13 files changed, 526 insertions, 102 deletions
diff --git a/lib/hipe/icode/hipe_icode_primops.erl b/lib/hipe/icode/hipe_icode_primops.erl
index 84aae30291..a0deb31c42 100644
--- a/lib/hipe/icode/hipe_icode_primops.erl
+++ b/lib/hipe/icode/hipe_icode_primops.erl
@@ -504,16 +504,16 @@ type(Primop, Args) ->
 	  NewBinType = match_bin(erl_types:t_bitstr(0, Size), BinType),
 	  NewMatchState = 
 	    erl_types:t_matchstate_update_present(NewBinType, MatchState),
-	  if Signed =:= 0 ->
-	      UpperBound = inf_add(safe_bsl(1, Size), -1),
-	      erl_types:t_product([erl_types:t_from_range(0, UpperBound),
-				   NewMatchState]);
-	     Signed =:= 4 ->
-	      erl_types:t_product([erl_types:t_from_range(
-				     inf_inv(safe_bsl(1, Size-1)),
-				     inf_add(safe_bsl(1, Size-1), -1)),
-				   NewMatchState])
-	  end;
+	  Range =
+	    case Signed of
+	      0 ->
+		UpperBound = inf_add(safe_bsl_1(Size), -1),
+		erl_types:t_from_range(0, UpperBound);
+	      4 ->
+		Bound = safe_bsl_1(Size - 1),
+		erl_types:t_from_range(inf_inv(Bound), inf_add(Bound, -1))
+	    end,
+	  erl_types:t_product([Range, NewMatchState]);
 	[_Arg] ->
 	  NewBinType = match_bin(erl_types:t_bitstr(Size, 0), BinType),
 	  NewMatchState = 
@@ -969,18 +969,19 @@ check_fun_args(_, _) ->
 match_bin(Pattern, Match) ->
   erl_types:t_bitstr_match(Pattern, Match).
 
-safe_bsl(0, _) -> 0;
-safe_bsl(Base, Shift) when Shift =< 128 -> Base bsl Shift;
-safe_bsl(Base, _Shift) when Base > 0 -> pos_inf;
-safe_bsl(Base, _Shift) when Base < 0 -> neg_inf.
+-spec safe_bsl_1(non_neg_integer()) -> non_neg_integer() | 'pos_inf'.
+
+safe_bsl_1(Shift) when Shift =< 128 -> 1 bsl Shift;
+safe_bsl_1(_Shift) -> pos_inf.
+
+%%
+%% The following two functions are stripped-down versions of more
+%% general functions that exist in hipe_icode_range.erl
+%%
 
 inf_inv(pos_inf) -> neg_inf;
-inf_inv(neg_inf) -> pos_inf;
-inf_inv(Number) -> -Number.
+inf_inv(Number) when is_integer(Number) -> -Number.
 
 inf_add(pos_inf, _Number) -> pos_inf;
-inf_add(neg_inf, _Number) -> neg_inf;
-inf_add(_Number, pos_inf) -> pos_inf;
-inf_add(_Number, neg_inf) -> neg_inf;
 inf_add(Number1, Number2) when is_integer(Number1), is_integer(Number2) ->
   Number1 + Number2.
diff --git a/lib/kernel/doc/src/heart.xml b/lib/kernel/doc/src/heart.xml
index b9fad17ce1..9da4773f2d 100644
--- a/lib/kernel/doc/src/heart.xml
+++ b/lib/kernel/doc/src/heart.xml
@@ -118,6 +118,13 @@
     <p>In the following descriptions, all function fails with reason
       <c>badarg</c> if <c>heart</c> is not started.</p>
   </description>
+
+  <datatypes>
+      <datatype>
+          <name name="heart_option"/>
+      </datatype>
+  </datatypes>
+
   <funcs>
     <func>
       <name name="set_cmd" arity="1"/>
@@ -154,6 +161,62 @@
           the empty string will be returned.</p>
       </desc>
     </func>
+
+    <func>
+      <name name="set_callback" arity="2"/>
+      <fsummary>Set a validation callback</fsummary>
+      <desc>
+          <p> This validation callback will be executed before any heartbeat sent
+              to the port program. For the validation to succeed it needs to return
+              with the value <c>ok</c>.
+        </p>
+        <p> An exception within the callback will be treated as a validation failure. </p>
+        <p> The callback will be removed if the system reboots. </p>
+      </desc>
+    </func>
+    <func>
+      <name name="clear_callback" arity="0"/>
+      <fsummary>Clear the validation callback</fsummary>
+      <desc>
+          <p>Removes the validation callback call before heartbeats.</p>
+      </desc>
+    </func>
+    <func>
+      <name name="get_callback" arity="0"/>
+      <fsummary>Get the validation callback</fsummary>
+      <desc>
+          <p>Get the validation callback. If the callback is cleared, <c>none</c> will be returned.</p>
+      </desc>
+    </func>
+
+    <func>
+        <name name="set_options" arity="1"/>
+        <fsummary>Set a list of options</fsummary>
+        <desc>
+            <p> Valid options <c>set_options</c> are: </p>
+            <taglist>
+                <tag><c>check_schedulers</c></tag>
+                <item>
+                    <p>If enabled, a signal will be sent to each scheduler to check its
+                        responsiveness. The system check occurs before any heartbeat sent
+                        to the port program. If any scheduler is not responsive enough the
+                        heart program will not receive its heartbeat and thus eventually terminate the node.
+                    </p>
+                </item>
+            </taglist>
+            <p> Returns with the value <c>ok</c> if the options are valid.</p>
+        </desc>
+    </func>
+    <func>
+      <name name="get_options" arity="0"/>
+      <fsummary>Get the temporary reboot command</fsummary>
+      <desc>
+          <p>Returns <c>{ok, Options}</c> where <c>Options</c> is a list of current options enabled for heart.
+              If the callback is cleared, <c>none</c> will be returned.</p>
+      </desc>
+    </func>
+
+
   </funcs>
 </erlref>
 
diff --git a/lib/kernel/src/gen_tcp.erl b/lib/kernel/src/gen_tcp.erl
index d7dba4ac80..8cb2a725e8 100644
--- a/lib/kernel/src/gen_tcp.erl
+++ b/lib/kernel/src/gen_tcp.erl
@@ -114,7 +114,8 @@
         option().
 -type socket() :: port().
 
--export_type([option/0, option_name/0, connect_option/0, listen_option/0]).
+-export_type([option/0, option_name/0, connect_option/0, listen_option/0,
+              socket/0]).
 
 %%
 %% Connect a socket
diff --git a/lib/kernel/src/heart.erl b/lib/kernel/src/heart.erl
index 137fad706f..eea78aabdf 100644
--- a/lib/kernel/src/heart.erl
+++ b/lib/kernel/src/heart.erl
@@ -34,7 +34,11 @@
 %%%
 %%% It recognizes the flag '-heart'
 %%%--------------------------------------------------------------------
--export([start/0, init/2, set_cmd/1, clear_cmd/0, get_cmd/0, cycle/0]).
+-export([start/0, init/2,
+         set_cmd/1, clear_cmd/0, get_cmd/0,
+         set_callback/2, clear_callback/0, get_callback/0,
+         set_options/1, get_options/0,
+         cycle/0]).
 
 -define(START_ACK, 1).
 -define(HEART_BEAT, 2).
@@ -49,6 +53,16 @@
 -define(CYCLE_TIMEOUT, 10000).
 -define(HEART_PORT_NAME, heart_port).
 
+%% valid heart options
+-define(SCHEDULER_CHECK_OPT, check_schedulers).
+
+-type heart_option() :: ?SCHEDULER_CHECK_OPT.
+
+-record(state,{port :: port(),
+               cmd  :: [] | binary(),
+               options :: [heart_option()],
+               callback :: 'undefined' | {atom(), atom()}}).
+
 %%---------------------------------------------------------------------
 
 -spec start() -> 'ignore' | {'error', term()} | {'ok', pid()}.
@@ -81,11 +95,11 @@ wait_for_init_ack(From) ->
 init(Starter, Parent) ->
     process_flag(trap_exit, true),
     process_flag(priority, max),
-    register(heart, self()),
+    register(?MODULE, self()),
     case catch start_portprogram() of
 	{ok, Port} ->
 	    Starter ! {ok, self()},
-	    loop(Parent, Port, "");
+	    loop(Parent, #state{port=Port, cmd=[], options=[]});
 	no_heart ->
 	    Starter ! {no_heart, self()};
 	error ->
@@ -96,33 +110,68 @@ init(Starter, Parent) ->
       Cmd :: string().
 
 set_cmd(Cmd) ->
-    heart ! {self(), set_cmd, Cmd},
+    ?MODULE ! {self(), set_cmd, Cmd},
     wait().
 
 -spec get_cmd() -> {ok, Cmd} when
       Cmd :: string().
 
 get_cmd() ->
-    heart ! {self(), get_cmd},
+    ?MODULE ! {self(), get_cmd},
     wait().
 
 -spec clear_cmd() -> ok.
 
 clear_cmd() ->
-    heart ! {self(), clear_cmd},
+    ?MODULE ! {self(), clear_cmd},
+    wait().
+
+-spec set_callback(Module,Function) -> 'ok' | {'error', {'bad_callback', {Module, Function}}} when
+      Module :: atom(),
+      Function :: atom().
+
+set_callback(Module, Function) ->
+    ?MODULE ! {self(), set_callback, {Module,Function}},
+    wait().
+
+-spec get_callback() -> {'ok', {Module, Function}} | 'none' when
+      Module :: atom(),
+      Function :: atom().
+
+get_callback() ->
+    ?MODULE ! {self(), get_callback},
+    wait().
+
+-spec clear_callback() -> ok.
+
+clear_callback() ->
+    ?MODULE ! {self(), clear_callback},
+    wait().
+
+-spec set_options(Options) -> 'ok' | {'error', {'bad_options', Options}} when
+      Options :: [heart_option()].
+
+set_options(Options) ->
+    ?MODULE ! {self(), set_options, Options},
     wait().
 
+-spec get_options() -> {'ok', Options} | 'none' when
+      Options :: [atom()].
+
+get_options() ->
+    ?MODULE ! {self(), get_options},
+    wait().
 
 %%% Should be used solely by the release handler!!!!!!!
 -spec cycle() -> 'ok' | {'error', term()}.
 
 cycle() ->
-    heart ! {self(), cycle},
+    ?MODULE ! {self(), cycle},
     wait().
 
 wait() ->
     receive
-	{heart, Res} ->
+	{?MODULE, Res} ->
 	    Res
     end.
 
@@ -182,8 +231,8 @@ wait_ack(Port) ->
 	    {error, Reason}
     end.
 
-loop(Parent, Port, Cmd) ->
-    _ = send_heart_beat(Port),
+loop(Parent, #state{port=Port}=S) ->
+    _ = send_heart_beat(S),
     receive
 	{From, set_cmd, NewCmd0} ->
 	    Enc = file:native_name_encoding(),
@@ -191,37 +240,72 @@ loop(Parent, Port, Cmd) ->
 		NewCmd when is_binary(NewCmd), byte_size(NewCmd) < 2047 ->
 		    _ = send_heart_cmd(Port, NewCmd),
 		    _ = wait_ack(Port),
-		    From ! {heart, ok},
-		    loop(Parent, Port, NewCmd);
+		    From ! {?MODULE, ok},
+		    loop(Parent, S#state{cmd=NewCmd});
 		_ ->
-		    From ! {heart, {error, {bad_cmd, NewCmd0}}},
-		    loop(Parent, Port, Cmd)
+		    From ! {?MODULE, {error, {bad_cmd, NewCmd0}}},
+		    loop(Parent, S)
 	    end;
 	{From, clear_cmd} ->
-	    From ! {heart, ok},
-	    _ = send_heart_cmd(Port, ""),
+	    From ! {?MODULE, ok},
+	    _ = send_heart_cmd(Port, []),
 	    _ = wait_ack(Port),
-	    loop(Parent, Port, "");
+	    loop(Parent, S#state{cmd = []});
 	{From, get_cmd} ->
-	    From ! {heart, get_heart_cmd(Port)},
-	    loop(Parent, Port, Cmd);
+	    From ! {?MODULE, get_heart_cmd(Port)},
+            loop(Parent, S);
+	{From, set_callback, Callback} ->
+            case Callback of
+                {M,F} when is_atom(M), is_atom(F) ->
+                    From ! {?MODULE, ok},
+                    loop(Parent, S#state{callback=Callback});
+                _ ->
+		    From ! {?MODULE, {error, {bad_callback, Callback}}},
+                    loop(Parent, S)
+            end;
+        {From, get_callback} ->
+            Res = case S#state.callback of
+                      undefined -> none;
+                      Cb -> {ok, Cb}
+                  end,
+            From ! {?MODULE, Res},
+            loop(Parent, S);
+        {From, clear_callback} ->
+            From ! {?MODULE, ok},
+            loop(Parent, S#state{callback=undefined});
+	{From, set_options, Options} ->
+            case validate_options(Options) of
+                Validated when is_list(Validated) ->
+                    From ! {?MODULE, ok},
+                    loop(Parent, S#state{options=Validated});
+                _ ->
+		    From ! {?MODULE, {error, {bad_options, Options}}},
+                    loop(Parent, S)
+            end;
+        {From, get_options} ->
+            Res = case S#state.options of
+                      [] -> none;
+                      Cb -> {ok, Cb}
+                  end,
+            From ! {?MODULE, Res},
+            loop(Parent, S);
 	{From, cycle} ->
 	    %% Calls back to loop
-	    do_cycle_port_program(From, Parent, Port, Cmd);  
+	    do_cycle_port_program(From, Parent, S);
 	{'EXIT', Parent, shutdown} ->
 	    no_reboot_shutdown(Port);
 	{'EXIT', Parent, Reason} ->
 	    exit(Port, Reason),
 	    exit(Reason);
 	{'EXIT', Port, badsig} ->  % we can ignore badsig-messages!
-	    loop(Parent, Port, Cmd);
+	    loop(Parent, S);
 	{'EXIT', Port, _Reason} ->
-	    exit({port_terminated, {heart, loop, [Parent, Port, Cmd]}});
+	    exit({port_terminated, {?MODULE, loop, [Parent, S]}});
 	_ -> 
-	    loop(Parent, Port, Cmd)
+	    loop(Parent, S)
     after
 	?TIMEOUT ->
-	    loop(Parent, Port, Cmd)
+	    loop(Parent, S)
     end.
 
 -spec no_reboot_shutdown(port()) -> no_return().
@@ -233,36 +317,44 @@ no_reboot_shutdown(Port) ->
 	    exit(normal)
     end.
 
-do_cycle_port_program(Caller, Parent, Port, Cmd) ->
+validate_options(Opts) -> validate_options(Opts,[]).
+validate_options([],Res) -> Res;
+validate_options([?SCHEDULER_CHECK_OPT=Opt|Opts],Res) -> validate_options(Opts,[Opt|Res]);
+validate_options(_,_) -> error.
+
+do_cycle_port_program(Caller, Parent, #state{port=Port} = S) ->
     unregister(?HEART_PORT_NAME),
     case catch start_portprogram() of
 	{ok, NewPort} ->
 	    _ = send_shutdown(Port),
 	    receive
 		{'EXIT', Port, _Reason} ->
-		    _ = send_heart_cmd(NewPort, Cmd),
-		    Caller ! {heart, ok},
-		    loop(Parent, NewPort, Cmd)
+		    _ = send_heart_cmd(NewPort, S#state.cmd),
+		    Caller ! {?MODULE, ok},
+		    loop(Parent, S#state{port=NewPort})
 	    after
 		?CYCLE_TIMEOUT ->
 		    %% Huh! Two heart port programs running...
 		    %% well, the old one has to be sick not to respond
 		    %% so we'll settle for the new one...
-		    _ = send_heart_cmd(NewPort, Cmd),
-		    Caller ! {heart, {error, stop_error}},
-		    loop(Parent, NewPort, Cmd)
+		    _ = send_heart_cmd(NewPort, S#state.cmd),
+		    Caller ! {?MODULE, {error, stop_error}},
+		    loop(Parent, S#state{port=NewPort})
 	    end;
 	no_heart ->
-	    Caller ! {heart, {error, no_heart}},
-	    loop(Parent, Port, Cmd);
+	    Caller ! {?MODULE, {error, no_heart}},
+	    loop(Parent, S);
 	error ->
-	    Caller ! {heart, {error, start_error}},
-	    loop(Parent, Port, Cmd)
+	    Caller ! {?MODULE, {error, start_error}},
+	    loop(Parent, S)
     end.
     
 
 %% "Beates" the heart once.
-send_heart_beat(Port) -> Port ! {self(), {command, [?HEART_BEAT]}}.
+send_heart_beat(#state{port=Port, callback=Cb, options=Opts}) ->
+    ok = check_system(Opts),
+    ok = check_callback(Cb),
+    Port ! {self(), {command, [?HEART_BEAT]}}.
 
 %% Set a new HEART_COMMAND.
 -dialyzer({no_improper_lists, send_heart_cmd/2}).
@@ -278,6 +370,24 @@ get_heart_cmd(Port) ->
 	    {ok, Cmd}
     end.
 
+check_system([]) -> ok;
+check_system([?SCHEDULER_CHECK_OPT|Opts]) ->
+    ok = erts_internal:system_check(schedulers),
+    check_system(Opts).
+
+%% validate system by performing a check before the heartbeat
+%% return 'ok' if everything is alright.
+%% Terminate if with reason if something is a miss.
+%% It is fine to timeout in the callback, in fact that is the intention
+%% if something goes wront -> no heartbeat.
+
+check_callback(Callback) ->
+    case Callback of
+        undefined -> ok;
+        {M,F} ->
+            erlang:apply(M,F,[])
+    end.
+
 %% Sends shutdown command to the port.
 send_shutdown(Port) -> Port ! {self(), {command, [?SHUT_DOWN]}}.
 
diff --git a/lib/kernel/test/heart_SUITE.erl b/lib/kernel/test/heart_SUITE.erl
index 83efbb4c35..39cd29cea0 100644
--- a/lib/kernel/test/heart_SUITE.erl
+++ b/lib/kernel/test/heart_SUITE.erl
@@ -27,6 +27,8 @@
 	 node_start_immediately_after_crash/1,
 	 node_start_soon_after_crash/1,
 	 set_cmd/1, clear_cmd/1, get_cmd/1,
+	 callback_api/1,
+         options_api/1,
 	 dont_drop/1, kill_pid/1]).
 
 -export([init_per_testcase/2, end_per_testcase/2]).
@@ -66,6 +68,8 @@ all() -> [
 	node_start_immediately_after_crash,
 	node_start_soon_after_crash,
 	set_cmd, clear_cmd, get_cmd,
+	callback_api,
+        options_api,
 	kill_pid
     ].
 
@@ -358,6 +362,69 @@ get_cmd(Config) when is_list(Config) ->
     stop_node(Node),
     ok.
 
+callback_api(Config) when is_list(Config) ->
+    {ok, Node} = start_check(slave, heart_test),
+    none = rpc:call(Node, heart, get_callback, []),
+    M0 = self(),
+    F0 = ok,
+    {error, {bad_callback, {M0,F0}}} = rpc:call(Node, heart, set_callback, [M0,F0]),
+    none = rpc:call(Node, heart, get_callback, []),
+    M1 = lists:duplicate(28, $a),
+    F1 = lists:duplicate(28, $b),
+    {error, {bad_callback, {M1,F1}}} = rpc:call(Node, heart, set_callback, [M1,F1]),
+    none = rpc:call(Node, heart, get_callback, []),
+
+    M2 = heart_check_module,
+    F2 = cb_ok,
+    F3 = cb_error,
+    Code0 = generate(M2, [], [
+	    atom_to_list(F2) ++ "() -> ok.",
+            atom_to_list(F3) ++ "() -> exit(\"callback_error (as intended)\")."
+	]),
+    {module, M2} = rpc:call(Node, erlang, load_module, [M2, Code0]),
+    ok = rpc:call(Node, M2, F2, []),
+    ok = rpc:call(Node, heart, set_callback, [M2,F2]),
+    {ok, {M2,F2}} = rpc:call(Node, heart, get_callback, []),
+    ok = rpc:call(Node, heart, clear_callback, []),
+    none = rpc:call(Node, heart, get_callback, []),
+    ok = rpc:call(Node, heart, set_callback, [M2,F2]),
+    {ok, {M2,F2}} = rpc:call(Node, heart, get_callback, []),
+    ok = rpc:call(Node, heart, set_callback, [M2,F3]),
+    receive {nodedown, Node} -> ok
+    after 5000 -> test_server:fail(node_not_killed)
+    end,
+    stop_node(Node),
+    ok.
+
+options_api(Config) when is_list(Config) ->
+    {ok, Node} = start_check(slave, heart_test),
+    none = rpc:call(Node, heart, get_options, []),
+    M0 = self(),
+    F0 = ok,
+    {error, {bad_options, {M0,F0}}} = rpc:call(Node, heart, set_options, [{M0,F0}]),
+    none = rpc:call(Node, heart, get_options, []),
+    Ls = lists:duplicate(28, $b),
+    {error, {bad_options, Ls}} = rpc:call(Node, heart, set_options, [Ls]),
+    none = rpc:call(Node, heart, get_options, []),
+
+    ok = rpc:call(Node, heart, set_options, [[check_schedulers]]),
+    {ok, [check_schedulers]} = rpc:call(Node, heart, get_options, []),
+    ok = rpc:call(Node, heart, set_options, [[]]),
+    none = rpc:call(Node, heart, get_options, []),
+
+    ok = rpc:call(Node, heart, set_options, [[check_schedulers]]),
+    {ok, [check_schedulers]} = rpc:call(Node, heart, get_options, []),
+    {error, {bad_options, Ls}} = rpc:call(Node, heart, set_options, [Ls]),
+    {ok, [check_schedulers]} = rpc:call(Node, heart, get_options, []),
+
+    receive after 3000 -> ok end, %% wait 3 secs
+
+    ok = rpc:call(Node, heart, set_options, [[]]),
+    none = rpc:call(Node, heart, get_options, []),
+    stop_node(Node),
+    ok.
+
+
 dont_drop(suite) -> 
 %%% Removed as it may crash epmd/distribution in colourful
 %%% ways. While we ARE finding out WHY, it would
diff --git a/lib/ssh/doc/src/ssh_sftp.xml b/lib/ssh/doc/src/ssh_sftp.xml
index c6ca0f161a..f4b41b74f3 100644
--- a/lib/ssh/doc/src/ssh_sftp.xml
+++ b/lib/ssh/doc/src/ssh_sftp.xml
@@ -333,7 +333,7 @@
 
     <func>
       <name>position(ChannelPid, Handle, Location) -></name>
-      <name>position(ChannelPid, Handle, Location, Timeout) -> {ok, NewPosition | {error, Error}</name>
+      <name>position(ChannelPid, Handle, Location, Timeout) -> {ok, NewPosition} | {error, Reason}</name>
       <fsummary>Sets the file position of a file.</fsummary>
       <type>
         <v>ChannelPid = pid()</v>
@@ -399,7 +399,7 @@
 
     <func>
       <name>pwrite(ChannelPid, Handle, Position, Data) -> ok</name>
-      <name>pwrite(ChannelPid, Handle, Position, Data, Timeout) -> ok | {error, Error}</name>
+      <name>pwrite(ChannelPid, Handle, Position, Data, Timeout) -> ok | {error, Reason}</name>
       <fsummary>Writes to an open file.</fsummary>
       <type>
         <v>ChannelPid = pid()</v>
@@ -592,7 +592,7 @@
 
     <func>
       <name>write(ChannelPid, Handle, Data) -></name>
-      <name>write(ChannelPid, Handle, Data, Timeout) -> ok | {error, Error}</name>
+      <name>write(ChannelPid, Handle, Data, Timeout) -> ok | {error, Reason}</name>
       <fsummary>Writes to an open file.</fsummary>
       <type>
         <v>ChannelPid = pid()</v>
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index d3881ad117..a76d46ee9b 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -271,7 +271,11 @@ atom()}} |
 	  terminate regarding verification failures and the connection is
 	  established.</p></item>
 	  <item><p>If called with an extension unknown to the user application,
-	  return value <c>{unknown, UserState}</c> is to be used.</p></item>
+	  return value <c>{unknown, UserState}</c> is to be used.</p>
+
+	  <p>Note that if the fun returns <c>unknown</c> for an extension marked
+	  as critical, validation will fail.</p>
+	  </item>
 	</list>
 
 	<p>Default option <c>verify_fun</c> in <c>verify_peer mode</c>:</p>
@@ -293,6 +297,8 @@ atom()}} |
        <code>
 {fun(_,{bad_cert, _}, UserState) ->
 	 {valid, UserState};
+    (_,{extension, #'Extension'{critical = true}}, UserState) ->
+	 {valid, UserState};
     (_,{extension, _}, UserState) ->
 	 {unknown, UserState};
     (_, valid, UserState) ->
diff --git a/lib/ssl/examples/src/client_server.erl b/lib/ssl/examples/src/client_server.erl
index 799027123f..019b5130d2 100644
--- a/lib/ssl/examples/src/client_server.erl
+++ b/lib/ssl/examples/src/client_server.erl
@@ -26,9 +26,7 @@
 
 start() ->
     %% Start ssl application
-    application:start(crypto),
-    application:start(public_key),
-    application:start(ssl),
+    {ok, StartedApps} = application:ensure_all_started(ssl),
 
     %% Let the current process be the server that listens and accepts
     %% Listen
@@ -52,7 +50,8 @@ start() ->
     ssl:close(ASock),
     io:fwrite("Listen: closing and terminating.~n"),
     ssl:close(LSock),
-    application:stop(ssl).
+
+    lists:foreach(fun application:stop/1, lists:reverse(StartedApps)).
 
 
 %% Client connect
diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl
index c1bc90559e..780bef5877 100644
--- a/lib/ssl/src/ssl.erl
+++ b/lib/ssl/src/ssl.erl
@@ -60,22 +60,19 @@
 -spec start() -> ok  | {error, reason()}.
 -spec start(permanent | transient | temporary) -> ok | {error, reason()}.
 %%
-%% Description: Utility function that starts the ssl, 
-%% crypto and public_key applications. Default type
-%% is temporary. see application(3)
+%% Description: Utility function that starts the ssl and applications
+%% that it depends on.
+%% see application(3)
 %%--------------------------------------------------------------------
 start() ->
-    application:start(crypto),
-    application:start(asn1),
-    application:start(public_key),
-    application:start(ssl).
-
+    start(temporary).
 start(Type) ->
-    application:start(crypto, Type),
-    application:start(asn1),
-    application:start(public_key, Type),
-    application:start(ssl, Type).
-
+    case application:ensure_all_started(ssl, Type) of
+	{ok, _} ->
+	    ok;
+	Other ->
+	    Other
+    end.
 %%--------------------------------------------------------------------
 -spec stop() -> ok.
 %%
@@ -1296,6 +1293,12 @@ handle_verify_options(Opts, CaCerts) ->
     DefaultVerifyNoneFun =
 	{fun(_,{bad_cert, _}, UserState) ->
 		 {valid, UserState};
+	    (_,{extension, #'Extension'{critical = true}}, UserState) ->
+		 %% This extension is marked as critical, so
+		 %% certificate verification should fail if we don't
+		 %% understand the extension.  However, this is
+		 %% `verify_none', so let's accept it anyway.
+		 {valid, UserState};
 	    (_,{extension, _}, UserState) ->
 		 {unknown, UserState};
 	    (_, valid, UserState) ->
diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl
index e9e140836b..e98073080a 100644
--- a/lib/ssl/src/ssl_handshake.erl
+++ b/lib/ssl/src/ssl_handshake.erl
@@ -2072,12 +2072,9 @@ crl_check(OtpCert, Check, CertDbHandle, CertDbRef, {Callback, CRLDbHandle}, _) -
 	      ],
     case dps_and_crls(OtpCert, Callback, CRLDbHandle, ext) of
 	no_dps ->
-	    case dps_and_crls(OtpCert, Callback, CRLDbHandle, same_issuer) of
-		[] ->
-		    valid; %% No relevant CRL existed
-		DpsAndCRls ->
-		    crl_check_same_issuer(OtpCert, Check, DpsAndCRls, Options)		
-	    end;
+	    crl_check_same_issuer(OtpCert, Check,
+				  dps_and_crls(OtpCert, Callback, CRLDbHandle, same_issuer),
+				  Options);
 	DpsAndCRLs ->  %% This DP list may be empty if relevant CRLs existed 
 	    %% but could not be retrived, will result in {bad_cert, revocation_status_undetermined}
 	    case public_key:pkix_crls_validate(OtpCert, DpsAndCRLs, Options) of
diff --git a/lib/ssl/test/ssl_certificate_verify_SUITE.erl b/lib/ssl/test/ssl_certificate_verify_SUITE.erl
index 968ef30791..d10506cb69 100644
--- a/lib/ssl/test/ssl_certificate_verify_SUITE.erl
+++ b/lib/ssl/test/ssl_certificate_verify_SUITE.erl
@@ -66,7 +66,9 @@ tests() ->
      invalid_signature_client,
      invalid_signature_server,
      extended_key_usage_verify_peer,
-     extended_key_usage_verify_none].
+     extended_key_usage_verify_none,
+     critical_extension_verify_peer,
+     critical_extension_verify_none].
 
 error_handling_tests()->
     [client_with_cert_cipher_suites_handshake,
@@ -795,6 +797,121 @@ extended_key_usage_verify_none(Config) when is_list(Config) ->
     ssl_test_lib:close(Client).
 
 %%--------------------------------------------------------------------
+critical_extension_verify_peer() ->
+    [{doc,"Test cert that has a critical unknown extension in verify_peer mode"}].
+
+critical_extension_verify_peer(Config) when is_list(Config) ->
+    ClientOpts = ?config(client_verification_opts, Config),
+    ServerOpts = ?config(server_verification_opts, Config),
+    PrivDir = ?config(priv_dir, Config),
+    Active = ?config(active, Config),
+    ReceiveFunction =  ?config(receive_function, Config),
+
+    KeyFile = filename:join(PrivDir, "otpCA/private/key.pem"),
+    NewCertName = integer_to_list(erlang:unique_integer()) ++ ".pem",
+
+    ServerCertFile = proplists:get_value(certfile, ServerOpts),
+    NewServerCertFile = filename:join([PrivDir, "server", NewCertName]),
+    add_critical_netscape_cert_type(ServerCertFile, NewServerCertFile, KeyFile),
+    NewServerOpts = [{certfile, NewServerCertFile} | proplists:delete(certfile, ServerOpts)],
+
+    ClientCertFile = proplists:get_value(certfile, ClientOpts),
+    NewClientCertFile = filename:join([PrivDir, "client", NewCertName]),
+    add_critical_netscape_cert_type(ClientCertFile, NewClientCertFile, KeyFile),
+    NewClientOpts = [{certfile, NewClientCertFile} | proplists:delete(certfile, ClientOpts)],
+
+    {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
+
+    Server = ssl_test_lib:start_server_error(
+               [{node, ServerNode}, {port, 0},
+                {from, self()},
+                {mfa, {ssl_test_lib,  ReceiveFunction, []}},
+                {options, [{verify, verify_peer}, {active, Active} | NewServerOpts]}]),
+    Port = ssl_test_lib:inet_port(Server),
+    Client = ssl_test_lib:start_client_error(
+               [{node, ClientNode}, {port, Port},
+                {host, Hostname},
+                {from, self()},
+                {mfa, {ssl_test_lib, ReceiveFunction, []}},
+                {options, [{verify, verify_peer}, {active, Active} | NewClientOpts]}]),
+
+    %% This certificate has a critical extension that we don't
+    %% understand.  Therefore, verification should fail.
+    tcp_delivery_workaround(Server, {error, {tls_alert, "unsupported certificate"}},
+                            Client, {error, {tls_alert, "unsupported certificate"}}),
+
+    ssl_test_lib:close(Server),
+    ok.
+
+%%--------------------------------------------------------------------
+critical_extension_verify_none() ->
+    [{doc,"Test cert that has a critical unknown extension in verify_none mode"}].
+
+critical_extension_verify_none(Config) when is_list(Config) ->
+    ClientOpts = ?config(client_verification_opts, Config),
+    ServerOpts = ?config(server_verification_opts, Config),
+    PrivDir = ?config(priv_dir, Config),
+    Active = ?config(active, Config),
+    ReceiveFunction =  ?config(receive_function, Config),
+
+    KeyFile = filename:join(PrivDir, "otpCA/private/key.pem"),
+    NewCertName = integer_to_list(erlang:unique_integer()) ++ ".pem",
+
+    ServerCertFile = proplists:get_value(certfile, ServerOpts),
+    NewServerCertFile = filename:join([PrivDir, "server", NewCertName]),
+    add_critical_netscape_cert_type(ServerCertFile, NewServerCertFile, KeyFile),
+    NewServerOpts = [{certfile, NewServerCertFile} | proplists:delete(certfile, ServerOpts)],
+
+    ClientCertFile = proplists:get_value(certfile, ClientOpts),
+    NewClientCertFile = filename:join([PrivDir, "client", NewCertName]),
+    add_critical_netscape_cert_type(ClientCertFile, NewClientCertFile, KeyFile),
+    NewClientOpts = [{certfile, NewClientCertFile} | proplists:delete(certfile, ClientOpts)],
+
+    {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
+
+    Server = ssl_test_lib:start_server(
+               [{node, ServerNode}, {port, 0},
+                {from, self()},
+                {mfa, {ssl_test_lib, ReceiveFunction, []}},
+                {options, [{verify, verify_none}, {active, Active} | NewServerOpts]}]),
+    Port = ssl_test_lib:inet_port(Server),
+    Client = ssl_test_lib:start_client(
+               [{node, ClientNode}, {port, Port},
+                {host, Hostname},
+                {from, self()},
+                {mfa, {ssl_test_lib, ReceiveFunction, []}},
+                {options, [{verify, verify_none}, {active, Active} | NewClientOpts]}]),
+
+    %% This certificate has a critical extension that we don't
+    %% understand.  But we're using `verify_none', so verification
+    %% shouldn't fail.
+    ssl_test_lib:check_result(Server, ok, Client, ok),
+
+    ssl_test_lib:close(Server),
+    ssl_test_lib:close(Client),
+    ok.
+
+add_critical_netscape_cert_type(CertFile, NewCertFile, KeyFile) ->
+    [KeyEntry] = ssl_test_lib:pem_to_der(KeyFile),
+    Key = ssl_test_lib:public_key(public_key:pem_entry_decode(KeyEntry)),
+
+    [{'Certificate', DerCert, _}] = ssl_test_lib:pem_to_der(CertFile),
+    OTPCert = public_key:pkix_decode_cert(DerCert, otp),
+    %% This is the "Netscape Cert Type" extension, telling us that the
+    %% certificate can be used for SSL clients and SSL servers.
+    NetscapeCertTypeExt = #'Extension'{
+                             extnID = {2,16,840,1,113730,1,1},
+                             critical = true,
+                             extnValue = <<3,2,6,192>>},
+    OTPTbsCert = OTPCert#'OTPCertificate'.tbsCertificate,
+    Extensions =  OTPTbsCert#'OTPTBSCertificate'.extensions,
+    NewOTPTbsCert = OTPTbsCert#'OTPTBSCertificate'{
+                      extensions = [NetscapeCertTypeExt] ++ Extensions},
+    NewDerCert = public_key:pkix_sign(NewOTPTbsCert, Key),
+    ssl_test_lib:der_to_pem(NewCertFile, [{'Certificate', NewDerCert, not_encrypted}]),
+    ok.
+
+%%--------------------------------------------------------------------
 no_authority_key_identifier() ->
     [{doc, "Test cert that does not have authorityKeyIdentifier extension"
       " but are present in trusted certs db."}].
diff --git a/lib/ssl/test/ssl_crl_SUITE.erl b/lib/ssl/test/ssl_crl_SUITE.erl
index 44580be1ff..5b86027210 100644
--- a/lib/ssl/test/ssl_crl_SUITE.erl
+++ b/lib/ssl/test/ssl_crl_SUITE.erl
@@ -53,7 +53,7 @@ groups() ->
      {idp_crl, [], basic_tests()}].
 
 basic_tests() ->
-    [crl_verify_valid, crl_verify_revoked].
+    [crl_verify_valid, crl_verify_revoked, crl_verify_no_crl].
 
 
 init_per_suite(Config) ->
@@ -186,11 +186,6 @@ crl_verify_revoked(Config)  when is_list(Config) ->
 
     {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
 
-    Server = ssl_test_lib:start_server_error([{node, ServerNode}, {port, 0}, 
-					      {from, self()}, 
-					      {options, ServerOpts}]),
-    Port = ssl_test_lib:inet_port(Server),
-    
     ssl_crl_cache:insert({file, filename:join([PrivDir, "erlangCA", "crl.pem"])}),
     ssl_crl_cache:insert({file, filename:join([PrivDir, "otpCA", "crl.pem"])}),
     
@@ -206,16 +201,55 @@ crl_verify_revoked(Config)  when is_list(Config) ->
 			   {verify, verify_peer}]
 		  end,	
     
-    Client = ssl_test_lib:start_client_error([{node, ClientNode}, {port, Port}, 
-     					      {host, Hostname},
-   					      {from, self()}, 
-     					      {options, ClientOpts}]),
-    receive
-	{Server, AlertOrColse} ->
-	    ct:pal("Server Alert or Close ~p", [AlertOrColse])
-    end,	    
-    ssl_test_lib:check_result(Client, {error, {tls_alert, "certificate revoked"}}).
+    crl_verify_error(Hostname, ServerNode, ServerOpts, ClientNode, ClientOpts,
+                     "certificate revoked").
 
+crl_verify_no_crl() ->
+    [{doc,"Verify a simple CRL chain when the CRL is missing"}].
+crl_verify_no_crl(Config) when is_list(Config) ->
+    PrivDir = ?config(cert_dir, Config),
+    Check = ?config(crl_check, Config),
+    ServerOpts =  [{keyfile, filename:join([PrivDir, "server", "key.pem"])},
+      		  {certfile, filename:join([PrivDir, "server", "cert.pem"])},
+		   {cacertfile, filename:join([PrivDir, "server", "cacerts.pem"])}],
+    ClientOpts =  case ?config(idp_crl, Config) of 
+		      true ->	       
+			  [{cacertfile, filename:join([PrivDir, "server", "cacerts.pem"])},
+			   {crl_check, Check},
+			   {crl_cache, {ssl_crl_cache, {internal, [{http, 5000}]}}},
+			   {verify, verify_peer}];
+		      false ->
+			  [{cacertfile, filename:join([PrivDir, "server", "cacerts.pem"])},
+			   {crl_check, Check},
+			   {verify, verify_peer}]
+		  end,			  
+    {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
+
+    %% In case we're running an HTTP server that serves CRLs, let's
+    %% rename those files, so the CRL is absent when we try to verify
+    %% it.
+    %%
+    %% If we're not using an HTTP server, we just need to refrain from
+    %% adding the CRLs to the cache manually.
+    rename_crl(filename:join([PrivDir, "erlangCA", "crl.pem"])),
+    rename_crl(filename:join([PrivDir, "otpCA", "crl.pem"])),
+
+    %% The expected outcome when the CRL is missing depends on the
+    %% crl_check setting.
+    case Check of
+        true ->
+            %% The error "revocation status undetermined" gets turned
+            %% into "bad certificate".
+            crl_verify_error(Hostname, ServerNode, ServerOpts, ClientNode, ClientOpts,
+                             "bad certificate");
+        peer ->
+            crl_verify_error(Hostname, ServerNode, ServerOpts, ClientNode, ClientOpts,
+                             "bad certificate");
+        best_effort ->
+            %% In "best effort" mode, we consider the certificate not
+            %% to be revoked if we can't find the appropriate CRL.
+            crl_verify_valid(Hostname, ServerNode, ServerOpts, ClientNode, ClientOpts)
+    end.
 
 crl_verify_valid(Hostname, ServerNode, ServerOpts, ClientNode, ClientOpts) ->
     Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0}, 
@@ -236,6 +270,22 @@ crl_verify_valid(Hostname, ServerNode, ServerOpts, ClientNode, ClientOpts) ->
     ssl_test_lib:close(Server),
     ssl_test_lib:close(Client).
 
+crl_verify_error(Hostname, ServerNode, ServerOpts, ClientNode, ClientOpts, ExpectedAlert) ->
+    Server = ssl_test_lib:start_server_error([{node, ServerNode}, {port, 0},
+					      {from, self()},
+					      {options, ServerOpts}]),
+    Port = ssl_test_lib:inet_port(Server),
+
+    Client = ssl_test_lib:start_client_error([{node, ClientNode}, {port, Port},
+					      {host, Hostname},
+					      {from, self()},
+					      {options, ClientOpts}]),
+    receive
+	{Server, AlertOrClose} ->
+	    ct:pal("Server Alert or Close ~p", [AlertOrClose])
+    end,
+    ssl_test_lib:check_result(Client, {error, {tls_alert, ExpectedAlert}}).
+
 %%--------------------------------------------------------------------
 %% Internal functions ------------------------------------------------
 %%--------------------------------------------------------------------
@@ -259,3 +309,5 @@ make_dir_path(PathComponents) ->
 		"",
 		PathComponents).
 
+rename_crl(Filename) ->
+    file:rename(Filename, Filename ++ ".notfound").
diff --git a/lib/stdlib/src/maps.erl b/lib/stdlib/src/maps.erl
index 3c798b7a04..43d10f4800 100644
--- a/lib/stdlib/src/maps.erl
+++ b/lib/stdlib/src/maps.erl
@@ -205,7 +205,7 @@ size(Val) ->
     K :: term().
 
 without(Ks,M) when is_list(Ks), is_map(M) ->
-    maps:from_list([{K,V}||{K,V} <- maps:to_list(M), not lists:member(K, Ks)]);
+    lists:foldl(fun(K, M1) -> ?MODULE:remove(K, M1) end, M, Ks);
 without(Ks,M) ->
     erlang:error(error_type(M),[Ks,M]).
 
@@ -216,8 +216,16 @@ without(Ks,M) ->
     Map2 :: map(),
     K :: term().
 
-with(Ks,M) when is_list(Ks), is_map(M) ->
-    maps:from_list([{K,V}||{K,V} <- maps:to_list(M), lists:member(K, Ks)]);
+with(Ks,Map1) when is_list(Ks), is_map(Map1) ->
+    Fun = fun(K, List) ->
+      case ?MODULE:find(K, Map1) of
+          {ok, V} ->
+              [{K, V} | List];
+          error ->
+              List
+      end
+    end,
+    ?MODULE:from_list(lists:foldl(Fun, [], Ks));
 with(Ks,M) ->
     erlang:error(error_type(M),[Ks,M]).