Merge tag 'OTP-18.3'

=== OTP-18.3 === Changed Applications: - asn1-4.0.2 - common_test-1.12 - compiler-6.0.3 - cosNotification-1.2.1 - cosTime-1.2.1 - cosTransactions-1.3.1 - crypto-3.6.3 - debugger-4.1.2 - dialyzer-2.9 - diameter-1.11.2 - edoc-0.7.18 - eldap-1.2.1 - erl_docgen-0.4.2 - erl_interface-3.8.2 - erts-7.3 - eunit-2.2.13 - hipe-3.15 - inets-6.2 - kernel-4.2 - mnesia-4.13.3 - observer-2.1.2 - orber-3.8.1 - public_key-1.1.1 - runtime_tools-1.9.3 - sasl-2.7 - snmp-5.2.2 - ssh-4.2.2 - ssl-7.3 - stdlib-2.8 - test_server-3.10 - tools-2.8.3 - webtool-0.9.1 - wx-1.6.1 - xmerl-1.3.10 Unchanged Applications: - cosEvent-2.2 - cosEventDomain-1.2 - cosFileTransfer-1.2 - cosProperty-1.2 - et-1.5.1 - gs-1.6 - ic-4.4 - jinterface-1.6.1 - megaco-3.18 - odbc-2.11.1 - os_mon-2.4 - ose-1.1 - otp_mibs-1.1 - parsetools-2.1.1 - percept-0.8.11 - reltool-0.7 - syntax_tools-1.7 - typer-0.9.10 Conflicts: OTP_VERSION erts/vsn.mk lib/test_server/doc/src/notes.xml lib/test_server/vsn.mk lib/webtool/doc/src/notes.xml lib/webtool/vsn.mk
author: Lars Thorsen <[email protected]> 2016-03-15 12:46:28 +0100
committer: Lars Thorsen <[email protected]> 2016-03-15 12:46:28 +0100
commit: 12c3609f15dbe367684ecb506b61f07c15205c51 (patch)
tree: 26f2b4f74dfb10b8854801c7259eb5acd92113f5 /lib/ssl
parent: 5eb0a3f256d6f816ebd56ba5d991eecaf580dd88 (diff)
parent: 5e1b5ef47f3f2b898d30e0425823835bd9a574d4 (diff)
download: otp-12c3609f15dbe367684ecb506b61f07c15205c51.tar.gz
otp-12c3609f15dbe367684ecb506b61f07c15205c51.tar.bz2
otp-12c3609f15dbe367684ecb506b61f07c15205c51.zip
2 files changed, 119 insertions, 1 deletions
diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml
index 61d1c8355a..e5070bc247 100644
--- a/lib/ssl/doc/src/notes.xml
+++ b/lib/ssl/doc/src/notes.xml
@@ -28,6 +28,124 @@
   <p>This document describes the changes made to the SSL application.</p>
 
 
+<section><title>SSL 7.3</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    Make sure there is only one poller validator at a time
+	    for validating the session cache.</p>
+          <p>
+	    Own Id: OTP-13185</p>
+        </item>
+        <item>
+          <p>
+	    A timing related issue could cause ssl to hang,
+	    especially happened with newer versions of OpenSSL in
+	    combination with ECC ciphers.</p>
+          <p>
+	    Own Id: OTP-13253</p>
+        </item>
+        <item>
+          <p>
+	    Work around a race condition in the TLS distribution
+	    start.</p>
+          <p>
+	    Own Id: OTP-13268</p>
+        </item>
+        <item>
+          <p>
+	    Big handshake messages are now correctly fragmented in
+	    the TLS record layer.</p>
+          <p>
+	    Own Id: OTP-13306</p>
+        </item>
+        <item>
+          <p>
+	    Improve portability of ECC tests in Crypto and SSL for
+	    "exotic" OpenSSL versions.</p>
+          <p>
+	    Own Id: OTP-13311</p>
+        </item>
+        <item>
+          <p>
+	    Certificate extensions marked as critical are ignored
+	    when using verify_none</p>
+          <p>
+	    Own Id: OTP-13377</p>
+        </item>
+        <item>
+          <p>
+	    If a certificate doesn't contain a CRL Distribution
+	    Points extension, and the relevant CRL is not in the
+	    cache, and the <c>crl_check</c> option is not set to
+	    <c>best_effort</c> , the revocation check should fail.</p>
+          <p>
+	    Own Id: OTP-13378</p>
+        </item>
+        <item>
+          <p>
+	    Enable TLS distribution over IPv6</p>
+          <p>
+	    Own Id: OTP-13391</p>
+        </item>
+      </list>
+    </section>
+
+
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+	    Improve error reporting for TLS distribution</p>
+          <p>
+	    Own Id: OTP-13219</p>
+        </item>
+        <item>
+          <p>
+	    Include options from connect, listen and accept in
+	    <c>connection_information/1,2</c></p>
+          <p>
+	    Own Id: OTP-13232</p>
+        </item>
+        <item>
+          <p>
+	    Allow adding extra options for outgoing TLS distribution
+	    connections, as supported for plain TCP connections.</p>
+          <p>
+	    Own Id: OTP-13285</p>
+        </item>
+        <item>
+          <p>
+	    Use loopback as server option in TLS-distribution module</p>
+          <p>
+	    Own Id: OTP-13300</p>
+        </item>
+        <item>
+          <p>
+	    Verify certificate signature against original certificate
+	    binary.</p>
+          <p>
+	    This avoids bugs due to encoding errors when re-encoding
+	    a decode certificate. As there exists several decode step
+	    and using of different ASN.1 specification this is a risk
+	    worth avoiding.</p>
+          <p>
+	    Own Id: OTP-13334</p>
+        </item>
+        <item>
+          <p>
+	    Use <c>application:ensure_all_started/2</c> instead of
+	    hard-coding dependencies</p>
+          <p>
+	    Own Id: OTP-13363</p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>SSL 7.2</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>
diff --git a/lib/ssl/vsn.mk b/lib/ssl/vsn.mk
index 9f79a7fb34..47cb2909fb 100644
--- a/lib/ssl/vsn.mk
+++ b/lib/ssl/vsn.mk
@@ -1 +1 @@
-SSL_VSN = 7.2.1
+SSL_VSN = 7.3
author	Lars Thorsen <[email protected]>	2016-03-15 12:46:28 +0100
committer	Lars Thorsen <[email protected]>	2016-03-15 12:46:28 +0100
commit	12c3609f15dbe367684ecb506b61f07c15205c51 (patch)
tree	26f2b4f74dfb10b8854801c7259eb5acd92113f5 /lib/ssl
parent	5eb0a3f256d6f816ebd56ba5d991eecaf580dd88 (diff)
parent	5e1b5ef47f3f2b898d30e0425823835bd9a574d4 (diff)
download	otp-12c3609f15dbe367684ecb506b61f07c15205c51.tar.gz otp-12c3609f15dbe367684ecb506b61f07c15205c51.tar.bz2 otp-12c3609f15dbe367684ecb506b61f07c15205c51.zip