aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2011-10-11Put back ssl:peercert/1Ingela Anderton Andin
I accidentally removed a little too much, only peercert/2 was deprecated.
2011-10-10Merge branch 'anders/diameter/tls_over_tcp/OTP-9605'Anders Svensson
* anders/diameter/tls_over_tcp/OTP-9605: Move init/end_per_suite into testcases Skip tls testsuite if there's no openssl Clarify that ssl must be started for TLS support Add tls support at connection establishment Add tls testsuite Documentation updates Close transport if tls is requested over sctp Handle tls notification for tcp Lift recursion in tcp message reception up the call chain Add tls support to capabilities exchange
2011-10-10Merge branch 'anders/diameter/testsuite_robustness/OTP-9619'Anders Svensson
* anders/diameter/testsuite_robustness/OTP-9619: Make testsuites more robust in case of init failure
2011-10-10Merge branch 'anders/diameter/eprotonosupport/OTP-9615'Anders Svensson
* anders/diameter/eprotonosupport/OTP-9615: gen_sctp:open/0-2 might return {error, eprotonosupport}
2011-10-10Merge branch 'anders/diameter/doc_dependencies/OTP-9612'Anders Svensson
* anders/diameter/doc_dependencies/OTP-9612: Simplify depend.sed for better compatibility
2011-10-10Move init/end_per_suite into testcasesAnders Svensson
See ac2810603b7aaad24129fadf887d9e8deff31d2f.
2011-10-10gen_sctp:open/0-2 might return {error, eprotonosupport}Anders Svensson
Previously error:badarg was raise if there was no underlying support for SCTP. Handle both new and old failure until OTP-9239 is merged.
2011-10-07Make testsuites more robust in case of init failureAnders Svensson
In particular, move code out of init_per_suite since failure causes end_per_suite to be skipped. Cleanup is simpler if both init and cleanup happen as testcases.
2011-10-07Merge branch 'sa/callback-attr'Henrik Nord
* sa/callback-attr: Add callback specs into 'application' module in kernel Add callback specs to tftp module following internet documentation Add callback specs to inets_service module following possibly deprecated comments Add '-callback' attributes in stdlib's behaviours Update primary bootstrap Update the documentation with information on the callback attribute Automatically generate 'behaviour_info' function from '-callback' attributes Add '-callback' attribute to language syntax OTP-9621
2011-10-07Add callback specs into 'application' module in kernelStavros Aronis
2011-10-07Add callback specs to tftp module following internet documentationStavros Aronis
2011-10-07Add callback specs to inets_service module following possibly deprecated ↵Stavros Aronis
comments
2011-10-07Add '-callback' attributes in stdlib's behavioursStavros Aronis
Replace the behaviour_info(callbacks) export in stdlib's behaviours with -callback' attributes for all the callbacks.
2011-10-07Update primary bootstrapHenrik Nord
2011-10-07Update the documentation with information on the callback attributeStavros Aronis
2011-10-07Automatically generate 'behaviour_info' function from '-callback' attributesStavros Aronis
'behaviour_info(callbacks)' is a special function that is defined in a module which describes a behaviour and returns a list of its callbacks. This function is now automatically generated using the '-callback' specs. An error is returned by lint if user defines both '-callback' attributes and the behaviour_info/1 function. If no type info is needed for a callback use a generic spec for it.
2011-10-07Add '-callback' attribute to language syntaxStavros Aronis
Behaviours may define specs for their callbacks using the familiar spec syntax, replacing the '-spec' keyword with '-callback'. Simple lint checks are performed to ensure that no callbacks are defined twice and all types referred are declared. These attributes can be then used by tools to provide documentation to the behaviour or find discrepancies in the callback definitions in the callback module.
2011-10-07Skip tls testsuite if there's no opensslAnders Svensson
2011-10-07Simplify depend.sed for better compatibilityAnders Svensson
Sed on Solaris doesn't remember matches after branching.
2011-10-06Clarify that ssl must be started for TLS supportAnders Svensson
Also update app testsuite to allow for "undefined" calls from diameter_tcp to ssl.
2011-10-06Add tls support at connection establishmentAnders Svensson
This is the method added in draft-ietf-dime-rfc3588bis, whereby a TLS handshake immediately follows connection establishment and CER/CEA is sent over the secured connection.
2011-10-06Add tls testsuiteAnders Svensson
2011-10-06Documentation updatesAnders Svensson
2011-10-06Close transport if tls is requested over sctpAnders Svensson
RFC 3588 requires that a Diameter server support TLS but in practise this seems to mean TLS over SCTP since there are limitations with running over SCTP: see RFC 6083 (DTLS over SCTP), which is a response to RFC 3436 (TLS over SCTP). The current RFC 3588 draft acknowledges this by equating the Inband-Security-Id value TLS with TLS/TCP and DTLS/SCTP but underlying support for DTLS is still thin on the ground.
2011-10-06Handle tls notification for tcpAnders Svensson
If TLS has been configured on Inband-Security-Id then the transport process receives a message from the peer_fsm process indicating whether or not to upgrade to TLS. The current draft of RFC 3588 deprecates (but retains for backwards compatibility) the use of Inband-Security-Id for negotiating TLS, adding the possibility of TLS having be negotiated before capabilities exchange. This commit handles the deprecated case.
2011-10-06Lift recursion in tcp message reception up the call chainAnders Svensson
When an initial message is received and TLS is a possibility, must wait for a message from the peer process before either commencing a handshake or receiving more messages.
2011-10-06Add tls support to capabilities exchangeAnders Svensson
To upgrade a connection to TLS or not, that is the question. It is possible for us to send a CER offering both NO_INBAND_SECURITY and TLS and for the peer to answer likewise: RFC 3588 doesn't make clear that a CEA should be unambiguous about the choice of security. Thus, if TLS is offered then assume the server is prepared to for a handshake. Similarly, when receiving a CER, choose TLS if it's offered and be unambiguous about our choice in CEA. There is no ssl:maybe_accept that would let us receive a handshake if it comes or another message if it doesn't. The choice of TLS should probably be made into a callback so that an application can decide based on the peer's Origin-Realm for example. Such a callback could also be used to reject a CER/CEA. Handle Inband-Security-Id values other than NO_INBAND_SECURITY and TLS by assuming that they require no intervention by the transport module, treating them like NO_INBAND_SECURITY. Whether or not this is reasonable (or useful) is unclear. There may be a need for more sychronization than we have on offer. (Having to do something before taking the connection up for example.) Note that diameter_peer_fsm must be upgraded before diameter_capx because of the new return value from diameter_capx:recv_CEA/2.
2011-10-06Merge branch 'ia/ssl/remove-old-ssl/OTP-7048'Ingela Anderton Andin
* ia/ssl/remove-old-ssl/OTP-7048: Remove old ssl implementation and deprecated function ssl:peercert/1 Conflicts: lib/ssl/test/Makefile
2011-10-06Merge branch 'ia/ssl/dist-more-tests'Ingela Anderton Andin
* ia/ssl/dist-more-tests: Better option handling Improve code structure Remove ssl_prim calls that are remains from the old ssl distribution Add payload test
2011-10-04Merge branch 'dev' into majorBjörn-Egil Dahlberg
2011-10-04Better option handlingIngela Anderton Andin
Also cleaned up old gaurds.
2011-10-04Merge branch 'dev' into majorLukas Larsson
* dev: Prepare release [ssl] Step version for patch 1178 Touch crypto to provoke patch release (again) Prepare release
2011-10-04Prepare releaseOTP_R14B04Erlang/OTP
2011-10-04Merge branch 'maint-r14' into devSverker Eriksson
Fake merge with "-s ours"
2011-10-04Prepare releaseErlang/OTP
2011-10-04Merge branch 'sverker/crypto-openssl.0.9.8-PPC/OTP-9603' into maint-r14Erlang/OTP
* sverker/crypto-openssl.0.9.8-PPC/OTP-9603: [ssl] Step version for patch 1178 Touch crypto to provoke patch release (again)
2011-10-04Merge branch 'maint-r14' into devRaimo Niskanen
2011-10-04Merge branch 'maint-r13' into maint-r14Raimo Niskanen
Conflicts: erts/doc/src/notes.xml erts/emulator/drivers/common/inet_drv.c erts/vsn.mk lib/kernel/test/gen_sctp_SUITE.erl
2011-10-04Merge branch 'dev' into majorLukas Larsson
* dev: (38 commits) Update documentation Rid ct_telnet of doc build warnings Create temporary fix for problem with parallel test cases Update primary bootstrap Correct "Missing Suites" link Add documentation on timetraps and start flags Add missing tests for timetrap handling and fix remaining errors Solve problem with ct_init/end_per_group being counted as test cases Fix errors in test suites Fix invalid call to undefined function Fix problem with test_server_ctrl creating invalid conf test Improve info in CT framework log Update vsn.mk for common_test and test_server Enhance logging performance Change order of include files Add link to last executed test suite on index page Fix problem with location value when init config func calls help func Fix crash when CTHook init fails Correct error in test suite Fix error with incorrect notification after end_per_testcase craches ... Conflicts: bootstrap/bin/start.boot bootstrap/bin/start_clean.boot bootstrap/lib/compiler/ebin/beam_asm.beam bootstrap/lib/compiler/ebin/beam_disasm.beam bootstrap/lib/compiler/ebin/compile.beam bootstrap/lib/compiler/ebin/sys_pre_expand.beam bootstrap/lib/kernel/ebin/code.beam bootstrap/lib/kernel/ebin/code_server.beam bootstrap/lib/kernel/ebin/hipe_unified_loader.beam bootstrap/lib/kernel/ebin/inet.beam bootstrap/lib/kernel/ebin/inet_config.beam bootstrap/lib/kernel/ebin/inet_dns.beam bootstrap/lib/stdlib/ebin/beam_lib.beam bootstrap/lib/stdlib/ebin/dets.beam bootstrap/lib/stdlib/ebin/erl_compile.beam bootstrap/lib/stdlib/ebin/erl_internal.beam bootstrap/lib/stdlib/ebin/erl_scan.beam bootstrap/lib/stdlib/ebin/erl_tar.beam bootstrap/lib/stdlib/ebin/io_lib_fread.beam bootstrap/lib/stdlib/ebin/otp_internal.beam bootstrap/lib/stdlib/ebin/sofs.beam bootstrap/lib/stdlib/ebin/supervisor.beam bootstrap/lib/stdlib/ebin/zip.beam lib/common_test/src/ct.erl lib/common_test/src/ct_run.erl lib/common_test/test/ct_error_SUITE.erl lib/common_test/test/ct_repeat_1_SUITE.erl lib/common_test/test/ct_skip_SUITE.erl lib/test_server/src/test_server.erl
2011-10-03Improve code structureIngela Anderton Andin
2011-10-03Remove ssl_prim calls that are remains from the old ssl distributionIngela Anderton Andin
2011-10-03Add payload testIngela Anderton Andin
2011-10-03[ssl] Step version for patch 1178Sverker Eriksson
No source change. Building with dynamic linking towards OpenSSL v0.9.8
2011-09-30Touch crypto to provoke patch release (again)Sverker Eriksson
2011-09-30Merge branch 'peppe/common_test/r14b04_docs' into devPeter Andersson
* peppe/common_test/r14b04_docs: Update documentation Rid ct_telnet of doc build warnings
2011-09-30Update documentationPeter Andersson
OTP-9396 OTP-9372 OTP-9155
2011-09-30Rid ct_telnet of doc build warningsPeter Andersson
OTP-9572
2011-09-30Merge remote branch 'origin/peppe/common_test/r14b04_tickets.fix' into devPeter Andersson
* origin/peppe/common_test/r14b04_tickets.fix: (35 commits) Create temporary fix for problem with parallel test cases Correct "Missing Suites" link Add documentation on timetraps and start flags Add missing tests for timetrap handling and fix remaining errors Solve problem with ct_init/end_per_group being counted as test cases Fix errors in test suites Fix invalid call to undefined function Fix problem with test_server_ctrl creating invalid conf test Improve info in CT framework log Update vsn.mk for common_test and test_server Enhance logging performance Change order of include files Add link to last executed test suite on index page Fix problem with location value when init config func calls help func Fix crash when CTHook init fails Correct error in test suite Fix error with incorrect notification after end_per_testcase craches Fix problem with error message not being printed correctly Add cases to check test case status versus end_per_testcase failure Fix incorrect call to end_tc when tc_status=ok and end_per_testcase times out ... OTP-9600 OTP-9593 OTP-9592 OTP-9585 OTP-9584 OTP-9575 OTP-9520 OTP-9518 OTP-9501 OTP-9429 OTP-9398 OTP-9397 OTP-9396 OTP-9379 OTP-9372 OTP-9371 OTP-9370 OTP-9369 OTP-9311 OTP-9237 OTP-9155 OTP-8933
2011-09-30Create temporary fix for problem with parallel test casesPeter Andersson
OTP-9600
2011-09-29Update primary bootstrapBjörn-Egil Dahlberg