| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
* maint-20:
Updated OTP version
Update release notes
Update version numbers
public_key: verify ip (both v4 and v6)
public_key: Added IP4 address checks to hostname_verification tests
ssl: Fix test cases to work on all test platforms
public_key: Fix dialyzer spec
ssl: Sessions must be registered with SNI if exists
ssl: Extend hostname check to fallback to checking IP-address
public_key, ssl: Handles keys so that APIs are preserved correctly
ssl: Use ?FUNCTION_NAME
ssl: Prepare for release
ssl: Countermeasurements for Bleichenbacher attack
Conflicts:
lib/public_key/doc/src/public_key.xml
lib/public_key/test/public_key_SUITE.erl
lib/public_key/test/public_key_SUITE_data/pkix_verify_hostname_subjAltName_IP.pem
lib/public_key/test/public_key_SUITE_data/verify_hostname_ip.conf
lib/ssl/src/dtls_connection.erl
lib/ssl/src/ssl_connection.erl
lib/ssl/src/ssl_handshake.erl
|
|
The retry loop wasn't working anyway as it tested fd<0
instead of res.
So, there is no real semantic change here.
|
|
=== OTP-18.3.4.1.1 ===
Changed Applications:
- ssl-7.3.3.0.1
Unchanged Applications:
- asn1-4.0.2
- common_test-1.12.1
- compiler-6.0.3
- cosEvent-2.2
- cosEventDomain-1.2
- cosFileTransfer-1.2
- cosNotification-1.2.1
- cosProperty-1.2
- cosTime-1.2.1
- cosTransactions-1.3.1
- crypto-3.6.3
- debugger-4.1.2
- dialyzer-2.9
- diameter-1.11.2
- edoc-0.7.18
- eldap-1.2.1
- erl_docgen-0.4.2
- erl_interface-3.8.2
- erts-7.3.1
- et-1.5.1
- eunit-2.2.13
- gs-1.6
- hipe-3.15
- ic-4.4
- inets-6.2.4
- jinterface-1.6.1
- kernel-4.2
- megaco-3.18
- mnesia-4.13.4
- observer-2.1.2
- odbc-2.11.1
- orber-3.8.1
- os_mon-2.4
- ose-1.1
- otp_mibs-1.1
- parsetools-2.1.1
- percept-0.8.11
- public_key-1.1.1
- reltool-0.7
- runtime_tools-1.9.3
- sasl-2.7
- snmp-5.2.2
- ssh-4.2.2.1
- stdlib-2.8
- syntax_tools-1.7
- test_server-3.10
- tools-2.8.3
- typer-0.9.10
- webtool-0.9.1
- wx-1.6.1
- xmerl-1.3.10
Conflicts:
OTP_VERSION
lib/ssl/vsn.mk
otp_versions.table
|
|
|
|
* hans/ssh/cuddle_tests:
ssh: remove left-over msg traceing
|
|
* hans/asn1/asn1ct_test_fix/ERL-518/OTP-14787:
asn1: asn1:test now handles no_ok_wrapper and undec_rest
|
|
|
|
|
|
|
|
|
|
Back ported for security reasons.
Remove DTLS changes as DTLS is not at all working in OTP 18.
|
|
|
|
|
|
* ingela/maint-18/ssl/Bleichenbacher/OTP-14748:
ssl: Prepare for release
ssl: Countermeasurements for Bleichenbacher attack
|
|
|
|
|
|
* ingela/maint-19/ssl/Bleichenbacher/OTP-14748:
ssl: Prepare for release
ssl: Countermeasurements for Bleichenbacher attack
|
|
The Maps implementation handles ?unit in more cases.
Exactly when t_is_none_or_unit() is to be called is not clear to me.
The added cases are about a map type being ?unit, but the key or the
value of an association can also be ?unit, but that is not always
checked.
|
|
|
|
It lacked build examples for linux, also suggest using wxWidgets-3.0.3
also add information about wxWidgets-3.1
|
|
|
|
|
|
|
|
|
|
into maint-20
* hans/public_key/verify_hostname_ip_address_maint20/OTP-14653:
public_key: verify ip (both v4 and v6)
public_key: Added IP4 address checks to hostname_verification tests
|
|
'ingela/maint-20/ssl/extend-hostname-check/OTP-14632/OTP-14655/OTP-14766' into maint-20
* ingela/maint-20/ssl/extend-hostname-check/OTP-14632/OTP-14655/OTP-14766:
ssl: Fix test cases to work on all test platforms
public_key: Fix dialyzer spec
ssl: Sessions must be registered with SNI if exists
ssl: Extend hostname check to fallback to checking IP-address
public_key, ssl: Handles keys so that APIs are preserved correctly
ssl: Use ?FUNCTION_NAME
|
|
* ingela/maint-20/ssl/Bleichenbacher/OTP-14748:
ssl: Prepare for release
ssl: Countermeasurements for Bleichenbacher attack
|
|
|
|
|
|
|
|
external https links was generated as seealso which doens't work.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This will reduce the size of crash dumps, especially if
there are large binaries.
|
|
Correct several problems parsing sub binaries. A sub binary
would often be replaced with '#CDVNonexistingBinary'.
When parsing a sub binary, we must scan ahead to find the
definition of the refc or heap binary being referenced.
|
|
|
|
MAX_ATOM_TABLE_SIZE
Currently, the max atom size on 64-bits Erlang is
((UWORD_CONSTANT(1) << 32) = 4294967296
This number will cause the range of atom size to be displayed as
[8192-0].
Also, the +t option for max atom size will be parsed as a long type, and
assigned to a int variable erts_atom_table_size (erl_init.c),
which will cause integer overflow if the number is larger than the
maximum value a 4-bytes signed integer can hold
((1 << 31) - 1) = 2147483647
Therefore, during the comparison
erts_atom_table_size < MIN_ATOM_TABLE_SIZE
any number above 2147483647 will be come negative, and causing
the condition to be true, which then errored out as bad atom table size.
Hence, the actual max atom size is same as the max signed int value.
|
|
When setting maximum atom table size using +t option, there will be a
integer overflow for a large size.
$ erl +t2147482625
ll_alloc: Cannot allocate 18446744073692774400 bytes of memory
(of type "atom_tab").
The overflow is caused by the arithmetic operations on int type.
When 2147482625 + 1024 it will become -2147483647 due to the signed
integerger overflow. Then the result will be resized to Uint type, which
is a unsigned long type, the negative int will first be expand to 64
bits long via sign extension, then change to unsigned type, which
becomes 18446744073692774400.
The fix is done by convert `limit` to Uint type before doing any
arithmetic operation. This will expand variable to 64 bits long type via
zero extension, then the following operation are all positive, therefore
no overflow will happen.
Note: here we assume the int `limit` passed in is always positive. If
some future change cause the `limit` passed in maybe negative, then the
current fix will also cause overflow.
|
|
|
|
|
|
|
|
|
