| Age | Commit message (Collapse) | Author |
|---|
|
HonorCipherOrder as implemented in Apache, nginx, lighttpd, etc. This
instructs the server to prefer its own cipher ordering rather than the
client's and can help protect against things like BEAST while
maintaining compatability with clients which only support older ciphers.
This code is mostly written by Andrew Thompson, only the test case was
added by Andreas Schultz.
|
|
|
|
* ia/ssl/ECC-curve-selection/OTP-11575:
ssl: Prepare for release
ssl: fix elliptic curve selection in server mode
|
|
'ia/ssl/server-name-indication-missing-option-validation/OTP-11567' into maint
* ia/ssl/server-name-indication-missing-option-validation/OTP-11567:
ssl: Prepare for release
ssl: Add missing options validation of server_name_indication
|
|
* hawk/reltool_undefined_regexp:
Add missing default value for regexps in reltool It caused a function clause in lists:sort/1:
OTP-11591
OTP-11592
|
|
* hawk/reltool_test_server:
Adapted reltool test server to common test usage of tc_status
|
|
* djc/tinfo-ncurses:
Add support for the separate tinfo library from ncurses
OTP-11590
|
|
* josevalim/jv-console-i:
Handle binary input in console helpers
OTP-11589
|
|
* sverk/term2bin-simplify:
erts: Refactor ESTACK & WSTACK to use a struct easy to "export"
erts: Fix benign ESTACK/WSTACK typo
erts: Fix compiler warnings for NO_JUMP_TABLE
erts: Run binary_SUITE:trapping even for 32bit
erts: Extend binary_SUITE:ttb_trap to also cover binary_to_term
erts: Remove the extra_root feature from the process structure
erts: Simplify term_to_binary by removing saved ESTACK from root set
|
|
* rickard/consume_timeslice-testcase-fix:
Fix testcase driver_SUITE:consume_timeslice
|
|
|
|
* sverk/jinterface/unicode-test-bug:
jinterface: Fix unicode bug in test code
|
|
OTP-11585
* sverk/bin2term-int-size-estimation-bug:
erts: Fix useless comparisons in binary_SUITE:external_size
erts: Reduce heap usage for binary_SUITE:deep
erts: Remove overestimation of heap space in binary_to_term
|
|
|
|
* bjorn/compiler/optimizations/OTP-11584:
Generalize optimizations of case statements
Ignore warnings when running sys_core_fold after inlining
|
|
* bjorn/fix-line-number-in-bs-exception/OTP-11572:
compiler: Correct line number in exception from binary construction
|
|
* bjorn/compiler/fix-lift-after/OTP-11580:
compiler: Silence false warning for unmatched return in 'after' clause
|
|
* egil/etp-commands/OTP-11582:
erts: Update etp-commands with heap-dump
|
|
* egil/fix-bs_get_integer/OTP-11581:
erts: Fix bs_get_integer instruction
|
|
Because 26940a8c0c lifted code in the 'after' clause of 'try' to
a new function, Dialyzer could produce false warnings for code such
as:
try
...
after
file:close(F)
end.
Mark the the call to the generated function as 'compiler_generated'
to silence the warning.
|
|
* fenollp/escript-doc-chmod:
Add a chmod call in the CLI example
OTP-11577
|
|
* RoadRunnr/ecdh_crypto:
crypto: selective support for GF2m curves
ssl: add brainpool elliptic curves to TLS (RFC-7027)
public_key: add brainpool elliptic curves (RFC-5639)
crypto: document ec_curves/0 and ec_curve/1
crypto: add brainpool (RFC 5639) curves
crypto: move elitic curve definitions from OpenSSL built-ins to Erlang
crypto: add ECDH test vectors for more curves
OTP-11578
|
|
This is not a clean refactor. It changes the behaviour slightly
of E/WSTACK_RESTORE. The allocated stack from E/WSTACK_SAVE is used
as-is and not copied into default_stack. This will hopefully fix an
illusive memory leak that valgrind is reporting.
|
|
* rickard/ts_install_mXX_build:
Teach ts_install --enable-mXX-build flag
|
|
Pick up --enable-m32-build and --enable-m64-build configure
flags from the CONFIG_FLAGS environment variable and pass
along to the ts configure script.
|
|
|
|
|
|
Case expressions such as:
case {Expr1,Expr} of
{V1,V2} -> ...
end
are already optimized to not actually build the tuple. Generalize
the optimization to avoid building any kind of composite term,
such as:
case {ok,[A,B]} of
{ok,[X,Y]} -> ...
end
We don't expect programmers to write such code directly, but
inlining can produce such code.
We need to be careful about the warnings we produce. If the case
expression is a literal, it is expected that no warnings should be
produced for clauses that don't match. We must make sure that we
continue to suppress those warnings.
|
|
Reported-by: Stanislav Seletskiy
|
|
|
|
|
|
|
|
The server code erroneously took the list of curves supported by the
client from it's own hello extension, effectively breaking curve
selection all together.
Also the default fallback secp256k1 curve is not supported by
all clients. secp256r1 is recommended as part of the NIST Suite B
cryptographic suites. The chances are much better that all clients
support it, so use that as fallback.
|
|
|
|
* nox/odbcserver-tolower:
Include ctype.h in odbcserver.c for tolower()
OTP-11569
|
|
|
|
* puzza007/remove-query-reserved-word-from-emacs-mode:
remove support for query keyword from emacs mode
OTP-11568
|
|
|
|
* ad/ssh_expand_test:
fix calculation of variable thanks to Alexander Demidenko
OTP-11566
|
|
* weisslj/fix-epmd-names-win32:
epmd: Fix -names option on Windows
OTP-11565
|
|
Since 3aa60cc `epmd -names` does not produce any output on Windows
anymore. This patch uses fwrite() instead of write() which adds the
necessary carriage returns to the output so that it is suitable for the
Windows cmd.exe.
A test case is added (fails on Windows without the patch).
|
|
* weisslj/fix-hipe-no-remove-comments:
hipe: Fix compilation with 'no_remove_comments'
OTP-11564
|
|
* rickard/otp-17-vsn-fix:
Fix issues with new versioning
|
|
Newer OpenSSL versions allow to selectively disable GF2m elliptic curves.
Selectively enable GF2m curves is support for them is available.
|
|
|
|
|
|
|
|
RFC-5649, Section 1, documents the advantages that these curves
might have over others (ANSI, SEC1/2)
|
|
Decouple eliptic curve definition from OpenSSL and define them in
Erlang.
|
|
Vectors have been taken from NIST's CRYPTOGRAPHIC ALGORITHM VALIDATION
PROGRAM (CAVP) (http://csrc.nist.gov/groups/STM/cavp/)
|
