Age | Commit message (Collapse) | Author |
|
The order of peers presented to a diameter_app(3) pick_peer callback has
previously not been documented, but there are use cases that are
simplified by an ordering. For example, consider preferring a direct
connection to a specified Destination-Host/Realm to any host in the
realm. The implementation previously treated this as a special case by
placing matching hosts at the head of the peers list, but the
documentation made no guarantees. Now present peers in match-order, so
that the desired sorting is the result of the following filter.
{any, [{all, [host, realm]}, realm]}
The implementation is not backwards compatible in the sense that a realm
filter alone is no longer equivalent in this case. However, as stated,
the documentation never made any guarantees regarding the sorting.
|
|
|
|
|
|
|
|
* siri/megaco/fix-appup:
[megaco] Fix appup for OTP-17.3
|
|
|
|
|
|
* anders/diameter/17.3_release/OTP-12093:
Add recompilation admonition to 17.2 release notes
|
|
* anders/diameter/Failed-AVP/OTP-12094:
Fix ?MODULE in preprocessed dictionary forms
|
|
That dictionaries need to be recompiled, which is the case whenever
diameter_gen.hrl is modified.
|
|
By replacing literal diameter_gen_relay atoms in forms extracted from
that module by the name of the module in question. This has been wrong
for some time, but only became noticable when the parent commit started
using ?MODULE as more than a process dictionary key or tag to match on.
In particular, the function dict/1 in diameter_gen.hrl (included by
every dictionary module) can now return ?MODULE, which is (not
surprisingly) expected to be the name of the dictionary module in
question. It wasn't in the case of a module compiled from forms: it was
diameter_gen_relay, since that's the module the forms were extracted
from.
The fix only affects dictionaries compiled from forms, as returned by
diameter_make:codec/2. In particular, dictionaries compiled from Erlang
source returned by this function, or by diameterc(1), are unaffected.
|
|
|
|
|
|
* sverk/dirty-sched-api-cleanup:
erts: Remove enif_have_dirty_schedulers()
erts: Correct dirty scheduler NIF API for Windows
|
|
and add 'dirty_scheduler_support' to ErlNifSysInfo
|
|
* ia/public_key/links:
public_key: Fix link errors in documentation
|
|
|
|
|
|
* lrascao/fix_bug_windows_directory_symlinks:
fix indentation, add comment describing windows symlink creation assumption
fix escript archive symlinked across drives
OTP-12155
OTP-12154
OTP-12153
|
|
* dgud/tools/emacs-fix:
Add new bif to emacs mode
|
|
* raimo/snmp/manager-ipv4+ipv6/OTP-12108:
Remove debug printouts
Fix manager backwards compat for agent addr
Update .appup
Update documentation
Clean up some config warts
Raise timeout and see if testcases stabilize
Merge manager net_if_mt into net_if
Clean up config error handling and negative results
Remove decommented code and clean up diff
Implement IPv4+IPv6 in MT manager
Avoid test case known to fail
Improve testcase test for IPv6 capable host
Write manager IPv4+IPv6 test
Rewrite manager net_if for IPv4+IPv6
|
|
enif_schedule_nif() put LAST of the unconditional functions to keep the
order which is vital for ABI compatibility on Windows.
The conditional dirty scheduler stuff moved down at the end of the list
to keep them out of the way. We don't want them mess things up then they
become unconditional some day.
|
|
* ia/ssl/partial_chain/OTP-12149:
ssl: One more workaround as tcp has no delivery gurantee on application level
ssl: Prepare for release - soft upgrade
ssl, public_key: Add new option partial_chain
|
|
* lukas/docfixes-17.3/OTP-12152:
Fix some spelling misstakes
|
|
|
|
|
|
|
|
* anders/diameter/17.3_release/OTP-12093:
vsn -> 1.7.1
Update appup for OTP-12094
Update appup for OTP-12080
Update appup for OTP-12069
|
|
* anders/diameter/5014/OTP-12074:
Don't leave extra bit in decoded AVP data
|
|
* anders/diameter/Failed-AVP/OTP-12094:
Fix best effort decode of Failed-AVP
Fix decode of Failed-AVP in RFC 3588 answer-message
|
|
* anders/diameter/counters/OTP-12080:
Fix counters for answer-message
Count relayed messages on {relay, Rbit}
Count request retransmissions
Fix counting of outgoing requests
|
|
* anders/diameter/info/OTP-12069:
Map binary process info to a reference/byte count
Add info item for diameter:service_info/2
Add (process) info tuple to diameter:service_info/2
Add diameter_dbg:sizes/0
Tweak comments
|
|
* sverk/crypto-check-version/OTP-12146:
crypto: Verify OpenSSL library major version at load
|
|
|
|
|
|
* fishcakez/dialyzer_beam_opts:
Use compile options when dialyzing beam files
|
|
|
|
|
|
Check that the certificate chain ends with a trusted ROOT CA e.i. a
self-signed certificate, but provide an option partial_chain to
enable the application to define an intermediat CA as trusted.
TLS RFC says:
"unknown_ca
A valid certificate chain or partial chain was received, but the
certificate was not accepted because the CA certificate could not
be located or couldn't be matched with a known, trusted CA. This
message is always fatal."
and also states:
"certificate_list
This is a sequence (chain) of certificates. The sender's
certificate MUST come first in the list. Each following
certificate MUST directly certify the one preceding it. Because
certificate validation requires that root keys be distributed
independently, the self-signed certificate that specifies the root
certificate authority MAY be omitted from the chain, under the
assumption that the remote end must already possess it in order to
validate it in any case."
X509 RFC says:
"The selection of a trust anchor is a matter of policy: it could be
the top CA in a hierarchical PKI, the CA that issued the verifier's
own certificate(s), or any other CA in a network PKI. The path
validation procedure is the same regardless of the choice of trust
anchor. In addition, different applications may rely on different
trust anchors, or may accept paths that begin with any of a set of
trust anchors."
|
|
* hans/common_test/prop_test:
ssh: update for triq tests
common_test: ct_property_test call correct Triq function.
ct_property_test: add Triq support
|
|
|
|
|
|
Also, ensure that the right module's counterexample/0 is called.
|
|
The bit is added in diameter_codec to induce a decode error in the case
of 5014 errors, but was not removed before returning the decoded result.
Code examining the binary data in a diameter_avp record would then see
the extra bit.
|
|
|
|
diameter_codec must be loaded before diameter_traffic.
|
|
|
|
|
|
|
|
Commit c2c00fdd didn't get it quite right: it only decoded failed AVPs
in the common dictionary since it's this dictionary an answer-message is
decoded in. An extra dictionary isn't something that's easily passed
through the decode without rewriting dictionary compilation however, and
that's no small job, so continue with the use/abuse of the process
dictionary by storing the dictionary module for the decode to retrieve.
This is one step worse than previous uses since the dictionary is put in
one module (diameter_codec) and got in another (the dictionary module),
but it's the lesser of two evils.
|