaults to [].

 + + ]]> + ]]> +

Limits the growth of the clients/servers session cache, + if the maximum number of sessions is reached, the current cache entries will + be invalidated regardless of their remaining lifetime. Defaults to 1000. +

]]> -- cgit v1.2.3 From 55569124ac815eedc21c234c447e346b97f3c8fe Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Mon, 7 Dec 2015 10:31:35 +0100 Subject: ssl: Fix documentation mistakes --- lib/ssl/doc/src/ssl.xml | 4 ++-- lib/ssl/doc/src/ssl_app.xml | 9 ++++++--- 2 files changed, 8 insertions(+), 5 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 22ac98c24e..3a541ed162 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -84,7 +84,7 @@ gen_tcp(3) manual pages in Kernel.

 - ssloption() = + ssloption() =

{verify, verify_type()}

| {verify_fun, {fun(), term()}}

@@ -160,7 +160,7 @@ sslsocket() =

opaque()

 - protocol() = + protocol() =

sslv3 | tlsv1 | 'tlsv1.1' | 'tlsv1.2'

 ciphers() = diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index 257175a33f..24b0f5300e 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -58,7 +58,7 @@

erl -ssl protocol_version "['tlsv1.2', 'tlsv1.1']"

- ssl:protocol() ]]>. + protocol_version = ssl:protocol() ]]>

Protocol supported by started clients and servers. If this option is not set, it defaults to all protocols currently supported by the SSL application. @@ -71,7 +71,7 @@ ]]>

Name of the session cache callback module that implements the ssl_session_cache_api behavior. Defaults to - ssl_session_cache.erl.

 + ssl_session_cache.

 ]]> @@ -110,7 +110,10 @@
ERROR LOGGER AND EVENT HANDLERS -

The SSL application uses the default OTP error logger to log unexpected errors and TLS alerts. The logging of TLS alerts may be turned off with the log_alert option.

+

The SSL application uses the default OTP error logger to log + unexpected errors and TLS alerts. The logging of TLS alerts may be + turned off with the log_alert option.

-- cgit v1.2.3 From 8edbf8309fe6f095d43cc4bbc3eceaa81823c7f4 Mon Sep 17 00:00:00 2001 From: Lars Thorsen Date: Thu, 10 Dec 2015 07:17:20 +0100 Subject: [ssl] Correct the documentation so it follows the DTD --- lib/ssl/doc/src/ssl.xml | 5 ++--- lib/ssl/doc/src/ssl_app.xml | 6 +++--- lib/ssl/doc/src/ssl_crl_cache_api.xml | 6 +++--- lib/ssl/doc/src/ssl_session_cache_api.xml | 10 +++++++--- 4 files changed, 15 insertions(+), 12 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 3a541ed162..32c80b3f00 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -480,8 +480,8 @@ fun(srp, Username :: string(), UserState :: term()) ->

The negotiated protocol can be retrieved using the negotiated_protocol/1 function.

- {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()]}} - {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()], Default :: binary()}} + {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()]}}
+ {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()], Default :: binary()}}

Indicates that the client is to try to perform Next Protocol Negotiation.

@@ -538,7 +538,6 @@ fun(srp, Username :: string(), UserState :: term()) -> be supported by the server for the prevention to work.

-
diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index 24b0f5300e..1e3a1101ed 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -58,7 +58,7 @@

erl -ssl protocol_version "['tlsv1.2', 'tlsv1.1']"

- protocol_version = ssl:protocol() ]]> + protocol_version = ssl:protocol()]]>

Protocol supported by started clients and servers. If this option is not set, it defaults to all protocols currently supported by the SSL application. @@ -78,8 +78,8 @@

List of extra user-defined arguments to the init function in the session cache callback module. Defaults to [].

 - ]]> - ]]> + ]]>
+ ]]>

Limits the growth of the clients/servers session cache, if the maximum number of sessions is reached, the current cache entries will be invalidated regardless of their remaining lifetime. Defaults to 1000. diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml index 71c1c61fe8..03ac010bfe 100644 --- a/lib/ssl/doc/src/ssl_crl_cache_api.xml +++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml @@ -84,9 +84,9 @@ CRLs = [public_key:der_encoded()] -

Lookup the CRLs belonging to the distribution point Distributionpoint.

+

Lookup the CRLs belonging to the distribution point Distributionpoint. This function may choose to only look in the cache or to follow distribution point - links depending on how the cache is administrated. + links depending on how the cache is administrated.

@@ -103,4 +103,4 @@ - \ No newline at end of file + diff --git a/lib/ssl/doc/src/ssl_session_cache_api.xml b/lib/ssl/doc/src/ssl_session_cache_api.xml index bd9330056d..b85d8fb284 100644 --- a/lib/ssl/doc/src/ssl_session_cache_api.xml +++ b/lib/ssl/doc/src/ssl_session_cache_api.xml @@ -31,9 +31,13 @@ ssl_session_cache_api TLS session cache API - Defines the API for the TLS session cache so - that the data storage scheme can be replaced by - defining a new callback module implementing this API. + +

+ Defines the API for the TLS session cache so + that the data storage scheme can be replaced by + defining a new callback module implementing this API. +

+
DATA TYPES -- cgit v1.2.3 From b1a1b4e8dc1929d438964017cec71869e8e24337 Mon Sep 17 00:00:00 2001 From: Lars Thorsen Date: Thu, 10 Dec 2015 09:40:34 +0100 Subject: [ssl] Moved description details to man(6) page --- lib/ssl/doc/src/ssl.xml | 36 ++++++------------------------------ lib/ssl/doc/src/ssl_app.xml | 28 +++++++++++++++++++++++++++- 2 files changed, 33 insertions(+), 31 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 32c80b3f00..bf87644116 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -31,37 +31,13 @@ ssl Interface Functions for Secure Socket Layer -

This module contains interface functions for the SSL.

+

+ This module contains interface functions for the SSL/TLS protocol. + For detailed information about the supported standards see + ssl(6). +

- -
- SSL - - - For application dependencies see ssl(6) - Supported SSL/TLS-versions are SSL-3.0, TLS-1.0, - TLS-1.1, and TLS-1.2. - For security reasons SSL-2.0 is not supported. - For security reasons SSL-3.0 is no longer supported by default, - but can be configured. - Ephemeral Diffie-Hellman cipher suites are supported, - but not Diffie Hellman Certificates cipher suites. - Elliptic Curve cipher suites are supported if the Crypto - application supports it and named curves are used. - - Export cipher suites are not supported as the - U.S. lifted its export restrictions in early 2000. - IDEA cipher suites are not supported as they have - become deprecated by the latest TLS specification so it is not - motivated to implement them. - CRL validation is supported. - Policy certificate extensions are not supported. - 'Server Name Indication' extension client side - (RFC 6066, Section 3) is supported. - - -
- +
DATA TYPES

The following data types are used in the functions for SSL:

diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index 1e3a1101ed..6c82e32a74 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -33,7 +33,33 @@ The ssl application provides secure communication over sockets. - + +

+ The ssl application is an implementation of the SSL/TLS protocol in Erlang. +

+ + Supported SSL/TLS-versions are SSL-3.0, TLS-1.0, + TLS-1.1, and TLS-1.2. + For security reasons SSL-2.0 is not supported. + For security reasons SSL-3.0 is no longer supported by default, + but can be configured. + Ephemeral Diffie-Hellman cipher suites are supported, + but not Diffie Hellman Certificates cipher suites. + Elliptic Curve cipher suites are supported if the Crypto + application supports it and named curves are used. + + Export cipher suites are not supported as the + U.S. lifted its export restrictions in early 2000. + IDEA cipher suites are not supported as they have + become deprecated by the latest TLS specification so it is not + motivated to implement them. + CRL validation is supported. + Policy certificate extensions are not supported. + 'Server Name Indication' extension client side + (RFC 6066, Section 3) is supported. + + +
DEPENDENCIES

The SSL application uses the public_key and -- cgit v1.2.3 From f4a0ae1736216feac5ae053610644bba2e12ed34 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Tue, 15 Dec 2015 09:45:27 +0100 Subject: Update release notes --- lib/ssl/doc/src/notes.xml | 88 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 4d4a219b4f..61d1c8355a 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -28,6 +28,94 @@

This document describes the changes made to the SSL application.

+
SSL 7.2 + +
Fixed Bugs and Malfunctions + + +

+ Honor distribution port range options

+

+ Own Id: OTP-12838

+ + +

+ Correct supervisor specification in TLS distribution.

+

+ Own Id: OTP-13134

+ + +

+ Correct cache timeout

+

+ Own Id: OTP-13141

+ + +

+ Avoid crash and restart of ssl process when key file does + not exist.

+

+ Own Id: OTP-13144

+ + +

+ Enable passing of raw socket options on the format + {raw,_,_,_} to the underlying socket.

+

+ Own Id: OTP-13166

+ + +

+ Hibernation with small or a zero timeout will now work as + expected

+

+ Own Id: OTP-13189

+ + +
+ + +
Improvements and New Features + + +

+ Add upper limit for session cache, configurable on ssl + application level.

+

+ If upper limit is reached, invalidate the current cache + entries, e.i the session lifetime is the max time a + session will be keept, but it may be invalidated earlier + if the max limit for the table is reached. This will keep + the ssl manager process well behaved, not exhusting + memeory. Invalidating the entries will incrementally + empty the cache to make room for fresh sessions entries.

+

+ Own Id: OTP-12392

+ + +

+ Use new time functions to measure passed time.

+

+ Own Id: OTP-12457

+ + +

+ Improved error handling in TLS distribution

+

+ Own Id: OTP-13142

+ + +

+ Distribution over TLS now honors the nodelay distribution + flag

+

+ Own Id: OTP-13143

+ + +
+ +
+
SSL 7.1
Fixed Bugs and Malfunctions -- cgit v1.2.3 From fac6b24525a1e5f3e50ee9cbdb4daae2ea457f51 Mon Sep 17 00:00:00 2001 From: Magnus Henoch Date: Fri, 13 Nov 2015 18:26:47 +0000 Subject: Add inet6_tls_dist, for TLS distribution over IPv6 Generalise much of inet_tls_dist, so that inet6_tls_dist can reuse it. --- lib/ssl/doc/src/ssl_distribution.xml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl_distribution.xml b/lib/ssl/doc/src/ssl_distribution.xml index a347ce5ae6..dc04d446b0 100644 --- a/lib/ssl/doc/src/ssl_distribution.xml +++ b/lib/ssl/doc/src/ssl_distribution.xml @@ -271,4 +271,27 @@ Eshell V5.0 (abort with ^G)

The init:get_arguments() call verifies that the correct arguments are supplied to the emulator.

+ +
+ Using SSL distribution over IPv6 +

It is possible to use SSL distribution over IPv6 instead of + IPv4. To do this, pass the option -proto_dist inet6_tls + instead of -proto_dist inet_tls when starting Erlang, + either on the command line or in the ERL_FLAGS environment + variable.

+ +

An example command line with this option would look like this:

+ +$ erl -boot /home/me/ssl/start_ssl -proto_dist inet6_tls + -ssl_dist_opt server_certfile "/home/me/ssl/erlserver.pem" + -ssl_dist_opt server_secure_renegotiate true client_secure_renegotiate true + -sname ssl_test +Erlang (BEAM) emulator version 5.0 [source] + +Eshell V5.0 (abort with ^G) +(ssl_test@myhost)1> + +

A node started in this way will only be able to communicate with + other nodes using SSL distribution over IPv6.

+
-- cgit v1.2.3 From a567dca5ea418a0aaaed8fb4359032b11f28cccd Mon Sep 17 00:00:00 2001 From: Magnus Henoch Date: Fri, 29 Jan 2016 18:47:43 +0000 Subject: ssl: with verify_none, accept critical extensions When establishing a TLS connection with {verify, verify_none}, if the server has a certificate with a critical extension, for example a "Netscape Cert Type" extension, certificate verification would fail, which is surprising given that the name of the option suggests that no verification would be performed. With this change, certificate extensions marked as critical are ignored when using verify_none. --- lib/ssl/doc/src/ssl.xml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index bf87644116..ca5d2afc24 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -269,7 +269,11 @@ atom()}} | terminate regarding verification failures and the connection is established.

If called with an extension unknown to the user application, - return value {unknown, UserState} is to be used.

 + return value {unknown, UserState} is to be used.

+ +

Note that if the fun returns unknown for an extension marked + as critical, validation will fail.

+

Default option verify_fun in verify_peer mode:

@@ -291,6 +295,8 @@ atom()}} | {fun(_,{bad_cert, _}, UserState) -> {valid, UserState}; + (_,{extension, #'Extension'{critical = true}}, UserState) -> + {valid, UserState}; (_,{extension, _}, UserState) -> {unknown, UserState}; (_, valid, UserState) -> -- cgit v1.2.3 From f5f72324dc1750bb849edda895afc6a5986d4ff6 Mon Sep 17 00:00:00 2001 From: Magnus Henoch Date: Tue, 1 Dec 2015 16:00:54 +0000 Subject: Fix typos in ssl.xml --- lib/ssl/doc/src/ssl.xml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index bf87644116..aaf03d1cd8 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -221,7 +221,7 @@ RFC 5746. By default secure_renegotiate is set to false, that is, secure renegotiation is used if possible, - but it fallback to unsecure renegotiation if the peer + but it falls back to insecure renegotiation if the peer does not support RFC 5746.

@@ -307,7 +307,7 @@ atom()}} | unknown_ca

No trusted CA was found in the trusted store. The trusted CA is normally a so called ROOT CA, which is a self-signed certificate. Trust can - be claimed for an intermediat CA (trusted anchor does not have to be + be claimed for an intermediate CA (trusted anchor does not have to be self-signed according to X-509) by using option partial_chain.

 @@ -352,7 +352,7 @@ marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_valid {http, timeout()}

Enables fetching of CRLs specified as http URIs in X509 cerificate extensions. + marker="public_key:public_key_records"> X509 certificate extensions. Requires the OTP inets application.

 @@ -611,14 +611,14 @@ fun(srp, Username :: string(), UserState :: term()) -> {sni_hosts, [{hostname(), ssloptions()}]}

If the server receives a SNI (Server Name Indication) from the client - matching a host listed in the sni_hosts option, the speicific options for + matching a host listed in the sni_hosts option, the specific options for that host will override previously specified options. The option sni_fun, and sni_hosts are mutually exclusive.

 {sni_fun, SNIfun::fun()}

If the server receives a SNI (Server Name Indication) from the client, - the given function will be called to retrive ssloptions() for indicated server. + the given function will be called to retrieve ssloptions() for the indicated server. These options will be merged into predefined ssloptions(). The function should be defined as: @@ -632,7 +632,7 @@ fun(srp, Username :: string(), UserState :: term()) -> of resources of such an operation is higher for the server than the client. This can act as a vector for denial of service attacks. The SSL application already takes measures to counter-act such attempts, - but client-initiated renegotiation can be stricly disabled by setting + but client-initiated renegotiation can be strictly disabled by setting this option to false. The default value is true. Note that disabling renegotiation can result in long-lived connections becoming unusable due to limits on the number of messages the underlying @@ -748,10 +748,10 @@ fun(srp, Username :: string(), UserState :: term()) -> How = timeout() | {NewController::pid(), timeout()} Reason = term() -

Closes or downgrades an SSL connection, in the later case the transport - connection will be handed over to the NewController process after reciving - the TLS close alert from the peer. The retuned transport socket will have - the following options set [{active, false}, {packet, 0}, {mode, binary}].

+

Closes or downgrades an SSL connection. In the latter case the transport + connection will be handed over to the NewController process after receiving + the TLS close alert from the peer. The returned transport socket will have + the following options set: [{active, false}, {packet, 0}, {mode, binary}]

 @@ -818,7 +818,7 @@ fun(srp, Username :: string(), UserState :: term()) -> Reason = term()

Returns the connection information you requested. The connection information you can request contains protocol, cipher_suite, and sni_hostname. - {ok, Info} will be returned if it executes sucessfully. The Info is a proplists containing the information you requested. + {ok, Info} will be returned if it executes successfully. Info is a proplist containing the information you requested. Otherwise, {error, Reason} will be returned.

 -- cgit v1.2.3 From 3db7370a556d0dd064f005fd745bdbf50840eda1 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Fri, 5 Feb 2016 15:56:47 +0100 Subject: ssl: Remove DES ciphers from default configuration DES is not considered secure. Also correct 'Server Name Indication' support description. --- lib/ssl/doc/src/ssl_app.xml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index 6c82e32a74..d05ece3971 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -43,6 +43,8 @@ For security reasons SSL-2.0 is not supported. For security reasons SSL-3.0 is no longer supported by default, but can be configured. + For security reasons DES cipher suites are no longer supported by default, + but can be configured. Ephemeral Diffie-Hellman cipher suites are supported, but not Diffie Hellman Certificates cipher suites. Elliptic Curve cipher suites are supported if the Crypto @@ -55,8 +57,8 @@ motivated to implement them. CRL validation is supported. Policy certificate extensions are not supported. - 'Server Name Indication' extension client side - (RFC 6066, Section 3) is supported. + 'Server Name Indication' extension + (RFC 6066) is supported. -- cgit v1.2.3 From 88021d58ff1c5b92689b100d1288ef7d3185233f Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Mon, 1 Feb 2016 21:15:45 +0100 Subject: ssl: Include options form connect/listen/accept in connection_information/[1,2] Make sure that options only relevant for one role (client|server) is set to undefined when the other role is invoked. As there are many options to ssl, and many are optional, we choose to filter out all undefined options to avoid overwhelming the user with not relevant information. This way there is no need for any special handling of the role specific options which is also nice. --- lib/ssl/doc/src/ssl.xml | 57 ++++++++++++++++++------------------------------- 1 file changed, 21 insertions(+), 36 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index aaf03d1cd8..d3881ad117 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -144,7 +144,9 @@

According to old API.

 ciphersuite() = -

{key_exchange(), cipher(), hash()}

 + +

{key_exchange(), cipher(), MAC::hash()} | + {key_exchange(), cipher(), MAC::hash(), PRF::hash()}

 key_exchange()=

rsa | dhe_dss | dhe_rsa | dh_anon | psk | dhe_psk @@ -156,7 +158,7 @@ | aes_128_cbc | aes_256_cbc | aes_128_gcm | aes_256_gcm

 hash() = -

md5 | sha

 +

md5 | sha | sha224 | sha256 | sha348 | sha512

 prf_random() =

client_random | server_random

 @@ -754,20 +756,7 @@ fun(srp, Username :: string(), UserState :: term()) -> the following options set: [{active, false}, {packet, 0}, {mode, binary}]

- - - connection_info(SslSocket) -> - {ok, {ProtocolVersion, CipherSuite}} | {error, Reason} - Returns the Negotiated Protocol version and cipher suite. - - - CipherSuite = ciphersuite() - ProtocolVersion = protocol() - -

Returns the Negotiated Protocol version and cipher suite.

- - - + controlling_process(SslSocket, NewOwner) -> ok | {error, Reason} @@ -786,40 +775,36 @@ fun(srp, Username :: string(), UserState :: term()) -> connection_information(SslSocket) -> - {ok, Info} | {error, Reason} + {ok, Result} | {error, Reason} Returns all the connection information. - Info = [InfoTuple] - InfoTuple = {protocol, Protocol} | {cipher_suite, CipherSuite} | {sni_hostname, SNIHostname} - CipherSuite = ciphersuite() - ProtocolVersion = protocol() - SNIHostname = string() + Item = protocol | cipher_suite | sni_hostname | atom() + Meaningful atoms, not specified above, are the ssl option names. + Result = [{Item::atom(), Value::term()}] Reason = term() -

Return all the connection information containing negotiated protocol version, cipher suite, and the hostname of SNI extension. - Info will be a proplists containing all the connection information on success, otherwise {error, Reason} will be returned.

+

Returns all relevant information about the connection, ssl options that + are undefined will be filtered out.

 connection_information(SslSocket, Items) -> - {ok, Info} | {error, Reason} + {ok, Result} | {error, Reason} Returns the requested connection information. - Items = [Item] - Item = protocol | cipher_suite | sni_hostname - Info = [InfoTuple] - InfoTuple = {protocol, Protocol} | {cipher_suite, CipherSuite} | {sni_hostname, SNIHostname} - CipherSuite = ciphersuite() - ProtocolVersion = protocol() - SNIHostname = string() + Items = [Item] + Item = protocol | cipher_suite | sni_hostname | atom() + Meaningful atoms, not specified above, are the ssl option names. + Result = [{Item::atom(), Value::term()}] Reason = term() -

Returns the connection information you requested. The connection information you can request contains protocol, cipher_suite, and sni_hostname. - {ok, Info} will be returned if it executes successfully. Info is a proplist containing the information you requested. - Otherwise, {error, Reason} will be returned.

+

Returns the requested information items about the connection, + if they are defined.

+

If only undefined options are requested the + resulting list can be empty.

 @@ -1146,7 +1131,7 @@ fun(srp, Username :: string(), UserState :: term()) -> listen/2, and ssl_accept/[1,2,3]. For the negotiated TLS/SSL version, see ssl:connection_info/1 + marker="#connection_information-1">ssl:connection_information/1 . available -- cgit v1.2.3 From 0f8afe80c6582f7affd17f36dc9cb48cc7946713 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Mon, 14 Mar 2016 10:46:23 +0100 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 118 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 118 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 61d1c8355a..e5070bc247 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -28,6 +28,124 @@

This document describes the changes made to the SSL application.

+
SSL 7.3 + +
Fixed Bugs and Malfunctions + + +

+ Make sure there is only one poller validator at a time + for validating the session cache.

+

+ Own Id: OTP-13185

+ + +

+ A timing related issue could cause ssl to hang, + especially happened with newer versions of OpenSSL in + combination with ECC ciphers.

+

+ Own Id: OTP-13253

+ + +

+ Work around a race condition in the TLS distribution + start.

+

+ Own Id: OTP-13268

+ + +

+ Big handshake messages are now correctly fragmented in + the TLS record layer.

+

+ Own Id: OTP-13306

+ + +

+ Improve portability of ECC tests in Crypto and SSL for + "exotic" OpenSSL versions.

+

+ Own Id: OTP-13311

+ + +

+ Certificate extensions marked as critical are ignored + when using verify_none

+

+ Own Id: OTP-13377

+ + +

+ If a certificate doesn't contain a CRL Distribution + Points extension, and the relevant CRL is not in the + cache, and the crl_check option is not set to + best_effort , the revocation check should fail.

+

+ Own Id: OTP-13378

+ + +

+ Enable TLS distribution over IPv6

+

+ Own Id: OTP-13391

+ + +
+ + +
Improvements and New Features + + +

+ Improve error reporting for TLS distribution

+

+ Own Id: OTP-13219

+ + +

+ Include options from connect, listen and accept in + connection_information/1,2

+

+ Own Id: OTP-13232

+ + +

+ Allow adding extra options for outgoing TLS distribution + connections, as supported for plain TCP connections.

+

+ Own Id: OTP-13285

+ + +

+ Use loopback as server option in TLS-distribution module

+

+ Own Id: OTP-13300

+ + +

+ Verify certificate signature against original certificate + binary.

+

+ This avoids bugs due to encoding errors when re-encoding + a decode certificate. As there exists several decode step + and using of different ASN.1 specification this is a risk + worth avoiding.

+

+ Own Id: OTP-13334

+ + +

+ Use application:ensure_all_started/2 instead of + hard-coding dependencies

+

+ Own Id: OTP-13363

+ + +
+ +
+
SSL 7.2
Fixed Bugs and Malfunctions -- cgit v1.2.3 From 6664eed554974336909d3ffe03f20349cc4c38fd Mon Sep 17 00:00:00 2001 From: Henrik Nord Date: Tue, 15 Mar 2016 15:19:56 +0100 Subject: update copyright-year --- lib/ssl/doc/src/book.xml | 2 +- lib/ssl/doc/src/notes.xml | 2 +- lib/ssl/doc/src/pkix_certs.xml | 2 +- lib/ssl/doc/src/release_notes.xml | 2 +- lib/ssl/doc/src/ssl.xml | 2 +- lib/ssl/doc/src/ssl_app.xml | 2 +- lib/ssl/doc/src/ssl_distribution.xml | 2 +- lib/ssl/doc/src/usersguide.xml | 2 +- lib/ssl/doc/src/using_ssl.xml | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/book.xml b/lib/ssl/doc/src/book.xml index a0890a028d..056c958f0f 100644 --- a/lib/ssl/doc/src/book.xml +++ b/lib/ssl/doc/src/book.xml @@ -4,7 +4,7 @@
- 19992013 + 19992016 Ericsson AB. All Rights Reserved. diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index e5070bc247..7c55dd4c96 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -4,7 +4,7 @@
- 19992013 + 19992016 Ericsson AB. All Rights Reserved. diff --git a/lib/ssl/doc/src/pkix_certs.xml b/lib/ssl/doc/src/pkix_certs.xml index a5793af5ca..f365acef4d 100644 --- a/lib/ssl/doc/src/pkix_certs.xml +++ b/lib/ssl/doc/src/pkix_certs.xml @@ -4,7 +4,7 @@
- 20032013 + 20032016 Ericsson AB. All Rights Reserved. diff --git a/lib/ssl/doc/src/release_notes.xml b/lib/ssl/doc/src/release_notes.xml index 4c9b18f900..2e263c69a7 100644 --- a/lib/ssl/doc/src/release_notes.xml +++ b/lib/ssl/doc/src/release_notes.xml @@ -4,7 +4,7 @@
- 19992013 + 19992016 Ericsson AB. All Rights Reserved. diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index a76d46ee9b..f1414783e3 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -4,7 +4,7 @@
- 19992015 + 19992016 Ericsson AB. All Rights Reserved. diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index d05ece3971..daa06a40fc 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -4,7 +4,7 @@
- 19992015 + 19992016 Ericsson AB. All Rights Reserved. diff --git a/lib/ssl/doc/src/ssl_distribution.xml b/lib/ssl/doc/src/ssl_distribution.xml index dc04d446b0..7c00b4eae2 100644 --- a/lib/ssl/doc/src/ssl_distribution.xml +++ b/lib/ssl/doc/src/ssl_distribution.xml @@ -4,7 +4,7 @@
- 20002013 + 20002016 Ericsson AB. All Rights Reserved. diff --git a/lib/ssl/doc/src/usersguide.xml b/lib/ssl/doc/src/usersguide.xml index 7bd0ae5c4c..23ccf668c3 100644 --- a/lib/ssl/doc/src/usersguide.xml +++ b/lib/ssl/doc/src/usersguide.xml @@ -4,7 +4,7 @@
- 20002013 + 20002016 Ericsson AB. All Rights Reserved. diff --git a/lib/ssl/doc/src/using_ssl.xml b/lib/ssl/doc/src/using_ssl.xml index b6a4bb5bec..f84cd6e391 100644 --- a/lib/ssl/doc/src/using_ssl.xml +++ b/lib/ssl/doc/src/using_ssl.xml @@ -4,7 +4,7 @@
- 20032013 + 20032016 Ericsson AB. All Rights Reserved. -- cgit v1.2.3 From 4b3a9cbeaa101603b6eaf6d68976e90780d85fc2 Mon Sep 17 00:00:00 2001 From: Magnus Henoch Date: Wed, 3 Feb 2016 18:20:39 +0000 Subject: Allow passing verify_fun for TLS distribution Accept a value of the form {Module, Function, State} from the command line. This is different from the {Fun, State} that ssl:connect etc expect, since there's no clean way to parse a fun from a command line argument. --- lib/ssl/doc/src/ssl_distribution.xml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl_distribution.xml b/lib/ssl/doc/src/ssl_distribution.xml index dc04d446b0..db867ea74b 100644 --- a/lib/ssl/doc/src/ssl_distribution.xml +++ b/lib/ssl/doc/src/ssl_distribution.xml @@ -196,6 +196,7 @@ Eshell V5.0 (abort with ^G) password cacertfile verify + verify_fun (write as {Module, Function, InitialUserState}) reuse_sessions secure_renegotiate depth @@ -203,6 +204,10 @@ Eshell V5.0 (abort with ^G) ciphers (use old string format) +

Note that verify_fun needs to be written in a different + form than the corresponding SSL option, since funs are not + accepted on the command line.

+

The server can also take the options dhfile and fail_if_no_peer_cert (also prefixed).

@@ -210,10 +215,6 @@ Eshell V5.0 (abort with ^G) initiates a connection to another node. server_-prefixed options are used when accepting a connection from a remote node.

-

More complex options, such as verify_fun, are currently not - available, but a mechanism to handle such options may be added in - a future release.

-

Raw socket options, such as packet and size must not be specified on the command line.

-- cgit v1.2.3 From f464ded0ae4a4c203a5d01755be84c3e81042e19 Mon Sep 17 00:00:00 2001 From: Magnus Henoch Date: Thu, 4 Feb 2016 14:36:09 +0000 Subject: TLS distribution: crl_check and crl_cache options Allow specifying the crl_check and crl_cache options for TLS distribution connections. --- lib/ssl/doc/src/ssl_distribution.xml | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl_distribution.xml b/lib/ssl/doc/src/ssl_distribution.xml index db867ea74b..b2e633a814 100644 --- a/lib/ssl/doc/src/ssl_distribution.xml +++ b/lib/ssl/doc/src/ssl_distribution.xml @@ -197,6 +197,8 @@ Eshell V5.0 (abort with ^G) cacertfile verify verify_fun (write as {Module, Function, InitialUserState}) + crl_check + crl_cache (write as Erlang term) reuse_sessions secure_renegotiate depth -- cgit v1.2.3 From 06c57ea534d077a3dbce92d066150692c8c3af3b Mon Sep 17 00:00:00 2001 From: def_null Date: Wed, 23 Mar 2016 10:59:02 +0100 Subject: Fix transportoption, ssloption, ssloptions types names in the documentation --- lib/ssl/doc/src/ssl.xml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index a76d46ee9b..82bede69d0 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -48,7 +48,7 @@

true | false

 option() = -

socketoption() | ssloption() | transportoption()

+

socketoption() | ssl_option() | transport_option()

 socketoption() = @@ -60,7 +60,7 @@ gen_tcp(3) manual pages in Kernel.

 - ssloption() = + ssl_option() =

{verify, verify_type()}

| {verify_fun, {fun(), term()}}

@@ -85,11 +85,11 @@ [binary()]} | {client | server, [binary()], binary()}}

| {log_alert, boolean()}

| {server_name_indication, hostname() | disable}

-

| {sni_hosts, [{hostname(), ssloptions()}]}

+

| {sni_hosts, [{hostname(), [ssl_option()]}]}

| {sni_fun, SNIfun::fun()}

 - transportoption() = + transport_option() =

{cb_info, {CallbackModule::atom(), DataTag::atom(), ClosedTag::atom(), ErrTag:atom()}}

@@ -168,7 +168,7 @@ | srp_4096 | srp_6144 | srp_8192

 SNIfun::fun() -

= fun(ServerName :: string()) -> ssloptions()

 +

= fun(ServerName :: string()) -> [ssl_option()]
@@ -617,7 +617,7 @@ fun(srp, Username :: string(), UserState :: term()) -> selection. If set to false (the default), use the client preference.

- {sni_hosts, [{hostname(), ssloptions()}]} + {sni_hosts, [{hostname(), [ssl_option()]}]}

If the server receives a SNI (Server Name Indication) from the client matching a host listed in the sni_hosts option, the specific options for that host will override previously specified options. @@ -626,11 +626,11 @@ fun(srp, Username :: string(), UserState :: term()) -> {sni_fun, SNIfun::fun()}

If the server receives a SNI (Server Name Indication) from the client, - the given function will be called to retrieve ssloptions() for the indicated server. - These options will be merged into predefined ssloptions(). + the given function will be called to retrieve [ssl_option()] for the indicated server. + These options will be merged into predefined [ssl_option()]. The function should be defined as: - fun(ServerName :: string()) -> ssloptions() + fun(ServerName :: string()) -> [ssl_option()] and can be specified as a fun or as named fun module:function/1 The option sni_fun, and sni_hosts are mutually exclusive.

 @@ -710,7 +710,7 @@ fun(srp, Username :: string(), UserState :: term()) -> equivalent, connected socket to an SSL socket. Socket = socket() - SslOptions = [ssloption()] + SslOptions = [ssl_option()] Timeout = integer() | infinity SslSocket = sslsocket() Reason = term() @@ -1023,7 +1023,7 @@ fun(srp, Username :: string(), UserState :: term()) -> Performs server-side SSL/TLS handshake. Socket = socket() | sslsocket() - SslOptions = ssloptions() + SslOptions = [ssl_option()] Timeout = integer() Reason = term() -- cgit v1.2.3 From 8fbd0e8dd05ba1f76f2d02a2e4c16e7973adfd4c Mon Sep 17 00:00:00 2001 From: Magnus Henoch Date: Tue, 16 Feb 2016 15:09:07 +0000 Subject: Add issuer arg to ssl_crl_cache_api lookup callback Change the ssl_crl_cache_api callback specification, passing the certificate issuer name as an argument to the lookup callback function. Support the previous API too, for the time being. The purpose of this change is to accomodate CRL cache modules that index CRLs by issuer name, not by distribution point URL. While in most cases such lookups could be performed using the select/2 callback function, that doesn't work when the CRL in question contains an Issuing Distribution Point (IDP) extension, since RFC 5280 specifies different processing rules for CRLs specified in a distribution point (DP) and other CRLs. For the latter, a DP is assumed that most likely will not match the IDP of the CRL. In order to accommodate cache modules that index CRLs by issuer name, let's pass them the issuer as well. --- lib/ssl/doc/src/ssl_crl_cache_api.xml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml index 03ac010bfe..7440b6ef04 100644 --- a/lib/ssl/doc/src/ssl_crl_cache_api.xml +++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml @@ -76,10 +76,13 @@ + lookup(DistributionPoint, Issuer, DbHandle) -> not_available | CRLs lookup(DistributionPoint, DbHandle) -> not_available | CRLs DistributionPoint = dist_point() + Issuer = public_key:issuer_name() DbHandle = cache_ref() CRLs = [public_key:der_encoded()] @@ -87,6 +90,18 @@

Lookup the CRLs belonging to the distribution point Distributionpoint. This function may choose to only look in the cache or to follow distribution point links depending on how the cache is administrated.

+ +

The Issuer argument contains the issuer name of the + certificate to be checked. Normally the returned CRL should + be issued by this issuer, except if the cRLIssuer field + of DistributionPoint has a value, in which case that + value should be used instead.

+ +

In an earlier version of this API, the lookup + function received two arguments, omitting Issuer. For + compatibility, this is still supported: if there is no + lookup/3 function in the callback module, + lookup/2 is called instead.

 -- cgit v1.2.3 From 1a5ef986efb0461b3b87dc836036d661def4c4b5 Mon Sep 17 00:00:00 2001 From: Magnus Henoch Date: Thu, 4 Feb 2016 18:28:16 +0000 Subject: Improve formatting for crl_{check,cache} options --- lib/ssl/doc/src/ssl.xml | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 82bede69d0..a1fba5fbff 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -331,31 +331,36 @@ marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_valid {crl_check, boolean() | peer | best_effort } - Perform CRL (Certificate Revocation List) verification +

Perform CRL (Certificate Revocation List) verification (public_key:pkix_crls_validate/3) on all the certificates during the path validation (public_key:pkix_path_validation/3) - of the certificate chain. Defaults to false. + of the certificate chain. Defaults to false.

-

peer - check is only performed on - the peer certificate.

+ + peer + check is only performed on the peer certificate. -

best_effort - if certificate revocation status can not be determined - it will be accepted as valid.

+ best_effort + if certificate revocation status can not be determined + it will be accepted as valid. +

The CA certificates specified for the connection will be used to construct the certificate chain validating the CRLs.

-

The CRLs will be fetched from a local or external cache see +

The CRLs will be fetched from a local or external cache. See ssl_crl_cache_api(3).

 {crl_cache, {Module :: atom(), {DbHandle :: internal | term(), Args :: list()}}} -

Module defaults to ssl_crl_cache with DbHandle internal and an - empty argument list. The following arguments may be specified for the internal cache.

+

Specify how to perform lookup and caching of certificate revocation lists. + Module defaults to ssl_crl_cache + with DbHandle being internal and an + empty argument list. The following arguments may be specified for the internal cache:

{http, timeout()}

-- cgit v1.2.3 From b219dbd698c74cf3c904445d13bb3453be6e1ac8 Mon Sep 17 00:00:00 2001 From: Magnus Henoch Date: Tue, 8 Dec 2015 18:23:42 +0000 Subject: Add ssl_crl_hash_dir module This module is an implementation of the ssl_crl_cache_api behaviour. It can be used when there is a directory containing CRLs for all relevant CAs, in the form used by e.g. Apache. The module assumes that the directory is being updated through an external process. --- lib/ssl/doc/src/ssl.xml | 60 ++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 52 insertions(+), 8 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index a1fba5fbff..31f88f3285 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -360,15 +360,59 @@ marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_valid

Specify how to perform lookup and caching of certificate revocation lists. Module defaults to ssl_crl_cache with DbHandle being internal and an - empty argument list. The following arguments may be specified for the internal cache:

+ empty argument list.

+ +

There are two implementations available:

+ - {http, timeout()} -

- Enables fetching of CRLs specified as http URIs in X509 certificate extensions. - Requires the OTP inets application.

- - + ssl_crl_cache + +

This module maintains a cache of CRLs. CRLs can be + added to the cache using the function ssl_crl_cache:insert/1, + and optionally automatically fetched through HTTP if the + following argument is specified:

+ + + {http, timeout()} +

+ Enables fetching of CRLs specified as http URIs inX509 certificate extensions. + Requires the OTP inets application.

+ + + + + ssl_crl_hash_dir + +

This module makes use of a directory where CRLs are + stored in files named by the hash of the issuer name.

+ +

The file names consist of eight hexadecimal digits + followed by .rN, where N is an integer, + e.g. 1a2b3c4d.r0. For the first version of the + CRL, N starts at zero, and for each new version, + N is incremented by one. The OpenSSL utility + c_rehash creates symlinks according to this + pattern.

+ +

For a given hash value, this module finds all + consecutive .r* files starting from zero, and those + files taken together make up the revocation list. CRL + files whose nextUpdate fields are in the past, or + that are issued by a different CA that happens to have the + same name hash, are excluded.

+ +

The following argument is required:

+ + + {dir, string()} +

Specifies the directory in which the CRLs can be found.

 + + + + + {partial_chain, fun(Chain::[DerCert]) -> {trusted_ca, DerCert} | -- cgit v1.2.3 From 923ea90fb23ff65071b688fbee09c00b47afc272 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Fri, 5 Feb 2016 17:39:04 +0100 Subject: ssl: Add option signature_algs In TLS-1.2 The signature algorithm and the hash function algorithm used to produce the digest that is used when creating the digital signature may be negotiated through the signature algorithm extension RFC 5246. We want to make these algorithm pairs configurable. In connections using lower versions of TLS these algorithms are implicit defined and can not be negotiated or configured. DTLS is updated to not cause dialyzer errors, but needs to get a real implementation later. --- lib/ssl/doc/src/ssl.xml | 49 ++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 46 insertions(+), 3 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 82bede69d0..17842c71ad 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -421,7 +421,6 @@ fun(srp, Username :: string(), UserState :: term()) ->

Using {padding_check, boolean()} makes TLS vulnerable to the Poodle attack.

 -
@@ -522,9 +521,45 @@ fun(srp, Username :: string(), UserState :: term()) -> be supported by the server for the prevention to work.

- + {signature_algs, [{hash(), ecdsa | rsa | dsa}]} + +

In addition to the algorithms negotiated by the cipher + suite used for key exchange, payload encryption, message + authentication and pseudo random calculation, the TLS signature + algorithm extension Section 7.4.1.4.1 in RFC 5246 may be + used, from TLS 1.2, to negotiate which signature algorithm to use during the + TLS handshake. If no lower TLS versions than 1.2 are supported, + the client will send a TLS signature algorithm extension + with the algorithms specified by this option. + Defaults to + + [ +%% SHA2 +{sha512, ecdsa}, +{sha512, rsa}, +{sha384, ecdsa}, +{sha384, rsa}, +{sha256, ecdsa}, +{sha256, rsa}, +{sha224, ecdsa}, +{sha224, rsa}, +%% SHA +{sha, ecdsa}, +{sha, rsa}, +{sha, dsa}, +%% MD5 +{md5, rsa} +] + + The algorithms should be in the preferred order. + Selected signature algorithm can restrict which hash functions + that may be selected. +

+ +
- +
SSL OPTION DESCRIPTIONS - SERVER SIDE @@ -651,6 +686,14 @@ fun(srp, Username :: string(), UserState :: term()) -> If true, use the server's preference for cipher selection. If false (the default), use the client's preference. + + {signature_algs, [{hash(), ecdsa | rsa | dsa}]} +

The algorithms specified by + this option will be the ones accepted by the server in a signature algorithm + negotiation, introduced in TLS-1.2. The algorithms will also be offered to the client if a + client certificate is requested. For more details see the corresponding client option. +

+
-- cgit v1.2.3 From 9a834cff78e3f4e33b561304c83de717019f5a4d Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Tue, 5 Apr 2016 07:50:01 +0200 Subject: ssl: Remove default support for use of md5 in TLS 1.2 signature algorithms --- lib/ssl/doc/src/ssl.xml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 17842c71ad..53d534ef19 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -548,13 +548,11 @@ fun(srp, Username :: string(), UserState :: term()) -> {sha, ecdsa}, {sha, rsa}, {sha, dsa}, -%% MD5 -{md5, rsa} ] The algorithms should be in the preferred order. Selected signature algorithm can restrict which hash functions - that may be selected. + that may be selected. Default support for {md5, rsa} removed in ssl-8.0

-- cgit v1.2.3 From 04397344762d506ac0286118d36e1a5b330dceb2 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Fri, 5 Feb 2016 17:39:04 +0100 Subject: ssl: Add option signature_algs In TLS-1.2 The signature algorithm and the hash function algorithm used to produce the digest that is used when creating the digital signature may be negotiated through the signature algorithm extension RFC 5246. We want to make these algorithm pairs configurable. In connections using lower versions of TLS these algorithms are implicit defined and can not be negotiated or configured. DTLS is updated to not cause dialyzer errors, but needs to get a real implementation later. --- lib/ssl/doc/src/ssl.xml | 49 ++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 46 insertions(+), 3 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index a76d46ee9b..e831f73530 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -421,7 +421,6 @@ fun(srp, Username :: string(), UserState :: term()) ->

Using {padding_check, boolean()} makes TLS vulnerable to the Poodle attack.

 -
@@ -522,9 +521,45 @@ fun(srp, Username :: string(), UserState :: term()) -> be supported by the server for the prevention to work.

- + {signature_algs, [{hash(), ecdsa | rsa | dsa}]} + +

In addition to the algorithms negotiated by the cipher + suite used for key exchange, payload encryption, message + authentication and pseudo random calculation, the TLS signature + algorithm extension Section 7.4.1.4.1 in RFC 5246 may be + used, from TLS 1.2, to negotiate which signature algorithm to use during the + TLS handshake. If no lower TLS versions than 1.2 are supported, + the client will send a TLS signature algorithm extension + with the algorithms specified by this option. + Defaults to + + [ +%% SHA2 +{sha512, ecdsa}, +{sha512, rsa}, +{sha384, ecdsa}, +{sha384, rsa}, +{sha256, ecdsa}, +{sha256, rsa}, +{sha224, ecdsa}, +{sha224, rsa}, +%% SHA +{sha, ecdsa}, +{sha, rsa}, +{sha, dsa}, +%% MD5 +{md5, rsa} +] + + The algorithms should be in the preferred order. + Selected signature algorithm can restrict which hash functions + that may be selected. +

+ +
- +
SSL OPTION DESCRIPTIONS - SERVER SIDE @@ -651,6 +686,14 @@ fun(srp, Username :: string(), UserState :: term()) -> If true, use the server's preference for cipher selection. If false (the default), use the client's preference. + + {signature_algs, [{hash(), ecdsa | rsa | dsa}]} +

The algorithms specified by + this option will be the ones accepted by the server in a signature algorithm + negotiation, introduced in TLS-1.2. The algorithms will also be offered to the client if a + client certificate is requested. For more details see the corresponding client option. +

+
-- cgit v1.2.3 From ed3f30209985c9bbe097b6bdfff19d696ee56762 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Tue, 26 Apr 2016 12:01:15 +0200 Subject: Update release notes --- lib/ssl/doc/src/notes.xml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index e5070bc247..4177e0351c 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -28,6 +28,36 @@

This document describes the changes made to the SSL application.

+
SSL 7.3.1 + +
Fixed Bugs and Malfunctions + + +

+ Corrections to cipher suite handling using the 3 and 4 + tuple format in addition to commit + 89d7e21cf4ae988c57c8ef047bfe85127875c70c

+

+ Own Id: OTP-13511

+ + +
+ + +
Improvements and New Features + + +

+ Make values for the TLS-1.2 signature_algorithms + extension configurable

+

+ Own Id: OTP-13261

+ + +
+ +
+
SSL 7.3
Fixed Bugs and Malfunctions -- cgit v1.2.3 From 42588839497b3944b63ce50947257698d857f4da Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Tue, 3 May 2016 10:11:11 +0200 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 4177e0351c..1d6da17785 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -28,6 +28,23 @@

This document describes the changes made to the SSL application.

+
SSL 7.3.2 + +
Fixed Bugs and Malfunctions + + +

+ Correct cipher suites conversion and gaurd expression. + Caused problems with GCM cipher suites and client side + option to set signature_algorithms extention values.

+

+ Own Id: OTP-13525

+ + +
+ +
+
SSL 7.3.1
Fixed Bugs and Malfunctions -- cgit v1.2.3 From bd64ad8e15d66e48b36dbe3584315dd5cfc8b59a Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Wed, 11 May 2016 17:22:23 +0200 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 50 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index e9b523d9e1..5db954c3b4 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -28,6 +28,56 @@

This document describes the changes made to the SSL application.

+
SSL 8.0 + +
Improvements and New Features + + +

+ Remove default support for DES cipher suites

+

+ *** POTENTIAL INCOMPATIBILITY ***

+

+ Own Id: OTP-13195

+ + +

+ Deprecate the function crypto:rand_bytes and make sure + that crypto:strong_rand_bytes is used in all places that + are cryptographically significant.

+

+ Own Id: OTP-13214

+ + +

+ Better error handling of user error during TLS upgrade. + ERL-69 is solved by gen_statem rewrite of ssl + application.

+

+ Own Id: OTP-13255

+ + +

+ Remove confusing error message when closing a distributed + erlang node running over TLS

+

+ Own Id: OTP-13431

+ + +

+ ssl now uses gen_statem instead of gen_fsm to implement + the ssl connection process, this solves some timing + issues in addtion to making the code more intuitive as + the behaviour can be used cleanly instead of having a lot + of workaround for shortcomings of the behaviour.

+

+ Own Id: OTP-13464

+ + +
+ +
+
SSL 7.3.2
Fixed Bugs and Malfunctions -- cgit v1.2.3 From 663e847459686604ea051f036a0e4caff18cea6f Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Thu, 12 May 2016 12:04:14 +0200 Subject: Revert "Prepare release" This reverts commit bd64ad8e15d66e48b36dbe3584315dd5cfc8b59a. --- lib/ssl/doc/src/notes.xml | 50 ----------------------------------------------- 1 file changed, 50 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 5db954c3b4..e9b523d9e1 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -28,56 +28,6 @@

This document describes the changes made to the SSL application.

-
SSL 8.0 - -
Improvements and New Features - - -

- Remove default support for DES cipher suites

-

- *** POTENTIAL INCOMPATIBILITY ***

-

- Own Id: OTP-13195

- - -

- Deprecate the function crypto:rand_bytes and make sure - that crypto:strong_rand_bytes is used in all places that - are cryptographically significant.

-

- Own Id: OTP-13214

- - -

- Better error handling of user error during TLS upgrade. - ERL-69 is solved by gen_statem rewrite of ssl - application.

-

- Own Id: OTP-13255

- - -

- Remove confusing error message when closing a distributed - erlang node running over TLS

-

- Own Id: OTP-13431

- - -

- ssl now uses gen_statem instead of gen_fsm to implement - the ssl connection process, this solves some timing - issues in addtion to making the code more intuitive as - the behaviour can be used cleanly instead of having a lot - of workaround for shortcomings of the behaviour.

-

- Own Id: OTP-13464

- - -
- -
-
SSL 7.3.2
Fixed Bugs and Malfunctions -- cgit v1.2.3 From df0c5663dd944a3dd06936105d0696a704c20e4e Mon Sep 17 00:00:00 2001 From: Kenneth Lakin Date: Sat, 30 Apr 2016 02:31:51 -0700 Subject: ssl: Add BEAST mitigation selection option Some legacy TLS 1.0 software does not tolerate the 1/n-1 content split BEAST mitigation technique. This commit adds a beast_mitigation SSL option (defaulting to one_n_minus_one) to select or disable the BEAST mitigation technique. Valid option values are (one_n_minus_one | zero_n | disabled). --- lib/ssl/doc/src/ssl.xml | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 154664d855..33ece8f769 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -417,10 +417,24 @@ fun(srp, Username :: string(), UserState :: term()) -> If set to false, it disables the block cipher padding check to be able to interoperate with legacy software.

- -

Using {padding_check, boolean()} makes TLS vulnerable to the Poodle attack.

 + + {beast_mitigation, one_n_minus_one | zero_n | disabled} +

Affects SSL-3.0 and TLS-1.0 connections only. Used to change the BEAST + mitigation strategy to interoperate with legacy software. + Defaults to one_n_minus_one

. + +

one_n_minus_one - Perform 1/n-1 BEAST mitigation.

+ +

zero_n - Perform 0/n BEAST mitigation.

+ +

disabled - Disable BEAST mitigation.

 + +

Using {beast_mitigation, disabled} makes SSL or TLS + vulnerable to the BEAST attack.

 + +
-- cgit v1.2.3 From a11ab6550423d48d45dfc9ed4eb35cb4bef9e5e3 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Fri, 20 May 2016 16:37:42 +0200 Subject: ssl: Add default values and clarifications --- lib/ssl/doc/src/ssl_app.xml | 27 +++++++++++++++++++-------- 1 file changed, 19 insertions(+), 8 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index daa06a40fc..e50ffdbfe6 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -94,7 +94,10 @@ to ssl:connect/[2,3] and ssl:listen/2.

]]> -

Maximum lifetime of the session data in seconds.

 +

Maximum lifetime of the session data in seconds. Defaults to 24 hours which is the maximum + recommended lifetime by RFC 5246. However + sessions may be invalidated earlier due to the maximum limitation of the session cache table. +

]]>

Name of the session cache callback module that implements @@ -107,16 +110,24 @@ in the session cache callback module. Defaults to [].

 ]]>
- ]]> -

Limits the growth of the clients/servers session cache, - if the maximum number of sessions is reached, the current cache entries will - be invalidated regardless of their remaining lifetime. Defaults to 1000. -

+

Limits the growth of the clients session cache, that is + how many sessions towards servers that are cached to be used by + new client connections. If the maximum number of sessions is + reached, the current cache entries will be invalidated + regardless of their remaining lifetime. Defaults to + 1000.

 + + ]]> +

Limits the growth of the servers session cache, that is + how many client sessions are cached by the server. If the + maximum number of sessions is reached, the current cache entries + will be invalidated regardless of their remaining + lifetime. Defaults to 1000.

 ]]>

- Number of milliseconds between PEM cache validations. + Number of milliseconds between PEM cache validations. Defaults to 2 minutes.

ssl:clear_pem_cache/0 @@ -131,7 +142,7 @@ shutdown gracefully. Defaults to 5000 milliseconds.

- +
-- cgit v1.2.3 From e020f75c10410a6943cd055bfa072a2641eab7da Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Thu, 2 Jun 2016 10:55:26 +0200 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 109 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 109 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index e9b523d9e1..5fb76c1f62 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -28,6 +28,115 @@

This document describes the changes made to the SSL application.

+
SSL 8.0 + +
Fixed Bugs and Malfunctions + + +

+ Timeouts may have the value 0, gauards have been + corrected to allow this

+

+ Own Id: OTP-13635

+ + +
+ + +
Improvements and New Features + + +

+ Remove default support for DES cipher suites

+

+ *** POTENTIAL INCOMPATIBILITY ***

+

+ Own Id: OTP-13195

+ + +

+ Deprecate the function crypto:rand_bytes and make sure + that crypto:strong_rand_bytes is used in all places that + are cryptographically significant.

+

+ Own Id: OTP-13214

+ + +

+ Better error handling of user error during TLS upgrade. + ERL-69 is solved by gen_statem rewrite of ssl + application.

+

+ Own Id: OTP-13255

+ + +

+ Provide user friendly error message when crypto rejects a + key

+

+ Own Id: OTP-13256

+ + +

+ TLS distribution connections now allow specifying the + options verify_fun, crl_check and + crl_cache. See the documentation. GitHub pull req + #956 contributed by Magnus Henoch.

+

+ Own Id: OTP-13429 Aux Id: Pull#956

+ + +

+ Remove confusing error message when closing a distributed + erlang node running over TLS

+

+ Own Id: OTP-13431

+ + +

+ ssl now uses gen_statem instead of gen_fsm to implement + the ssl connection process, this solves some timing + issues in addtion to making the code more intuitive as + the behaviour can be used cleanly instead of having a lot + of workaround for shortcomings of the behaviour.

+

+ Own Id: OTP-13464

+ + +

+ Correct ssl:prf/5 to use the negotiated cipher suites prf + function in ssl:prf/5 instead of the default prf.

+

+ Own Id: OTP-13546

+ + +

+ Some legacy TLS 1.0 software does not tolerate the 1/n-1 + content split BEAST mitigation technique. Add a + beast_mitigation SSL option (defaulting to + one_n_minus_one) to select or disable the BEAST + mitigation technique.

+

+ Own Id: OTP-13629

+ + +

+ Enhance error log messages to facilitate for users to + understand the error

+

+ Own Id: OTP-13632

+ + +

+ Incresed default DH params to 2048-bit

+

+ Own Id: OTP-13636

+ + +
+ +
+
SSL 7.3.2
Fixed Bugs and Malfunctions -- cgit v1.2.3 From c04cad3ba921deb086d19e2de2526af4854add75 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Thu, 2 Jun 2016 11:39:07 +0200 Subject: Revert "Prepare release" This reverts commit e020f75c10410a6943cd055bfa072a2641eab7da. --- lib/ssl/doc/src/notes.xml | 109 ---------------------------------------------- 1 file changed, 109 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 5fb76c1f62..e9b523d9e1 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -28,115 +28,6 @@

This document describes the changes made to the SSL application.

-
SSL 8.0 - -
Fixed Bugs and Malfunctions - - -

- Timeouts may have the value 0, gauards have been - corrected to allow this

-

- Own Id: OTP-13635

- - -
- - -
Improvements and New Features - - -

- Remove default support for DES cipher suites

-

- *** POTENTIAL INCOMPATIBILITY ***

-

- Own Id: OTP-13195

- - -

- Deprecate the function crypto:rand_bytes and make sure - that crypto:strong_rand_bytes is used in all places that - are cryptographically significant.

-

- Own Id: OTP-13214

- - -

- Better error handling of user error during TLS upgrade. - ERL-69 is solved by gen_statem rewrite of ssl - application.

-

- Own Id: OTP-13255

- - -

- Provide user friendly error message when crypto rejects a - key

-

- Own Id: OTP-13256

- - -

- TLS distribution connections now allow specifying the - options verify_fun, crl_check and - crl_cache. See the documentation. GitHub pull req - #956 contributed by Magnus Henoch.

-

- Own Id: OTP-13429 Aux Id: Pull#956

- - -

- Remove confusing error message when closing a distributed - erlang node running over TLS

-

- Own Id: OTP-13431

- - -

- ssl now uses gen_statem instead of gen_fsm to implement - the ssl connection process, this solves some timing - issues in addtion to making the code more intuitive as - the behaviour can be used cleanly instead of having a lot - of workaround for shortcomings of the behaviour.

-

- Own Id: OTP-13464

- - -

- Correct ssl:prf/5 to use the negotiated cipher suites prf - function in ssl:prf/5 instead of the default prf.

-

- Own Id: OTP-13546

- - -

- Some legacy TLS 1.0 software does not tolerate the 1/n-1 - content split BEAST mitigation technique. Add a - beast_mitigation SSL option (defaulting to - one_n_minus_one) to select or disable the BEAST - mitigation technique.

-

- Own Id: OTP-13629

- - -

- Enhance error log messages to facilitate for users to - understand the error

-

- Own Id: OTP-13632

- - -

- Incresed default DH params to 2048-bit

-

- Own Id: OTP-13636

- - -
- -
-
SSL 7.3.2
Fixed Bugs and Malfunctions -- cgit v1.2.3 From 2c3a4e4044c6baf0f71a2144b828a06db2f92132 Mon Sep 17 00:00:00 2001 From: Kenneth Lakin Date: Thu, 2 Jun 2016 18:11:56 -0700 Subject: Move misplaced period in ssl documentation --- lib/ssl/doc/src/ssl.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 33ece8f769..178e22f2fd 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -423,7 +423,7 @@ fun(srp, Username :: string(), UserState :: term()) -> {beast_mitigation, one_n_minus_one | zero_n | disabled}

Affects SSL-3.0 and TLS-1.0 connections only. Used to change the BEAST mitigation strategy to interoperate with legacy software. - Defaults to one_n_minus_one

. + Defaults to one_n_minus_one.

one_n_minus_one - Perform 1/n-1 BEAST mitigation.

-- cgit v1.2.3 From 33afe108de9cf24be47b9ebd740a8f5e19daca79 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Tue, 3 May 2016 12:07:51 +0200 Subject: ssl: Add option to phase out support for sslv2 client hello ssl servers can recognize sslv2 client hellos to interop with clients that support higher version of SSL/TLS but also offers sslv2 Conflicts: lib/ssl/src/tls_connection.erl --- lib/ssl/doc/src/ssl.xml | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 33ece8f769..c7aa3d5b09 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -706,6 +706,12 @@ fun(srp, Username :: string(), UserState :: term()) -> client certificate is requested. For more details see the corresponding client option.

+ {v2_hello_compatible, boolean()} + If true, the server accepts clients that send hello messages on SSL-2.0 format but offers + supported SSL/TLS versions. Defaults to false, that is the server will not interoperate with clients that + offers SSL-2.0. + +
-- cgit v1.2.3 From 84fd2c325c9e38b5ea2307b6133c3d15b33a3241 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Hoguin?= Date: Wed, 23 Dec 2015 12:00:08 +0100 Subject: Add ssl:getstat/1 and ssl:getstat/2 These functions call getstat on the underlying TCP socket. The only way to do this before now was to use a hack, either by looking inside the #sslsocket{} record directly, or by not using the SSL listen/accept functions and upgrading from a TCP socket that is kept around for the purpose of calling getstat later on. --- lib/ssl/doc/src/ssl.xml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 62f6263e9e..bed82cdb91 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -900,6 +900,23 @@ fun(srp, Username :: string(), UserState :: term()) -> + + getstat(Socket) -> + {ok, OptionValues} | {error, inet:posix()} + getstat(Socket, OptionNames) -> + {ok, OptionValues} | {error, inet:posix()} + Get one or more statistic options for a socket + + Socket = sslsocket() + OptionNames = [atom()] + OptionValues = [{inet:stat_option(), integer()}] + + +

Gets one or more statistic options for the underlying TCP socket.

+

See inet:getstat/2 for statistic options description.

+ + + listen(Port, Options) -> {ok, ListenSocket} | {error, Reason} -- cgit v1.2.3 From 7f0b544e5d35af3e341b0a081701c85b2d9e02ee Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Mon, 13 Jun 2016 13:21:37 +0200 Subject: Update release notes --- lib/ssl/doc/src/notes.xml | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 1d6da17785..5b0b5ead20 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -28,6 +28,51 @@

This document describes the changes made to the SSL application.

+
SSL 7.3.3 + +
Fixed Bugs and Malfunctions + + +

+ Correct ssl:prf/5 to use the negotiated cipher suite's + prf function in ssl:prf/5 instead of the default prf.

+

+ Own Id: OTP-13546

+ + +

+ Timeouts may have the value 0, guards have been corrected + to allow this

+

+ Own Id: OTP-13635

+ + +

+ Change of internal handling of hash sign pairs as the + used one enforced to much restrictions making some valid + combinations unavailable.

+

+ Own Id: OTP-13670

+ + +
+ + +
Improvements and New Features + + +

+ Create a little randomness in sending of session + invalidation messages, to mitigate load when whole table + is invalidated.

+

+ Own Id: OTP-13490

+ + +
+ +
+
SSL 7.3.2
Fixed Bugs and Malfunctions -- cgit v1.2.3 From bfea08c61b6f46104eef2a573ed5d249c0508299 Mon Sep 17 00:00:00 2001 From: John Date: Tue, 14 Jun 2016 17:25:24 -0500 Subject: added asn1 to applications needed for start_ssl --- lib/ssl/doc/src/ssl_distribution.xml | 1 + 1 file changed, 1 insertion(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl_distribution.xml b/lib/ssl/doc/src/ssl_distribution.xml index dc04d446b0..14f2eb5db9 100644 --- a/lib/ssl/doc/src/ssl_distribution.xml +++ b/lib/ssl/doc/src/ssl_distribution.xml @@ -98,6 +98,7 @@ {stdlib,"1.18"}, {crypto, "2.0.3"}, {public_key, "0.12"}, + {asn1, "4.0"}, {ssl, "5.0"} ]}. -- cgit v1.2.3 From 263414018d721bb3c74be5bd96b30ab0cec54403 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Thu, 16 Jun 2016 11:19:01 +0200 Subject: ssl: Fix Xmllint errors --- lib/ssl/doc/src/ssl.xml | 19 +++++++++++-------- lib/ssl/doc/src/ssl_app.xml | 4 +--- 2 files changed, 12 insertions(+), 11 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 4ea000802f..abba5aaf59 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -464,10 +464,12 @@ fun(srp, Username :: string(), UserState :: term()) -> {padding_check, boolean()}

Affects TLS-1.0 connections only. If set to false, it disables the block cipher padding check - to be able to interoperate with legacy software.

 - -

Using {padding_check, boolean()} makes TLS + to be able to interoperate with legacy software.

+

Using {padding_check, boolean()} makes TLS vulnerable to the Poodle attack.

 + + + {beast_mitigation, one_n_minus_one | zero_n | disabled}

Affects SSL-3.0 and TLS-1.0 connections only. Used to change the BEAST @@ -478,11 +480,12 @@ fun(srp, Username :: string(), UserState :: term()) ->

zero_n - Perform 0/n BEAST mitigation.

-

disabled - Disable BEAST mitigation.

 +

disabled - Disable BEAST mitigation.

-

Using {beast_mitigation, disabled} makes SSL or TLS +

Using {beast_mitigation, disabled} makes SSL or TLS vulnerable to the BEAST attack.

 - + +
@@ -595,7 +598,7 @@ fun(srp, Username :: string(), UserState :: term()) -> TLS handshake. If no lower TLS versions than 1.2 are supported, the client will send a TLS signature algorithm extension with the algorithms specified by this option. - Defaults to + Defaults to

[ %% SHA2 @@ -612,7 +615,7 @@ fun(srp, Username :: string(), UserState :: term()) -> {sha, rsa}, {sha, dsa}, ] - +

The algorithms should be in the preferred order. Selected signature algorithm can restrict which hash functions that may be selected. Default support for {md5, rsa} removed in ssl-8.0 diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index e50ffdbfe6..0b3fa9a8a9 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -109,7 +109,7 @@

List of extra user-defined arguments to the init function in the session cache callback module. Defaults to [].

- ]]>
+ ]]>

Limits the growth of the clients session cache, that is how many sessions towards servers that are cached to be used by new client connections. If the maximum number of sessions is @@ -142,8 +142,6 @@ shutdown gracefully. Defaults to 5000 milliseconds.

- -
-- cgit v1.2.3 From ab3cffc9c24ec5b54456d2128a07a09bee2e69d6 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Fri, 17 Jun 2016 11:12:40 +0200 Subject: ssl: Extend list of supported features Note these where supported before ssl-8.0 --- lib/ssl/doc/src/ssl_app.xml | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index 0b3fa9a8a9..a66e947bc1 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -45,6 +45,8 @@ but can be configured. For security reasons DES cipher suites are no longer supported by default, but can be configured. + Renegotiation Indication Extension RFC 5746 is supported + Ephemeral Diffie-Hellman cipher suites are supported, but not Diffie Hellman Certificates cipher suites. Elliptic Curve cipher suites are supported if the Crypto @@ -55,10 +57,16 @@ IDEA cipher suites are not supported as they have become deprecated by the latest TLS specification so it is not motivated to implement them. + Compression is not supported. CRL validation is supported. Policy certificate extensions are not supported. 'Server Name Indication' extension (RFC 6066) is supported. + Application Layer Protocol Negotiation (ALPN) and its successor Next Protocol Negotiation (NPN) + are supported. + It is possible to use Pre-Shared Key (PSK) and Secure Remote Password (SRP) + cipher suites, but they are not enabled by default. + -- cgit v1.2.3 From 6e51c6d19612d03abc81b86bb70b8d7da678ce5d Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Tue, 21 Jun 2016 15:12:41 +0200 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 154 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 154 insertions(+) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index c427db24a4..3b6f988a2d 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -28,6 +28,160 @@

This document describes the changes made to the SSL application.

+
SSL 8.0 + +
Fixed Bugs and Malfunctions + + +

+ Server now rejects, a not requested client cert, as an + incorrect handshake message and ends the connection.

+

+ Own Id: OTP-13651

+ + +
+ + +
Improvements and New Features + + +

+ Remove default support for DES cipher suites

+

+ *** POTENTIAL INCOMPATIBILITY ***

+

+ Own Id: OTP-13195

+ + +

+ Deprecate the function crypto:rand_bytes and make + sure that crypto:strong_rand_bytes is used in all + places that are cryptographically significant.

+

+ Own Id: OTP-13214

+ + +

+ Better error handling of user error during TLS upgrade. + ERL-69 is solved by gen_statem rewrite of ssl + application.

+

+ Own Id: OTP-13255

+ + +

+ Provide user friendly error message when crypto rejects a + key

+

+ Own Id: OTP-13256

+ + +

+ Add ssl:getstat/1 and ssl:getstat/2

+

+ Own Id: OTP-13415

+ + +

+ TLS distribution connections now allow specifying the + options verify_fun, crl_check and + crl_cache. See the documentation. GitHub pull req + #956 contributed by Magnus Henoch.

+

+ Own Id: OTP-13429 Aux Id: Pull#956

+ + +

+ Remove confusing error message when closing a distributed + erlang node running over TLS

+

+ Own Id: OTP-13431

+ + +

+ Remove default support for use of md5 in TLS 1.2 + signature algorithms

+

+ Own Id: OTP-13463

+ + +

+ ssl now uses gen_statem instead of gen_fsm to implement + the ssl connection process, this solves some timing + issues in addition to making the code more intuitive as + the behaviour can be used cleanly instead of having a lot + of workaround for shortcomings of the behaviour.

+

+ Own Id: OTP-13464

+ + +

+ Phase out interoperability with clients that offer SSLv2. + By default they are no longer supported, but an option to + provide interoperability is offered.

+

+ *** POTENTIAL INCOMPATIBILITY ***

+

+ Own Id: OTP-13465

+ + +

+ OpenSSL has functions to generate short (eight hex + digits) hashes of issuers of certificates and CRLs. These + hashes are used by the "c_rehash" script to populate + directories of CA certificates and CRLs, e.g. in the + Apache web server. Add functionality to let an Erlang + program find the right CRL for a given certificate in + such a directory.

+

+ Own Id: OTP-13530

+ + +

+ Some legacy TLS 1.0 software does not tolerate the 1/n-1 + content split BEAST mitigation technique. Add a + beast_mitigation SSL option (defaulting to + one_n_minus_one) to select or disable the BEAST + mitigation technique.

+

+ Own Id: OTP-13629

+ + +

+ Enhance error log messages to facilitate for users to + understand the error

+

+ Own Id: OTP-13632

+ + +

+ Increased default DH params to 2048-bit

+

+ Own Id: OTP-13636

+ + +

+ Propagate CRL unknown CA error so that public_key + validation process continues correctly and determines + what should happen.

+

+ Own Id: OTP-13656

+ + +

+ Introduce a flight concept for handshake packages. This + is a preparation for enabling DTLS, however it can also + have a positive effects for TLS on slow and unreliable + networks.

+

+ Own Id: OTP-13678

+ + +
+ +
+
SSL 7.3.3
Fixed Bugs and Malfunctions -- cgit v1.2.3