| Age | Commit message (Collapse) | Author |
|---|
|
* anders/diameter/caseless/OTP-12902:
Match allowable peer addresses case insensitively
Replace calls to module inet_parse to equivalents in inet
|
|
* anders/diameter/grouped_decode/OTP-12879:
Fix relay encode of decoded diameter_avp lists
|
|
* anders/diameter/decode/OTP-12891:
Don't compute AVP list length unnecessarily at AVP decode
|
|
* anders/diameter/decode/OTP-12871:
Don't traverse errors list unnecessarily when detecting missing AVPs
Don't flag AVP as missing as a consequence of decode error
Correct inaccurate doc
Truncate potentially large terms passed to diameter_lib:log/4
|
|
Commit c74b593a fixed the problem that a decoded deep diameter_avp list
couldn't be encoded, but did so in the wrong way: there's no need to
reencode component AVPs since the Grouped AVP itself already contains
the encoded binary. The blunder caused diameter_codec:pack_avp/1 to fail
if the first element of the AVP list to be encoded was itself a list.
Thanks to Andrzej Trawiński for reporting the problem.
|
|
Both diameter_tcp and diameter_sctp can be configured with one or more
IP addresses from which connections should be accepted (an 'accept'
tuple), specified either as a tuple-valued address or as a regular
expression. In the latter case, peer addresses are mapped to string
using inet:ntoa/1 and the result matched against the regexp. Since
(ipv6) addresses are case insensitive, this should also be the case with
the match, but was not.
|
|
Commits b563c796 (R16B) and 0fad6449 (R16B02) added parse_address/1 and
ntoa/1 to module inet, providing documented alternatives to address/1
and ntoa/1 in the undocumented (save comments in inet(3)) inet_parse.
|
|
This has had a hugely negative impact on performance when decoding
messages containing many AVP: each decode of an AVP having variable
arity computed the length of the list of previously decoded AVPs when
checking that the allowed arity was not exceeded, even if the allowed
arity was infinite, making for O(n^2) cost. Here are some execution
times, for diameter_codec:decode/2 on a representative message with n
integer AVPs in the Common application (on the host at hand):
Before After
------- ---------
n = 1K 5 ms 2 ms
n = 10K 500 ms 25 ms
n = 100K 75 sec 225 ms
n = 1M 2.6 sec
Note the nearly linear increase following the change.
Remove the dire documentation warning for incoming_maxlen as a
consequence. It can still be useful to set, but not doing so won't have
the same consequences as previously.
|
|
Since the list can potentially be long.
|
|
The decode of an incoming Diameter message uses the record
representation to determine whether or not an AVP has been received with
the expected arity, the number of AVPs in each field following decode
being compared with the arity specified in the message grammar. The
problem with this is that decode failure isn't reflected in the record
representation, so that an AVP can be appended to the errors field of a
diameter_packet record despite an entry for the same AVP already
existing. This isn't a fault as much as a misleading error indication,
but now only append AVPs that aren't already represented.
|
|
The warning report was removed in commit 00584303.
|
|
Last visited in commit 00584303.
|
|
|
|
|
|
* rickard/trace-file-eintr-bug/OTP-12890:
Handle EINTR in trace_file_drv
|
|
* rickard/non-smp-trace-port-exit-bug/OTP-12889:
Teach non-smp VM how to deal with trace port crash
Test case testing crash in tracer port
|
|
|
|
|
|
|
|
|
|
|
|
* sverk/poll-lost-wakeup/OTP-12859:
erts: Fix race in poller thread wake up
|
|
* egil/fix-purge-literals/OTP-12821:
erts: Fix garbage collect literals in code purge
|
|
|
|
|
|
|
|
* hans/ssh/codenomicon_degradation/OTP-12784:
ssh: update ssh version
ssh: Plain text message returned for invalid version exchange
ssh: Implement keyboard_interactive on server side
ssh: Check e and f parameters in kexdh
ssh: Set max num algoritms in msg_kexinit negotiation
|
|
* ia/ssl/crypto-bad-input/OTP-12783:
ssl: Prepare for release
ssl: Correct handling of bad input to premaster_secret calculation
|
|
* ia/ssh/recvbuf/OTP-12782:
ssh: handle that inet:getopts(Socket, [recbuf]) may return {ok, []}
|
|
* ia/inets/filter-headers/OTP-12776:
inets: Prepare for release
inets: Add customize option
|
|
|
|
alert records needs to be thrown from
ssl_handshake:premaster_secret/[2/3] so that operations will end up in
the catch clause of the invokation of certify_client_key_exchange/3 in
ssl_connection.erl, and hence terminate gracefully and not continue to try
and calculate the master secret with invalid inputs and crash.
|
|
|
|
This is how OpenSSH does. The bytes returned will be put on the
user's tty, so it is better with text than a ssh_msg_disconnect
|
|
|
|
rfc 4253 says in section 8 that:
"Values of 'e' or 'f' that are not in the range [1, p-1] MUST NOT be
sent or accepted by either side. If this condition is violated, the
key exchange fails."
This commit implements the reception check.
|
|
This is to prevent some dos-attac scenarios. The limit is hard-coded.
|
|
If something bad happens and the socket is closed the
call inet:getopts(Socket, [recbuf]) may return {ok, []}. We
want to treat this as a fatal error and terminate gracefully.
The same goes for the case that inet:getopts returns {error, Reason}
that was not handled either.
|
|
|
|
Many HTTP headers are optional, and it could be desirable for the
server to filter and maybe even alter them without replacing the
mod_* modules that generate/process them. Add new behaviour
httpd_custom_api with default implementation in httpd_custom.erl.
Add behaviour module in 18 as then we can specify optional callbacks.
|
|
|
|
|
|
* anders/diameter/test/OTP-12767:
Replace config suite call to erlang:now/0
Fix incorrect suite usage of OTP 18 monotonic time
Make tls suite crash more verbosely
|
|
* anders/diameter/17.5.5/OTP-12757:
vsn -> 1.9.2
Update appup for 17.5.5
Fix mangled release note
|
|
* anders/diameter/sctp/OTP-12744:
Fix diameter_sctp listener race
Tweak transport suite failures
Run traffic suite over SCTP
|
|
* anders/diameter/counters/OTP-12741:
Fix counting of no_result_code/invalid_error_bit
Count relayed answers
Rename dictionary-related functions/variables
Lift answer send up the call chain
Count discarded incoming messages
Include R-bit in unknown message counter keys
Fix broken relay counters
Fix broken result code counters
Add counters testcase to relay suite
|
|
During code purging and check_process_code, the checking of the binary reference
embedded in the match binary state was omitted for the tracing tests. This would cause
the binary match state to reference deallocated memory.
|
|
Commit 4b691d8d made it possible for accepting transport processes to be
started concurrently, and commit 77c1b162 adapted diameter_sctp to this,
but missed that the publication of the listener process in diameter_reg
has to precede the return of its start function. As a result, concurrent
starts could result in multiple listener processes.
|
|
Make anything but a comm_up sctp_assoc_change crash. Make timeouts more
reasonable.
|
|
Previously it was only run over TCP.
Configure a pool of accepting processes since simultaneous connections
are otherwise prone to rejection, as discussed in commit 4b691d8d.
Tweak timeouts to more reasonable values.
|
