8 files changed, 72 insertions, 7 deletions

diff --git a/lib/diameter/doc/src/notes.xml b/lib/diameter/doc/src/notes.xml
index 4bfc98de40..cc92bd99f0 100644
--- a/lib/diameter/doc/src/notes.xml
+++ b/lib/diameter/doc/src/notes.xml
@@ -78,6 +78,24 @@ first.</p>
 
 </section>
 
+<section><title>diameter 2.1.4.1</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    Fix failure of incoming answer message with faulty
+	    Experimental-Result-Code. Failure to decode the AVP
+	    resulted in an uncaught exception, with no no
+	    handle_answer/error callback as a consequence.</p>
+          <p>
+	    Own Id: OTP-15569 Aux Id: ERIERL-302 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>diameter 2.1.4</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>
diff --git a/lib/diameter/src/base/diameter_gen.erl b/lib/diameter/src/base/diameter_gen.erl
index d110a3015e..564448de48 100644
--- a/lib/diameter/src/base/diameter_gen.erl
+++ b/lib/diameter/src/base/diameter_gen.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2010-2018. All Rights Reserved.
+%% Copyright Ericsson AB 2010-2019. All Rights Reserved.
 %%
 %% Licensed under the Apache License, Version 2.0 (the "License");
 %% you may not use this file except in compliance with the License.
diff --git a/lib/diameter/src/base/diameter_traffic.erl b/lib/diameter/src/base/diameter_traffic.erl
index d2856ae530..2d3e4a2ac9 100644
--- a/lib/diameter/src/base/diameter_traffic.erl
+++ b/lib/diameter/src/base/diameter_traffic.erl
@@ -1925,6 +1925,8 @@ get_avp(Dict, Name, [#diameter_header{} | Avps]) ->
         A = find_avp(Code, Vid, Avps),
         avp_decode(Dict, Name, ungroup(A))
     catch
+        {diameter_gen, _} ->  %% faulty Grouped AVP
+            undefined;
         error: _ ->
             undefined
     end;
diff --git a/lib/diameter/src/diameter.appup.src b/lib/diameter/src/diameter.appup.src
index 51830f5276..4e6b983bac 100644
--- a/lib/diameter/src/diameter.appup.src
+++ b/lib/diameter/src/diameter.appup.src
@@ -2,7 +2,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2010-2018. All Rights Reserved.
+%% Copyright Ericsson AB 2010-2019. All Rights Reserved.
 %%
 %% Licensed under the Apache License, Version 2.0 (the "License");
 %% you may not use this file except in compliance with the License.
@@ -59,6 +59,7 @@
   {"2.1.2",   [{restart_application, diameter}]},  %% 20.1.3
   {"2.1.3",   [{restart_application, diameter}]},  %% 20.2
   {"2.1.4",   [{restart_application, diameter}]},  %% 20.3
+  {"2.1.4.1", [{restart_application, diameter}]},  %% 20.3.8.19
   {"2.1.5",   [{update, diameter_peer_fsm}]}       %% 21.0
  ],
  [
@@ -100,6 +101,7 @@
   {"2.1.2",   [{restart_application, diameter}]},
   {"2.1.3",   [{restart_application, diameter}]},
   {"2.1.4",   [{restart_application, diameter}]},
+  {"2.1.4.1", [{restart_application, diameter}]},
   {"2.1.5",   [{update, diameter_peer_fsm}]}
  ]
 }.
diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl
index 72606db628..3b65291002 100644
--- a/lib/ssl/test/ssl_basic_SUITE.erl
+++ b/lib/ssl/test/ssl_basic_SUITE.erl
@@ -4054,6 +4054,9 @@ rizzo_one_n_minus_one(Config) when is_list(Config) ->
                                          {cipher, 
                                           fun(rc4_128) ->
                                                   false;
+                                             %% TODO: remove this clause when chacha is fixed!
+                                             (chacha20_poly1305) ->
+                                                  false;
                                              (_) -> 
                                                   true 
                                           end}]),
diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index d51fa9d64f..c6a4a45dce 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -864,7 +864,8 @@ make_rsa_cert(Config) ->
 	    Config
     end.
 appropriate_sha(CryptoSupport) ->
-    case proplists:get_bool(sha256, CryptoSupport) of
+    Hashes = proplists:get_value(hashs, CryptoSupport),
+    case lists:member(sha256, Hashes) of
 	true ->
 	    sha256;
 	false ->
@@ -1111,11 +1112,11 @@ start_client(openssl, Port, ClientOpts, Config) ->
     CA = proplists:get_value(cacertfile, ClientOpts),
     Version = ssl_test_lib:protocol_version(Config),
     Exe = "openssl",
-    Args = ["s_client", "-verify", "2", "-port", integer_to_list(Port),
+    Args0 = ["s_client", "-verify", "2", "-port", integer_to_list(Port),
 	    ssl_test_lib:version_flag(Version),
 	    "-cert", Cert, "-CAfile", CA,
 	    "-key", Key, "-host","localhost", "-msg", "-debug"],
-
+    Args = maybe_force_ipv4(Args0),
     OpenSslPort = ssl_test_lib:portable_open_port(Exe, Args), 
     true = port_command(OpenSslPort, "Hello world"),
     OpenSslPort;
@@ -1129,6 +1130,18 @@ start_client(erlang, Port, ClientOpts, Config) ->
 			       {mfa, {ssl_test_lib, check_key_exchange_send_active, [KeyEx]}},
 			       {options, [{verify, verify_peer} | ClientOpts]}]).
 
+%% Workaround for running tests on machines where openssl
+%% s_client would use an IPv6 address with localhost. As
+%% this test suite and the ssl application is not prepared
+%% for that we have to force s_client to use IPv4 if
+%% OpenSSL supports IPv6.
+maybe_force_ipv4(Args0) ->
+    case is_ipv6_supported() of
+        true ->
+            Args0 ++ ["-4"];
+        false ->
+            Args0
+    end.
 
 start_client_ecc(erlang, Port, ClientOpts, Expect, ECCOpts, Config) ->
     {ClientNode, _, Hostname} = ssl_test_lib:run_where(Config),
@@ -1687,6 +1700,17 @@ active_once_disregard(Socket, N) ->
             ssl:setopts(Socket, [{active, once}]),
             active_once_disregard(Socket, N-byte_size(Bytes))
     end.
+
+is_ipv6_supported() ->
+    case os:cmd("openssl version") of
+        "OpenSSL 0.9.8" ++ _ -> % Does not support IPv6
+            false;
+        "OpenSSL 1.0" ++ _ ->   % Does not support IPv6
+            false;
+        _ ->
+            true
+    end.
+
 is_sane_ecc(openssl) ->
     case os:cmd("openssl version") of
 	"OpenSSL 1.0.0a" ++ _ -> % Known bug in openssl
diff --git a/lib/ssl/test/ssl_to_openssl_SUITE.erl b/lib/ssl/test/ssl_to_openssl_SUITE.erl
index 87a1edfd96..df84411b6d 100644
--- a/lib/ssl/test/ssl_to_openssl_SUITE.erl
+++ b/lib/ssl/test/ssl_to_openssl_SUITE.erl
@@ -1946,6 +1946,11 @@ erlang_ssl_receive(Socket, Data) ->
     ct:log("Connection info: ~p~n",
 		       [ssl:connection_information(Socket)]),
     receive
+        {ssl, Socket, "R\n"} ->
+            %% Swallow s_client renegotiation command.
+            %% openssl s_client connected commands can appear on
+            %% server side with some openssl versions.
+            erlang_ssl_receive(Socket,Data);
 	{ssl, Socket, Data} ->
 	    io:format("Received ~p~n",[Data]),
 	    %% open_ssl server sometimes hangs waiting in blocking read
diff --git a/lib/stdlib/test/binary_module_SUITE.erl b/lib/stdlib/test/binary_module_SUITE.erl
index c5cfea5e9e..e0811f19cf 100644
--- a/lib/stdlib/test/binary_module_SUITE.erl
+++ b/lib/stdlib/test/binary_module_SUITE.erl
@@ -22,7 +22,8 @@
 -export([all/0, suite/0,
 	 interesting/1,scope_return/1,random_ref_comp/1,random_ref_sr_comp/1,
 	 random_ref_fla_comp/1,parts/1, bin_to_list/1, list_to_bin/1,
-	 copy/1, referenced/1,guard/1,encode_decode/1,badargs/1,longest_common_trap/1]).
+	 copy/1, referenced/1,guard/1,encode_decode/1,badargs/1,longest_common_trap/1,
+         check_no_invalid_read_bug/1]).
 
 -export([random_number/1, make_unaligned/1]).
 
@@ -36,7 +37,7 @@ all() ->
     [scope_return,interesting, random_ref_fla_comp, random_ref_sr_comp,
      random_ref_comp, parts, bin_to_list, list_to_bin, copy,
      referenced, guard, encode_decode, badargs,
-     longest_common_trap].
+     longest_common_trap, check_no_invalid_read_bug].
 
 
 -define(MASK_ERROR(EXPR),mask_error((catch (EXPR)))).
@@ -1361,3 +1362,13 @@ make_unaligned2(Bin0) when is_binary(Bin0) ->
     Bin.
 
 id(I) -> I.
+
+check_no_invalid_read_bug(Config) when is_list(Config) ->
+    check_no_invalid_read_bug(24);
+check_no_invalid_read_bug(60) ->
+    ok;
+check_no_invalid_read_bug(I) ->
+    N = 1 bsl I,
+    binary:encode_unsigned(N+N),
+    binary:encode_unsigned(N+N, little),
+    check_no_invalid_read_bug(I+1).