summaryrefslogtreecommitdiff
path: root/lib/ssl/src/ssl_config.erl
Commit message (Collapse)AuthorAgeFilesLines
* ssl: Refactor and truly separate client and server session cachesIngela Anderton Andin2021-03-151-25/+64
|
* ssl: Make sure TLS distribution connection processes has a common session tableIngela Anderton Andin2021-02-031-19/+70
| | | | | | | | | | | | | Use monitor for the listen socket instead of a monitor for the process that opened the listen socket for all connection processes, this is a better solution as ownership of the socket can be transfered and listen socket could be closed without the process that opened it terminating. Provide backwards compatible solution for TCP upgrade TLS servers We like to later introduce an option for them to to provide a listen socket so that the server instance may be properly identified and handled. For now we keep at most one session table that will be Erlang node global for TCP upgrade TLS servers, such as the Erlang distribution servers.
* ssl: Remove ssl option max_early_data_sizePéter Dimitrov2021-01-251-1/+30
| | | | Turn the ssl option max_early_data_size into an application variable.
* ssl: Extend cert and certfile option to be able to include a cert chainIngela Anderton Andin2020-11-091-12/+12
| | | | | | The first cert must be the peer cert. For optimal performance the chain should be ordered. However the option will be used for testing that also unordered or chains with extraneous cert can be handled.
* Update copyright yearRickard Green2020-03-131-1/+1
|
* ssl: Change internal #ssl_options{} to mapPéter Dimitrov2019-08-281-11/+15
|
* Merge branch 'maint-20' into maintJohn Högberg2018-07-241-3/+3
|\ | | | | | | | | | | | | | | | | * maint-20: Updated OTP version Prepare release ssl: Engine key trumps certfile option inets: Prepare for release inets: Improve error handling
| * Merge branch 'ingela/ssl/engine-vs-certfile/ERLERL-211/OTP-15193' into maint-20Erlang/OTP2018-07-201-3/+3
| |\ | | | | | | | | | | | | * ingela/ssl/engine-vs-certfile/ERLERL-211/OTP-15193: ssl: Engine key trumps certfile option
| | * ssl: Engine key trumps certfile optionIngela Anderton Andin2018-07-171-3/+3
| | |
| * | ssl: Fix ECDSA key decode clauseIngela Anderton Andin2018-07-101-1/+7
| |/
* | Update copyright yearHenrik Nord2018-06-181-1/+1
| |
* | ssl: Fix ECDSA key decode clauseIngela Anderton Andin2018-04-301-1/+7
|/
* ssl: Add private key configuration for crypto engineIngela Anderton Andin2017-11-081-1/+9
|
* Update copyright yearRaimo Niskanen2017-05-041-1/+1
|
* ssl: Simplify configuration codeIngela Anderton Andin2017-02-011-24/+20
| | | | | | Use map instead of large tuple, which was not an option when the code was written originally. More simplifications along these lines may be done later to the state record.
* ssl: Make sure PEM cache works as intendedIngela Anderton Andin2017-02-011-2/+2
| | | | | | Move of PEM cache to own process was flawed and not all PEM files where cached properly. We must properly handle both the ditributed and the normal mode of the ssl application.
* ssl: Move PEM cache to a dedicated processIngela Anderton Andin2017-01-191-2/+6
| | | | The PEM cache handling has proven to be too disruptive of the manager process.
* Change license text to APLv2Bruce Yinhe2015-06-181-9/+10
|
* ssl: Integrate public_key CRL verification with the ssl applicationIngela Anderton Andin2015-03-091-17/+20
|
* ssl: Refactor connetion handlingIngela Anderton Andin2013-12-021-0/+156
View Lorry Controller Status