diff options
author | Henrik Nord <[email protected]> | 2016-03-14 13:20:11 +0100 |
---|---|---|
committer | Henrik Nord <[email protected]> | 2016-03-14 13:20:11 +0100 |
commit | d9318b579b555372cd86b4b11a50af9d46c7bb5d (patch) | |
tree | e476ce2b98208e229ab30a65be2a8fbe597452d3 /lib/ssl | |
parent | e3e55881b15757e15ea1995b0f8dbfd305f9e89d (diff) | |
parent | 5e1b5ef47f3f2b898d30e0425823835bd9a574d4 (diff) | |
download | otp-d9318b579b555372cd86b4b11a50af9d46c7bb5d.tar.gz otp-d9318b579b555372cd86b4b11a50af9d46c7bb5d.tar.bz2 otp-d9318b579b555372cd86b4b11a50af9d46c7bb5d.zip |
Merge tag 'OTP-18.3' into maint-18
=== OTP-18.3 ===
Changed Applications:
- asn1-4.0.2
- common_test-1.12
- compiler-6.0.3
- cosNotification-1.2.1
- cosTime-1.2.1
- cosTransactions-1.3.1
- crypto-3.6.3
- debugger-4.1.2
- dialyzer-2.9
- diameter-1.11.2
- edoc-0.7.18
- eldap-1.2.1
- erl_docgen-0.4.2
- erl_interface-3.8.2
- erts-7.3
- eunit-2.2.13
- hipe-3.15
- inets-6.2
- kernel-4.2
- mnesia-4.13.3
- observer-2.1.2
- orber-3.8.1
- public_key-1.1.1
- runtime_tools-1.9.3
- sasl-2.7
- snmp-5.2.2
- ssh-4.2.2
- ssl-7.3
- stdlib-2.8
- test_server-3.10
- tools-2.8.3
- webtool-0.9.1
- wx-1.6.1
- xmerl-1.3.10
Unchanged Applications:
- cosEvent-2.2
- cosEventDomain-1.2
- cosFileTransfer-1.2
- cosProperty-1.2
- et-1.5.1
- gs-1.6
- ic-4.4
- jinterface-1.6.1
- megaco-3.18
- odbc-2.11.1
- os_mon-2.4
- ose-1.1
- otp_mibs-1.1
- parsetools-2.1.1
- percept-0.8.11
- reltool-0.7
- syntax_tools-1.7
- typer-0.9.10
Diffstat (limited to 'lib/ssl')
-rw-r--r-- | lib/ssl/doc/src/notes.xml | 118 | ||||
-rw-r--r-- | lib/ssl/vsn.mk | 2 |
2 files changed, 119 insertions, 1 deletions
diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 61d1c8355a..e5070bc247 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -28,6 +28,124 @@ <p>This document describes the changes made to the SSL application.</p> +<section><title>SSL 7.3</title> + + <section><title>Fixed Bugs and Malfunctions</title> + <list> + <item> + <p> + Make sure there is only one poller validator at a time + for validating the session cache.</p> + <p> + Own Id: OTP-13185</p> + </item> + <item> + <p> + A timing related issue could cause ssl to hang, + especially happened with newer versions of OpenSSL in + combination with ECC ciphers.</p> + <p> + Own Id: OTP-13253</p> + </item> + <item> + <p> + Work around a race condition in the TLS distribution + start.</p> + <p> + Own Id: OTP-13268</p> + </item> + <item> + <p> + Big handshake messages are now correctly fragmented in + the TLS record layer.</p> + <p> + Own Id: OTP-13306</p> + </item> + <item> + <p> + Improve portability of ECC tests in Crypto and SSL for + "exotic" OpenSSL versions.</p> + <p> + Own Id: OTP-13311</p> + </item> + <item> + <p> + Certificate extensions marked as critical are ignored + when using verify_none</p> + <p> + Own Id: OTP-13377</p> + </item> + <item> + <p> + If a certificate doesn't contain a CRL Distribution + Points extension, and the relevant CRL is not in the + cache, and the <c>crl_check</c> option is not set to + <c>best_effort</c> , the revocation check should fail.</p> + <p> + Own Id: OTP-13378</p> + </item> + <item> + <p> + Enable TLS distribution over IPv6</p> + <p> + Own Id: OTP-13391</p> + </item> + </list> + </section> + + + <section><title>Improvements and New Features</title> + <list> + <item> + <p> + Improve error reporting for TLS distribution</p> + <p> + Own Id: OTP-13219</p> + </item> + <item> + <p> + Include options from connect, listen and accept in + <c>connection_information/1,2</c></p> + <p> + Own Id: OTP-13232</p> + </item> + <item> + <p> + Allow adding extra options for outgoing TLS distribution + connections, as supported for plain TCP connections.</p> + <p> + Own Id: OTP-13285</p> + </item> + <item> + <p> + Use loopback as server option in TLS-distribution module</p> + <p> + Own Id: OTP-13300</p> + </item> + <item> + <p> + Verify certificate signature against original certificate + binary.</p> + <p> + This avoids bugs due to encoding errors when re-encoding + a decode certificate. As there exists several decode step + and using of different ASN.1 specification this is a risk + worth avoiding.</p> + <p> + Own Id: OTP-13334</p> + </item> + <item> + <p> + Use <c>application:ensure_all_started/2</c> instead of + hard-coding dependencies</p> + <p> + Own Id: OTP-13363</p> + </item> + </list> + </section> + +</section> + <section><title>SSL 7.2</title> <section><title>Fixed Bugs and Malfunctions</title> diff --git a/lib/ssl/vsn.mk b/lib/ssl/vsn.mk index 9f79a7fb34..47cb2909fb 100644 --- a/lib/ssl/vsn.mk +++ b/lib/ssl/vsn.mk @@ -1 +1 @@ -SSL_VSN = 7.2.1 +SSL_VSN = 7.3 |