Age | Commit message (Collapse) | Author |
|
This is only an openssh-client-erlang-server test, because
no public API to select ciphers is available for the erlang
client yet.
|
|
|
|
This cipher and hmac are RECOMMENDED as per RFC4344 and
RFC6668. RFC4344 notes that aes128-ctr is likely to be
promoted to REQUIRED in the near future.
Some distros of Linux and Illumos are already shipping with
aes128-cbc and 3des-cbc disabled by default due to security
concerns around chosen-plaintext attacks and other information
leaks. Without this patch, OTP SSH cannot connect to these
SSH servers in their default configuration.
|
|
* sverk/crypto-leaking-hmac/OTP-11953:
crypto: Fix memory leak in some error cases
crypto: Fix memory leak in hmac stream functions
|
|
* scrapinghub/stream_body_with_no_content_length:
inets: Fix HTTP 1.0 body end on closed connection
|
|
* mikpe/openfile-dont-use-undefined-statbuf:
Fix efile_openfile() to handle stat() failure
|
|
* RoadRunnr/ssl/fix-tests:
SSL: fix OpenSSL known renegotiation bug detection
SSL: in tests, filter ssl client ciphers for version compatibility
|
|
* fenek/fix/vstudio_macro:
Add Visual Studio macros to erl_driver.h and ei.h
|
|
* ia/ssl/default-ciphers/OTP-11966:
ssl: Workaround that gen_fsm does not call CB:format_status when CB:terminate crashes.
SSL: always filter the full list of supported ciphers against the supported algorithms
ssl: Filter default ciphers for supported Crypto algorihms
|
|
crashes.
|
|
* lukas/erts/git_vsn_script_fix/OTP-11961:
erts: Fix git version script
|
|
|
|
algorithms
With the addition of more ciphers that are not supported in all
configurations, using a manually prefiltered cipher list (e.g. EC vs.
non-EC ciphers) becomes to complex. Replace the manual split with
ssl_cipher:filter_suites/1 in all places.
Conflicts:
lib/ssl/src/ssl.erl
lib/ssl/src/tls_v1.erl
|
|
* ia/ssl/prep-release:
ssl: Prepare for release
|
|
* hb/dialyzer/correct_docs:
[dialyzer] Correct docs about options
|
|
|
|
* anders/diameter/17.1/OTP-11943:
Update appup for OTP-11958: dictionary compilation
|
|
* anders/diameter/dictionaries/OTP-11958:
Fix broken check for undefined AVPs in @codec and @custom_types
Add @codecs and @custom_types tests to compiler suite
|
|
Instead of detecting the error, code generation failed when attempting
to lookup the type of an undefined AVP.
|
|
Dictionary compilation fails to detect undefined AVPs in these sections.
|
|
Modules: diameter_dict_util
Not in the app file, no change required.
|
|
* sverk/etp-cp-fix:
erts: Fix bug in gdb function etp-cp-1
|
|
|
|
The OpenSSL detection match would actually consider all 1.0.1 versions
as affected when really only 1.0.1 - 1.0.1c are.
|
|
Some psk and some not yet supported anonymous suites are only supported
with TLS version >= 1.2. This adds them to the tests and makes sure
that they are not tested on TLS versions that do not support them.
|
|
* siri/cdv-timer-reg-proc/OTP-11919:
[cdv] Allow registered name as owner of timer in crashdump
|
|
|
|
|
|
* ia/ssl/improved-options-handling/OTP-11950:
ssl: Correct test SUITE
ssl: Add format_status function to ssl connection process
inets: Correct httpc_SUITE
ssl: Add ssl options to listen options tracker
ssl: Move init
|
|
* anders/diameter/17.1/OTP-11943:
Update appup for OTP-11946, OTP-11936: 5014, Failed-AVP decode
Update appup for OTP-11938: terminate watchdog after DPR reception
Update appup for OTP-11721: log and counter hardening
Update appup for OTP-11937: counters
Update appup for OTP-11901: diameter_sctp function_clause
Update appup for OTP-11934: watchdog process leak
Update appup for OTP-11893: request table leak
Update appup for OTP-11891: result code counters for CEA/DWA/DPA
vsn -> 1.7
Fix broken release note for diameter-1.4.4
|
|
* anders/diameter/hardening/OTP-11721:
Change answer_errors default from report to discard
|
|
Modules: diameter_codec, dictionary modules
diameter_codec must be loaded last.
No change required.
|
|
Modules: diameter_watchdog, diameter_peer_fsm
diameter_watchdog must be loaded first.
|
|
Modules: diameter_codec, diameter_peer_fsm, diameter_watchdog,
diameter_traffic, diameter_service, diameter_lib,
dictionary modules
diameter_lib and diameter_traffic (in that order) must be loaded first.
diameter_codec last must be loaded before diameter_peer_fsm and
diameter_watchdog.
|
|
Conflicts:
OTP_VERSION
lib/ssh/test/ssh_basic_SUITE.erl
lib/ssh/vsn.mk
|
|
crashdump_viewer would crash if the owner of a timer was specified as
the process' regisered name. This has been corrected.
|
|
Modules: diameter_peer_fsm, diameter_watchdog, diameter_codec,
diameter_traffic
diameter_traffic must be loaded first.
|
|
|
|
Modules: diameter_service, diameter_watchdog
No change required.
|
|
|
|
|
|
* hans/ssh/patch-17.0.2:
ssh: Prepare for release
ssh: Use correct timeout value for the connection timeout
ssh: Add max_session parameter to ssh:daemon
|
|
* ia/inets/prep:
inets: Prepare for release
|
|
* ia/inets/maint-17/string-lengths/OTP-11925:
inets: httpd - Behave well on not so long but wrong request lines
inets: httpc - update test suite framwork to adopt to change in httpd
inets: httpd - Reject incorrect large request lines early
|
|
* ia/inets/block-unblock/OTP-11914:
inets: Correct distirbing mode for httpd:reload_config/2
|
|
config_reload tests are not enough to test httpd "block/unblock"
used by config_reload, so renable some test cases in the old_httpd_SUITE
after making them work with the new code. Should be cleaned up and moved
to httpd_SUITE.
|
|
Modules: diameter_service
|
|
Modules: diameter_traffic, diameter_peer_fsm, diameter_watchdog
diameter_traffic must be loaded first.
|
|
|
|
Those were bug fixes, not known issues.
|