Age | Commit message (Collapse) | Author |
|
Commit 4ce2d3a6 (diameter-1.4.2, OTP-11007) disabled the decode of
values in Failed-AVP components since any error caused the decode of
Failed-AVP itself to fail. This is less than useful since (1) we should
be able to decode it given that we've sent it (modulo mangling on the
way to the peer and back), and (2) it's not unheard of to examine
Failed-AVP to see what the peer objected to.
This commits adds a best-effort decode: decode if possible, otherwise
not, using the same abuse of the process dictionary as commit bbdb027c.
|
|
This isn't currently the case, but soon will be.
|
|
Commit 4ce2d3a6 added the insertion of a single bit into binary AVP data
to induce an encode error in the case of a header length that pointed
past the available bytes: a 5014 = DIAMETER_INVALID_AVP_LENGTH error.
Commit 838856b fixed this for stringish Diameter types, but both commits
neglected the case in which the offending AVP isn't known to the
dictionary in question. Unless the AVP was regarded as erroneous for
other reasons (eg. an M-bit resulting in 5001) it would be happily be
packed into an 'AVP' field. If it was regarded as an error, the record
could be passed back to diameter_codec:pack_avp/1, and if the record
contained header data then there was no clause to deal with the
unpleasantry.
Deal with it by having the dictionary module strip the extra bit and
flag the AVP as 5014, and by having diameter_codec handle any extra bit
coming from an dictionary compiled against an old diameter_gen. An old
dictionary won't detect 5014 however, so dictionaries should be
recompiled.
Change most of the guards in diameter_codec from is_bitstring/1 to
is_binary/1. What's being passed to the decode functions are binaries
received other the network. The only case in which a non-binary
bitstring is when we've placed an extra bit there ourselves. (Modulo
someone doing something they shouldn't.)
|
|
In particular, a length that points past the end of the message. This
goes undetected there is some other problem with the AVP (eg. M-bit),
which is a problem we're about to fix.
|
|
In particular, remove the unnecessary list-or-record answer.
|
|
As it should. The previous discard (surely) pre-dated being able to
return {answer_message, 3001} from a handle_request callback.
|
|
The output could make it impossible to use the shell. Counters returned
diameter:service_info/2 can be used to check for expected happenings.
|
|
That is, don't use a key constructed from an incoming Diameter header
unless the message is known to the dictionary in question. Otherwise
there are 2^32 application ids, 2^24 command codes, and 2 R-bits for an
ill-willed peer to choose from, each resulting in new keys in the
counter table (diameter_stats).
The usual {ApplicationId, CommandCode, Rbit} in a key is replaced by the
atom 'unknown' if the message in question is unknown to the decoding
dictionary.
Counters for messages sent and received by a relay are (still) not
implemented.
|
|
The former were a little over-enthusiastic and could cause a node to be
logged to death if a peer Diameter node was sufficiently ill-willed.
The function calls are to diameter_lib:log/4, the arguments of which
identify the happening in question, and which does nothing but provide a
function to trace on. Many existing log calls have been shrunk.
The only remaining traffic-related report (hopefully) is that resulting
from {answer_errors, report} config, and this has been slimmed.
|
|
* anders/diameter/rc_counters/OTP-11937:
Count encode errors in outgoing messages
Count decode errors in incoming requests
Count decode errors independently of result codes
|
|
* anders/diameter/rc_counters/OTP-11891:
Count result codes in CEA/DWA/DPA
|
|
* anders/diameter/watchdog_leak/OTP-11934:
Simplify sending of 'close' to watchdog
Fix watchdog table leak
|
|
* anders/diameter/request_leak/OTP-11893:
Fix leaking request table
Add check that request table is empty to failover suite
Comment fix
|
|
Only decode errors were counted previously. Keys are of the form
{Id, send, error}, where Id is:
{ApplicationId, CommandCode, Rbit} | unknown
The latter will be the case if not even a #diameter_header{} can be
constructed.
|
|
|
|
* scrapinghub/stream_for_chunked_single_message:
inets: Fix streaming with single chunk body
|
|
* jv/ssh-io-binary:
Support binary standard_input in ssh_io
|
|
* dz/fix_ssl_max_seq_num:
ssl: fix max sequence number so it does not overflow
|
|
Errors were only counted in incoming answers. Counters are keyed on
tuples of the same form:
{{ApplicationId, CommandCode, Rbit}, recv, error}
|
|
Since the former doesn't exclude the latter.
Counter values are returned by diameter:service_info/2. They can
currently only be retrieved for a service, not for individual transports
or peer connections.
|
|
Corresponding counters for other answer messages have been counted
previously, but those for CEA, DWA, and DPA have been missing since
diameter itself sends these messages and the implementation is as bit
more separate than it might be. The counters are keyed on values of the
following form.
{{ApplicationId, CommandCode, 0 = Rbit}, send|recv, {'Result-Code', RC}}
|
|
* sverk/etp-block-fix:
erts: Fix bug in etp-block commands
|
|
There's no need to send the message immediately if there's no transport
configuration since that in itself means the service process will tell
the watchdogs to die.
|
|
Commit ef5fddcb (diameter-1.4.1, R16B) caused the leak in the case of an
accepting watchdog with restrict_connections = false. It (correctly)
ensured the state remained at INITIAL but a subsequent 'close' message
to terminate the process was ignored since the state was not DOWN. In
fact, no 'close' was sent since there was no state transition or
previous connection: the former triggers the message from
diameter_service, the latter from diameter_watchdog. The message is now
sent to self() from the watchdog itself.
Send 'close' in the same way when multiple connections to the same peer
are allowed, to avoid waiting for a watchdog timer expiry for the
process to terminate in this case.
|
|
A new connection writes the pid to the table diameter_request. The
normal handling is that loss of a connection leads to a watchdog state
change in the service process, which removes the entry, but this usually
won't happen in the case of diameter:stop_service/1 since the service
process is terminated without waiting for watchdog transitions.
The request table should really be service-specific, so that the table
is deleted when the service is stopped, which requires passing the table
identifier into request processes and handling that the table may not
exist. Just clear out the service-specific entries at service process
termination for now.
|
|
The way in which this suite causes transport connections to be broken -
by stopping the service - makes it prone to orphaning entries in the
request table, which is a bug we're about to fix.
|
|
|
|
* egil/move-maps-doc:
doc: Move Maps reference documentation to expressions
|
|
* ia/ssl/dubble-next-proto/OTP-11926:
ssl: Fix dialyzer spec
ssl: Only allow one next protocol handsake message
|
|
* rolkar/fix-syntax_tools-revert-bug/OTP-11930:
Fix reverting map in syntax_tools
Add test case to syntax_tools
|
|
|
|
* fenollp/remove-erl_parse-legacy-map:
Replace local mapl/2 (Erlang < 5.0) unique call by a LC
|
|
* dz/inet_getstat_doc_typo_fix:
inet: fix typo in inet:getstat/2 doc
|
|
|
|
|
|
* hb/hipe/field_with_remote/OTP-11918:
hipe: fix a bug concerning typed record fields
|
|
When checking typed record fields Dialyzer failed to handle
types containing remote types.
Thanks to Erik Søe Sørensen for reporting this bug.
|
|
* egil/fix-erts_debug-size/OTP-11923:
erts: Update preloaded erts_internal.beam
erts: Add spec for erts_internal:map_to_tuple_keys/1
erts: Add testcase for erts_debug:size/1 Map terms
kernel: Fix erts_debug:size/1 to handle Map sizes
erts: Add erts_internal:map_to_tuple_keys/1
|
|
* nox/fix-eval-map-update/OTP-11922:
Fix evaluation of map updates in the debugger and erl_eval
|
|
|
|
* ia/ssl/inherit/OTP-11897:
ssl: Handle socket option inheritance when pooling of accept sockets is used
|
|
The word 'received' in 'send_dvi' option description seems to be
copy-pasted and not removed
|
|
The old value of 18446744073709552000 was calculated using math:pow
which returns float therefore isn't precise. And it would overflow:
erlang:integer_to_list(18446744073709552000, 16) = "10000000000000180"
This patch changes MAX_SEQENCE_NUMBER to value calculated with bitwise
shift:
(1 bsl 64) - 1 = 18446744073709551615
|
|
|
|
|
|
* lukas/erts/autoconf-fixes/OTP-11921:
erts: Fix various autoconf issues
|
|
* Check of atomics on bsd
* Add --enable-systemd for epmd
* Remove unused --enable-tsp option
|
|
* ks/hipe-map-support/OTP-11900:
Add five new test files for maps in the HiPE test suite
Copy the tests for maps from the compiler application to a new HiPE test suite
Translate the put_map_assoc and put_map_exact BEAM instructions to ICode
Translate the has_map_fields and get_map_elements BEAM instructions to ICode
|
|
|
|
* ia/ssl/false-alerts/OTP-11890:
ssl: Add checks to avoid processing of illegal alerts
|