Age | Commit message (Collapse) | Author |
|
|
|
* ia/ssl/connection_information/OTP-13232/OTP-13343:
ssl: Newer cipher suites now presented correctly
ssl: Include options form connect/listen/accept in connection_information/[1,2]
|
|
Older SSL/TLS versions have cipher suites
that look like {key_exchange(), cipher(), MAC::hash()}
and the hash function used by the PRF (Pseudo Random function)
is implicit and always the same for that protocol version.
In TLS 1.2 a cipher suite is
{key_exchange(), cipher(), MAC::hash(), PRF::hash()}.
Internally a cipher suite is always a four tuple but
for backwards compatibility older cipher suites
will be presented as a three tuples, however new cipher suites
should be presented as four tuples.
|
|
* dgud/debugger/doc:
debugger: Editorial changes in documentation
|
|
|
|
* dgud/observer/doc:
Observer: Editorial changes in documentation
|
|
|
|
Make sure that options only relevant for one role (client|server) is set
to undefined when the other role is invoked. As there are many options to
ssl, and many are optional, we choose to filter out all undefined options
to avoid overwhelming the user with not relevant information.
This way there is no need for any special handling of the role specific options
which is also nice.
|
|
* rickard/rq-state-bug/OTP-13298:
Fix bug causing run-queue mask to become inconsistent
|
|
* ia/pr/public_key-typos:
Fix public_key documentation typos
To correct version of public_key doc in maint, due to a missed push
of maint but a push of the maint to master merge, some confusion was caused.
Also the original branch (ia/pr/typo-fixes) included ssl typo fixes
that where cherry picked and merged from another branch to add to the confusion.
|
|
|
|
* sverk/nif-test-cuddle:
erts: Fix wobbling test failure in nif_SUITE
|
|
* sverk/openssl-config-doc:
Add --with-ssl-incl and --with-ssl-rpath to docs
|
|
|
|
* legoscia/ssl-doc-typos:
Fix typos in ssl.xml
OTP-13339
|
|
* msantos/ms/typo-windows-build-script:
Fix typo in Windows build scripts
OTP-13337
|
|
* hb/kernel/correct_contract/OTP-13335:
kernel: Correct contract for inet:getifaddrs/1
|
|
See also http://bugs.erlang.org/browse/ERL-95.
|
|
* hb/add_dialyzer_suppressions/OTP-12862:
xmerl: Remove 'no_return' Dialyzer warnings
xmerl: Add suppression of Dialyzer warnings
eunit: Add suppression of Dialyzer warnings
debugger: Add suppression of Dialyzer warnings
kernel: Add suppression of Dialyzer warnings
mnesia: Add suppression of Dialyzer warnings
observer: Add suppression of Dialyzer warnings
runtime_tools: Add suppression of Dialyzer warnings
stdlib: Add suppression of Dialyzer warnings
test_server: Add suppression of Dialyzer warnings
tools: Add suppression of Dialyzer warnings
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* ia/pr/958/OTP-13334:
ssl: verify cert signature against original cert binary
|
|
* tuncer/ei-breakage:
ei: fix breakage reported by Sergei Golovan
Revert "musl: fix gethostbyname_r/gethostbyaddr_ selection"
OTP-13328
|
|
* bjorn/asn1/suppressions/OTP-13324:
asn1: Suppress warnings for improper lists in generated code
|
|
ResA may have been GC'd after its last use.
|
|
|
|
* dgud/mnesia/del_schema_hangs/OTP-13284:
mnesia: let loader check if tablelock is needed
mnesia: Avoid deadlock possibility in mnesia:del_table_copy schema
|
|
* egil/fix-lcnt-dead-code/OTP-13319:
tools: Remove dead code in lcnt
|
|
|
|
* bjorn/compiler/beam_bsm/OTP-13309:
Eliminate crash because of unsafe delaying of sub-binary creation
|
|
* nybek/speed_up_supervisor_count_children:
Speed up supervisor:count_children/1; simple_one_for_one
Add supervisor:get_callback_module/1
OTP-13290
|
|
* hb/dialyzer/fix_bitstr_bug/OTP-13312:
dialyzer: Correct byte_size() and comparisons
|
|
move_table_copy needs the lock that was set previously in del_table_copy.
This doesn't work on old nodes, so bump protocol version and check it.
Remove old protocol conversion code, which have been around since OTP-R15.
Checking if lock is needed requires rpc communication via mnesia_gvar
ets table to be backwards compatible.
|
|
The argument of byte_size() is a bitstring().
The code in erl_bif_types that finds cases where comparisons always
return true or false is corrected when it comes to maps and bit
strings.
|
|
OTP-13311
* sverk/ecc-fixes:
Ensure testing ssl with supported ciphers only
Only use supported EC curves in crypto tests
Check the result of EC_GROUP_new_curve_* calls
|
|
When searching for a certificate's issuer in the `CertDB`, verify the signature
against the original DER certificate from the handshake instead of a re-encoding
of the parsed certificate. This avoids false negatives due to differences
between DER encoding implementations of OTP and other platforms.
|
|
* sverk/hipe-line-table-bug/OTP-13282:
erts: Fix bug concerning line information for hipe modules
|
|
* sverk/proc-exiting-timer-race/OTP-13245:
erts: Fix race between receive timeout and exit signal
|
|
|
|
|
|
* ia/ssl/handshake-fragmentation/OTP-13306:
ssl: Big handshake messages needs to be fragmented on TLS record level
|