Age | Commit message (Collapse) | Author |
|
Previously, if certificate revocation checking was turned on, and a
certificate didn't contain a CRL Distribution Points extension, and
there was no relevant CRL in the cache, then ssl_handshake:crl_check
would accept the certificate even if the crl_check option was set to
reject certificates for which the revocation status could not be
determined. With this change, such certificates will only be accepted
if the crl_check option was set to best_effort.
The process for CRL validation is described in section 6.3 of RFC
5280. The text doesn't mention any special treatment to be given to
certificates without distribution points: it just says "For each
distribution point..." (section 6.3.3), which would leave the
revocation status undetermined, unless there were "any available CRLs
not specified in a distribution point but issued by the certificate
issuer". Thus the result of this algorithm should be UNDETERMINED in
this case, not UNREVOKED, and the crl_check option should govern how
the implementation reacts to this result.
|
|
Just like crl_verify_valid/5 checks for a positive result given
certain options, crl_verify_error/6 checks for a negative result.
|
|
Fix mistakes found by 'xmllint'.
|
|
* lukas/erl_docget/maps_anno_tags/OTP-12955:
erl_docgen: Fix spec anno's for maps
|
|
OTP-12955
|
|
* ia/pr/778:
snmp: Prepare for release
Snmp agent vacmViewTreeFamily with non 'null' mask bugfix
|
|
As long as it is not prioritized to make an snmp_upgrade_SUITE it is
not worth trying to do anything but restart_application
|
|
* ia/ssl/test-alpn-cuddle:
ssl: Fix typos that broke alpn tests
|
|
* ia/ssl/hs-timing/OTP-13253:
ssl: Prepare for release
ssl: Fix timing releated bug
|
|
* siri/document-path-flag/OTP-13060:
Add documentation of '-path' flag to 'erl'
|
|
* siri/cover/nofile/OTP-13200:
[cover] Don't crash when compiling beam without 'file' attribute
[cover] Simplify module cc in cover test to avoid confusion
|
|
* rickard/test-fix:
Fix HL timer hard debug implementation
Fix stack alignment problem in ethread test on arm
Skip time_SUITE:timestamp on timewarp test
|
|
* bjorn/asn1/fix-per-crash/OTP-13257:
PER: Correct compilation of named INTEGERs
|
|
|
|
When a constrained INTEGER has more than 16536 values and named
values, the compiler would crash when compiling to the PER
format. Example:
Longitude ::= INTEGER {
oneMicrodegreeEast(10),
oneMicrodegreeWest(-10),
unavailable(1800000001)
} (-1799999999..1800000001)
Reported-by: Ingars
|
|
Adresses problems desciribed in
http://erlang.org/pipermail/erlang-bugs/2015-April/004891.html
http://erlang.org/pipermail/erlang-patches/2015-April/004766.html
The original patch also suggested the following fix.
However we need more information to be able to understand if
this is correct or not, and it does not have priority at the moment
for us to investigate.
@@ -816,7 +816,7 @@ next_node(D, {tree, Tree, {table_entry, _MibName}},
"~n RevOidSoFar: ~p"
"~n MibView: ~p", [size(Tree), Oid, RevOidSoFar, MibView]),
OidSoFar = lists:reverse(RevOidSoFar),
- case snmpa_acm:is_definitely_not_in_mib_view(OidSoFar, MibView) of
+ case snmpa_acm:is_definitely_not_in_mib_view(OidSoFar ++ Oid, MibView) of
true ->
?vdebug("next_node(tree,table_entry) -> not in mib view",[]),
false;
|
|
|
|
|
|
* ia/ssl/version_support_check:
ssl: In interop tests always check if SSL/TLS version is supported by OpenSSL
|
|
As sslv3 is being faced out we need to test for old version support as well as
newer versions.
|
|
* vinoski/check-awdp-esdp:
Fix dirty scheduler check in handle_aux_work
|
|
OTP-13249
* sverk/crypto-aec-ecb-multiblock:
crypto: Fix bug for multiple blocks for AES-ECB
|
|
* sverk/armata-memset-bug:
erts: Workaround memset bug in test case
|
|
|
|
|
|
|
|
|
|
|
|
* egil/improve-map-cerl-prettypr/OTP-13238:
compiler, hipe: Fix pretty printing of Core Maps
hipe: Fix map pretty printing of pairs
dialyzer: Update Maps tests
|
|
* hb/edoc/fix_argument_names/OTP-13234:
edoc: Assign correct names to list arguments
|
|
Bug reported by Josemic. See also ERL-63.
|
|
* hb/dialyzer/fix_opaque_type_parms/OTP-13237:
dialyzer: Correct handling of parameters of opaque types
|
|
Correction of commit d57f5e.
|
|
|
|
* sverk/trace-doc-typo:
erts: Correct faulty doc for erlang:trace/3
|
|
The entire MFA tuple is replaced with 0, not just Arity.
|
|
Literal maps could cause dialyzer to crash when pretty printing the results.
Reported-by: Chris McGrath <[email protected]>
|
|
In commit f667931e2905797ffab63e224e56eaf07f77178a the core format changed
for map pairs. Let dialyzer and hipe pretty printing of maps also adhere to
those changes.
An Erlang map update, M#{foo := 1, bar => 2} will now be printed as:
~{ 'foo' := 1, 'bar' => 2 | M }~
|
|
|
|
This flag replaces the path specified in the boot script. It has
always existed, but was earlier only documented in SASL (script).
|
|
* vinoski/dirty-sched-no-aux-work/OTP-13236:
Do not allow aux work on dirty schedulers
|
|
* bjorn/compiler/map-bug/OTP-13231:
Fix crash when attempting to update a fun as if it were a map
|
|
* hb/stdlib/fix_linter_no_module/OTP-13230:
stdlib: Fix linter crash due to missing -module declaration
|
|
The Erlang Code Linter no longer crashes if there is a -deprecated()
attribute but no -module() declaration.
See also ERL-62 at bugs.erlang.org.
|
|
* hb/stdlib/fix_erl_eval/OTP-13228:
stdlib: fix erl_eval not using non-local function handler
|
|
See also ERL-32 at bugs.erlang.org. Thanks to Ben Paxton.
|
|
The following example would cause an internal consistency
failure in the compiler:
f() -> ok.
update() -> (fun f/0)#{u => 42}.
The reason is that internally, v3_core will (incorrectly)
rewrite update/0 to code similar to this:
update() ->
if
is_map(fun f/0) ->
maps:update(u, 42, fun f/0)
end.
Since funs are not allowed to be created in guards, incorrect and
unsafe code would be generated.
It is easy to fix the bug. There already is a is_valid_map_src/1
function in v3_core that tests whether the argument for the map update
operation can possibly be a valid map. A fun is represented as a
variable with a special name in Core Erlang, so it would not be
recognized as unsafe. All we'll need to do to fix the bug is to look
closer at variables to ensure they don't represent funs. That will
ensure that the code is rewritten in the correct way:
update() ->
error({badmap,fun f/0})
end.
Reported-by: Thomas Arts
|
|
memset seen to fail with values larger than 255
on (armata) 32-bit ARM Debian
with EGLIBC 2.13-38+rpi2+deb7u8
and gcc 4.6.3-14+rpi1.
|
|
|
|
The following code would crash v3_codegen:
order(From) ->
catch
if
From#{[] => sufficient} ->
saint
end.
Before explaining the crash, first some background on the stack
frame and the Y registers.
Certain instructions, most notably the 'call' instructions, clobber
all X registers. Before any such instruction, all X registers that
have values that will be used after the call must be saved to Y
registers (i.e. to the stack frame). adjust_stack/4 will be called
when X registers must be saved.
There is also another situation when X registers must be saved, namely
within a 'catch' if we are about to execute any instruction that may
cause an exception. Examples of such instructions are some guard BIFs
(such as length/1) and construction of binaries or maps. Within a
'catch', X registers must be be saved because if an exception is
thrown and catched all X registers will be destroyed. The same
adjust_stack/4 function will be called for those instructions, but
only if they occur within a 'catch'.
There is actually one more complication. If there is code in
a guard within a catch, the X registers should not be saved, because
the code in a guard never clobbers any X registers that were alive
before the guard code was entered. v3_codegen is written with the
implicit assumption that code in guards never cause anything
to be saved to Y registers.
The code for building maps and binaries would incorrectly save X
registers within a guard inside a 'catch'.
For construction of binaries, that would mean that a useless but
harmelss 'move' instruction was generated.
But for construction of maps, the saving of the Y register would not
be harmless. There would be a crash when attempting to merge #sr{}
records. #sr{} records keeps track of the contents of X and Y
registers. When two separate code paths are joined (e.g. at the end of
'case' statement), the register descriptors must be reconciled.
Basically, the register descriptors for both paths must be identical.
The #sr{} record for one path must not claim that {y,0} contains
a certain value, while another path claims that {y,0} is dead.
Thus, the crash occurs in sr_merge/2 when failing to reconcile the
Y registers.
To fix this bug this bug we will introduce a new function called
maybe_adjust_stack/5. It will save X registers on the stack only
if the code is inside a catch but not inside a guard. We will
change all existing code to use this new function when appropriate.
Reported-by: Thomas Arts
|