Age | Commit message (Collapse) | Author |
|
This partly reverts commit 8152505ea3793037984a7f3349ac95cc20c4e44c.
|
|
=== OTP-17.5.6 ===
Changed Applications:
- inets-5.10.9
- ssh-3.2.4
- ssl-6.0.1
Unchanged Applications:
- asn1-3.0.4
- common_test-1.10.1
- compiler-5.0.4
- cosEvent-2.1.15
- cosEventDomain-1.1.14
- cosFileTransfer-1.1.16
- cosNotification-1.1.21
- cosProperty-1.1.17
- cosTime-1.1.14
- cosTransactions-1.2.14
- crypto-3.5
- debugger-4.0.3
- dialyzer-2.7.4
- diameter-1.9.2
- edoc-0.7.16
- eldap-1.1.1
- erl_docgen-0.3.7
- erl_interface-3.7.20
- erts-6.4.1
- et-1.5
- eunit-2.2.9
- gs-1.5.16
- hipe-3.11.3
- ic-4.3.6
- jinterface-1.5.12
- kernel-3.2
- megaco-3.17.3
- mnesia-4.12.5
- observer-2.0.4
- odbc-2.10.22
- orber-3.7.1
- os_mon-2.3.1
- ose-1.0.2
- otp_mibs-1.0.10
- parsetools-2.0.12
- percept-0.8.10
- public_key-0.23
- reltool-0.6.6
- runtime_tools-1.8.16
- sasl-2.4.1
- snmp-5.1.2
- stdlib-2.4
- syntax_tools-1.6.18
- test_server-3.8.1
- tools-2.7.2
- typer-0.9.8
- webtool-0.8.10
- wx-1.3.3
- xmerl-1.3.7
|
|
|
|
|
|
* hans/ssh/codenomicon_degradation/OTP-12784:
ssh: update ssh version
ssh: Plain text message returned for invalid version exchange
ssh: Implement keyboard_interactive on server side
ssh: Check e and f parameters in kexdh
ssh: Set max num algoritms in msg_kexinit negotiation
|
|
* ia/ssl/crypto-bad-input/OTP-12783:
ssl: Prepare for release
ssl: Correct handling of bad input to premaster_secret calculation
|
|
* ia/ssh/recvbuf/OTP-12782:
ssh: handle that inet:getopts(Socket, [recbuf]) may return {ok, []}
|
|
* ia/inets/filter-headers/OTP-12776:
inets: Prepare for release
inets: Add customize option
|
|
|
|
alert records needs to be thrown from
ssl_handshake:premaster_secret/[2/3] so that operations will end up in
the catch clause of the invokation of certify_client_key_exchange/3 in
ssl_connection.erl, and hence terminate gracefully and not continue to try
and calculate the master secret with invalid inputs and crash.
|
|
|
|
This is how OpenSSH does. The bytes returned will be put on the
user's tty, so it is better with text than a ssh_msg_disconnect
|
|
|
|
rfc 4253 says in section 8 that:
"Values of 'e' or 'f' that are not in the range [1, p-1] MUST NOT be
sent or accepted by either side. If this condition is violated, the
key exchange fails."
This commit implements the reception check.
|
|
This is to prevent some dos-attac scenarios. The limit is hard-coded.
|
|
If something bad happens and the socket is closed the
call inet:getopts(Socket, [recbuf]) may return {ok, []}. We
want to treat this as a fatal error and terminate gracefully.
The same goes for the case that inet:getopts returns {error, Reason}
that was not handled either.
|
|
|
|
Many HTTP headers are optional, and it could be desirable for the
server to filter and maybe even alter them without replacing the
mod_* modules that generate/process them. Add new behaviour
httpd_custom_api with default implementation in httpd_custom.erl.
Add behaviour module in 18 as then we can specify optional callbacks.
|
|
|
|
|
|
* anders/diameter/test/OTP-12767:
Replace config suite call to erlang:now/0
Fix incorrect suite usage of OTP 18 monotonic time
Make tls suite crash more verbosely
|
|
* anders/diameter/17.5.5/OTP-12757:
vsn -> 1.9.2
Update appup for 17.5.5
Fix mangled release note
|
|
* anders/diameter/sctp/OTP-12744:
Fix diameter_sctp listener race
Tweak transport suite failures
Run traffic suite over SCTP
|
|
* anders/diameter/counters/OTP-12741:
Fix counting of no_result_code/invalid_error_bit
Count relayed answers
Rename dictionary-related functions/variables
Lift answer send up the call chain
Count discarded incoming messages
Include R-bit in unknown message counter keys
Fix broken relay counters
Fix broken result code counters
Add counters testcase to relay suite
|
|
Commit 4b691d8d made it possible for accepting transport processes to be
started concurrently, and commit 77c1b162 adapted diameter_sctp to this,
but missed that the publication of the listener process in diameter_reg
has to precede the return of its start function. As a result, concurrent
starts could result in multiple listener processes.
|
|
Make anything but a comm_up sctp_assoc_change crash. Make timeouts more
reasonable.
|
|
Previously it was only run over TCP.
Configure a pool of accepting processes since simultaneous connections
are otherwise prone to rejection, as discussed in commit 4b691d8d.
Tweak timeouts to more reasonable values.
|
|
To remove a compilation warning with OTP 18.
|
|
Value was used as strictly increasing when it's only non-decreasing,
causing testcases to fail.
|
|
To see why it's failing on at least one test machine.
|
|
|
|
- OTP-12741: disfunctional counters
- OTP-12744: diameter_sctp race
No load order requirements.
|
|
|
|
The message was regarded as unknown if the answer message in question
set the E-bit and the application dictionary was not the common
dictionary.
|
|
That is, outgoing answer messages received in response to a
handle_request callback having returned {relay, Opts}.
|
|
To clarify what it is that's being computed, which isn't entirely
obvious. No functional change, just renaming.
|
|
As the first step in starting to count outgoing, relayed answer
messages.
|
|
An incoming Diameter message is either a request, an answer to an
outstanding request, or an unexpected answer. The latter weren't
counted, but are now counted on keys of this form:
{pid(), {{unknown, 0}, recv, discarded}}
The form of the second element is similar to those of other counters,
like:
{{relay, 0|1}, send|recv, invalid_error_bit}
Compare this to the key used when counting known answers:
{{ApplicationId, CommandCode, 0}, recv}
The application id and command code aren't included so as not to count
on arbitrary keys, a topic last visited in commit 49e8b11c.
|
|
To differentiate between requests and answers, in analogy with relay
counters. This isn't backwards compatible, but these counters aren't yet
documented.
|
|
Commit 49e8b11c broke the counting of relayed message, causing them to
be accumulated as unknown messages.
|
|
Commit a1df50b3 broke result code counters in the case of answer
messages sent as a header/avp lists (unless the avps, untypically, set
the name field), and for answers sent/received in the relay application.
|
|
|
|
|
|
* hans/ssh/ssh_msg_debug_fun/OTP-12738:
ssh: option for handling the SSH_MSG_DEBUG message's printouts
|
|
* hans/inets/bad_content_length/OTP-12739:
inets: reject negative content-length
|
|
Which fails for a variety of reasons to be addressed in subsequent
commits.
|
|
A fun could be given in the options that will be called whenever
the SSH_MSG_DEBUG message arrives. This enables the user to
format the printout or just discard it.
The default is changed to not print the message. In RFC4253
printing is a SHOULD, but our new default is to protect logs
from dos attacs.
|
|
|
|
|
|
|