aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2018-07-10ssl: anon test should use dh or ecdh anon keyexchangeIngela Anderton Andin
2018-07-10ssl: Correct key_usage checkIngela Anderton Andin
The Key Usage extension is described in section 4.2.1.3 of X.509, with the following possible flags: KeyUsage ::= BIT STRING { digitalSignature (0), nonRepudiation (1), -- recent editions of X.509 have -- renamed this bit to contentCommitment keyEncipherment (2), dataEncipherment (3), keyAgreement (4), keyCertSign (5), cRLSign (6), encipherOnly (7), decipherOnly (8) } In SSL/TLS, when the server certificate contains a RSA key, then: either a DHE or ECDHE cipher suite is used, in which case the RSA key is used for a signature (see section 7.4.3 of RFC 5246: the "Server Key Exchange" message); this exercises the digitalSignature key usage; or "plain RSA" is used, with a random value (the 48-byte pre-master secret) being encrypted by the client with the server's public key (see section 7.4.7.1 of RFC 5246); this is right in the definition of the keyEncipherment key usage flag. dataEncipherment does not apply, because what is encrypted is not directly meaningful data, but a value which is mostly generated randomly and used to derive symmetric keys. keyAgreement does not apply either, because that one is for key agreement algorithms which are not a case of asymmetric encryption (e.g. Diffie-Hellman). The keyAgreement usage flag would appear in a certificate which contains a DH key, not a RSA key. nonRepudiation is not used, because whatever is signed as part of a SSL/TLS key exchange cannot be used as proof for a third party (there is nothing in a SSL/TLS tunnel that the client could record and then use to convince a judge when tring to sue the server itself; the data which is exchanged within the tunnel is not signed by the server). When a ECDSA key is used then "keyAgreement" flag is needed for beeing ECDH "capable" (as opposed to ephemeral ECDHE)
2018-07-10ssl: Fix ECDSA key decode clauseIngela Anderton Andin
2018-07-10ssl: Avoid hardcoding of cipher suites and fix ECDH suite handlingIngela Anderton Andin
ECDH suite handling did not use the EC parameters form the certs as expected. Conflicts: lib/ssl/src/ssl_cipher.erl
2018-07-10ssl: Run all test case combinationsIngela Anderton Andin
Fix test case code to use keyAgreement for ECDH_ECDSA Conflicts: lib/ssl/test/ssl_ECC.erl lib/ssl/test/ssl_ECC_openssl_SUITE.erl lib/ssl/test/ssl_to_openssl_SUITE.erl
2018-07-10ssl: Correct ECC suite and DTLS ECC handlingIngela Anderton Andin
When test handling was corrected it was obvious that DTLS ECC handling was not compleated. Conflicts: lib/ssl/src/ssl.erl lib/ssl/test/Makefile lib/ssl/test/ssl_ECC.erl lib/ssl/test/ssl_ECC_SUITE.erl lib/ssl/test/ssl_ECC_openssl_SUITE.erl
2018-06-28Updated OTP versionOTP-20.3.8.2Erlang/OTP
2018-06-28Prepare releaseErlang/OTP
2018-06-28Merge branch 'john/erts/fix-process-schedule-after-free/OTP-15067/ERL-573' ↵Erlang/OTP
into maint-20 * john/erts/fix-process-schedule-after-free/OTP-15067/ERL-573: Don't enqueue system tasks if target process is in fail_state Fix erroneous schedule of freed/exiting processes Fix deadlock in run queue evacuation Fix memory leak of processes that died in the run queue
2018-06-28Merge branch 'sverker/ic/encode-atom-overrun/ERIERL-191/OTP-15160' into maint-20Erlang/OTP
* sverker/ic/encode-atom-overrun/ERIERL-191/OTP-15160: ic: Fix buffer overrun bug in oe_ei_encode_atom
2018-06-28Merge branch 'sverker/erl_interface/simultaneous-connect/OTP-15161' into ↵Erlang/OTP
maint-20 * sverker/erl_interface/simultaneous-connect/OTP-15161: erl_interface: Fix simultaneous connection setup
2018-06-28Merge branch 'sverker/kernel/tick-fixes/OTP-15162' into maint-20Erlang/OTP
* sverker/kernel/tick-fixes/OTP-15162: kernel: Fix tick count bug when pending writes kernel: Send tick to hidden node even if pending writes
2018-06-28kernel: Fix tick count bug when pending writesSverker Eriksson
2018-06-28kernel: Send tick to hidden node even if pending writesSverker Eriksson
as c-nodes need ticks to send ticks.
2018-06-28ic: Fix buffer overrun bug in oe_ei_encode_atomSverker Eriksson
bug exists since OTP-20.3.4 1d3acb70debd134c8346b7e98347171d5cf6fc62
2018-06-21Updated OTP versionOTP-20.3.8.1Erlang/OTP
2018-06-21Prepare releaseErlang/OTP
2018-06-21Merge branch 'hans/ssh/sftp_ver4_xfer/ERIERL-199/OTP-15149' into maint-20Erlang/OTP
* hans/ssh/sftp_ver4_xfer/ERIERL-199/OTP-15149: ssh: Fix ssh_xfer decode_ATTR error for Vsn=4
2018-06-21Merge branch 'hans/ssh/sftp_error_codes/ERIERL-194/OTP-15148' into maint-20Erlang/OTP
* hans/ssh/sftp_error_codes/ERIERL-194/OTP-15148: ssh: Report the signal name if there is an exit-signal to sftpd ssh: Bug fix sftp error codes
2018-06-21Merge branch 'hasse/syntax_tools/fix_map_type/OTP-15098/ERIERL-177' into ↵Erlang/OTP
maint-20 * hasse/syntax_tools/fix_map_type/OTP-15098/ERIERL-177: syntax_tools: Fix a bug regarding reverting map types.
2018-06-21Merge branch 'hans/ftp/socket_opts/ERIERL-192/OTP-15120' into maint-20Erlang/OTP
* hans/ftp/socket_opts/ERIERL-192/OTP-15120: ftp: Disallow 'packet_size' for low-level options ftp: Socket options
2018-06-21ssh: Report the signal name if there is an exit-signal to sftpdHans Nilsson
2018-06-21ssh: Bug fix sftp error codesHans Nilsson
Report the signal name if the signal error message is "" Do not report a return code of 0 as an error.
2018-06-20ssh: Fix ssh_xfer decode_ATTR error for Vsn=4Hans Nilsson
2018-06-19ftp: Disallow 'packet_size' for low-level optionsHans Nilsson
2018-06-19erl_interface: Fix simultaneous connection setupSverker Eriksson
by also accepting status "ok_simultaneous".
2018-06-18ftp: Socket optionsHans Nilsson
2018-06-14syntax_tools: Fix a bug regarding reverting map types.Hans Bolinder
2018-06-14Don't enqueue system tasks if target process is in fail_stateJohn Högberg
The fail state wasn't re-checked in the state change loop; only the FREE state was checked. In addition to that, we would leave the task in the queue when bailing out which could lead to a double-free. This commit backports active_sys_enqueue from master to make it easier to merge onwards.
2018-06-14Fix erroneous schedule of freed/exiting processesJohn Högberg
When scheduled out, the process was never checked for the FREE state before rescheduling, which meant that a system task could sneak in and cause a double-free later on.
2018-06-13Updated OTP versionOTP-20.3.8Erlang/OTP
2018-06-13Prepare releaseErlang/OTP
2018-06-13Merge branch 'raimo/snmp/parse-mc_new_type-first/ERIERL-161/OTP-14196' into ↵Erlang/OTP
maint-20 * raimo/snmp/parse-mc_new_type-first/ERIERL-161/OTP-14196: Add test case Parse #mc_new_type{}s before definitions_loop/2
2018-06-13Merge branch 'sverker/ets-auto-unfix-delete-race/OTP-15109' into maint-20Erlang/OTP
* sverker/ets-auto-unfix-delete-race/OTP-15109: erts: Fix race between ets table deletion and auto-unfix
2018-06-11Add test caseRaimo Niskanen
2018-06-11Parse #mc_new_type{}s before definitions_loop/2Raimo Niskanen
2018-06-05Updated OTP versionOTP-20.3.7Erlang/OTP
2018-06-05Prepare releaseErlang/OTP
2018-06-05Merge branch 'ingela/inets/header-handling/OTP-15092' into maint-20Erlang/OTP
* ingela/inets/header-handling/OTP-15092: inets: Gracefully handle bad headers
2018-06-05Merge branch 'lars/erl_docgen/fix-xsl-makefile/OTP-15091' into maint-20Erlang/OTP
* lars/erl_docgen/fix-xsl-makefile/OTP-15091: [erl_docgen] Update version [erl_docgen] Add missing file db_funcs.xsl to file list
2018-06-05Merge branch 'sverker/system-profile-bug/OTP-15085' into maint-20Erlang/OTP
* sverker/system-profile-bug/OTP-15085: erts: Fix bug in system_profile
2018-06-05Merge branch 'sverker/enif_binary_to_term-bug/OTP-15080' into maint-20Erlang/OTP
* sverker/enif_binary_to_term-bug/OTP-15080: erts: Fix bug in enif_binary_to_term for immediates
2018-06-04erts: Fix race between ets table deletion and auto-unfixSverker Eriksson
Problem: 1. Process A fixates table T. 2. Process B starts deleting table T (either by ets:delete or exit) and does tid_clear(). 3. Process A exits and does proc_cleanup_fixed_table() and get NULL from btid2tab() and deallocates DbFixation. 4. Process B continues deleting table in free_fixations_locked() and finds the deallocated DbFixation in the fixing_procs tree. Solution: Wait with tid_clear() until after free_fixations_locked() has traversed the fixing_procs tree.
2018-05-22inets: Gracefully handle bad headersIngela Anderton Andin
max_headers operated on the individual header length instead of the total length of all headers. Also headers with empty keys are now discarded.
2018-05-21[erl_docgen] Update versionLars Thorsen
2018-05-21[erl_docgen] Add missing file db_funcs.xsl to file listLars Thorsen
2018-05-21Fix deadlock in run queue evacuationJohn Högberg
2018-05-21Fix memory leak of processes that died in the run queueJohn Högberg
2018-05-18erts: Fix bug in system_profileSverker Eriksson
seen to cause redundant {profile,_,active,_,_} messages when process is terminating.
2018-05-16erts: Fix bug in enif_binary_to_term for immediatesSverker Eriksson
Symptom: Heap corruption Expanded test case to provoke this bug and test some more term types.