aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2017-11-22Updated OTP versionOTP-18.3.4.1.1Ingela Anderton Andin
2017-11-22Prepare releaseIngela Anderton Andin
2017-11-22ssl: Countermeasurements for Bleichenbacher attackIngela Anderton Andin
Back ported for security reasons. Remove DTLS changes as DTLS is not at all working in OTP 18.
2016-06-22Updated OTP versionOTP-18.3.4.1Erlang/OTP
2016-06-22Update release notesErlang/OTP
2016-06-22Merge branch 'hans/ssh/retry_pwd_patch/OTP-13674' into maint-18Erlang/OTP
* hans/ssh/retry_pwd_patch/OTP-13674: ssh: update vsn.mk ssh: polishing of password prompt's linefeed ssh: Fix a hazard bug in ssh_auth ssh: Some code cuddling in ssh_io ssh: Fix type error in args of ssh_auth:sort_selected_mthds ssh: Make client send a faulty pwd only once, ssh_connection_handler part ssh: Make client send a faulty pwd only once, ssh_auth part ssh: test cases for no repetition of bad passwords
2016-06-22ssh: update vsn.mkHans Nilsson
2016-06-22ssh: polishing of password prompt's linefeedHans Nilsson
2016-06-22ssh: Fix a hazard bug in ssh_authHans Nilsson
2016-06-22ssh: Some code cuddling in ssh_ioHans Nilsson
2016-06-22ssh: Fix type error in args of ssh_auth:sort_selected_mthdsHans Nilsson
2016-06-22ssh: Make client send a faulty pwd only once, ssh_connection_handler partHans Nilsson
2016-06-22ssh: Make client send a faulty pwd only once, ssh_auth partHans Nilsson
Conflicts: lib/ssh/src/ssh_connection_handler.erl
2016-06-22ssh: test cases for no repetition of bad passwordsHans Nilsson
2016-06-13Updated OTP versionOTP-18.3.4Erlang/OTP
2016-06-13Update release notesErlang/OTP
2016-06-13Merge branch 'ingela/inets/clean-white-space/OTP-13663' into maint-18Erlang/OTP
* ingela/inets/clean-white-space/OTP-13663: inets: Prepare for release inets: Handle multiple \t in mime types file
2016-06-13Merge branch 'ingela/maint/ssl/max-session-table/OTP-13490' into maint-18Erlang/OTP
* ingela/maint/ssl/max-session-table/OTP-13490: ssl: Mitigate load increase when the whole session table is invalidated
2016-06-13Merge branch 'joedevivo/maint/ssl/PR-1063/OTP-13635' into maint-18Erlang/OTP
* joedevivo/maint/ssl/PR-1063/OTP-13635: ssl:recv timeout() can be 0
2016-06-13Merge branch 'ingela/maint/ssl/tls-1.2-available-hashsigns/OTP-13670' into ↵Erlang/OTP
maint-18 * ingela/maint/ssl/tls-1.2-available-hashsigns/OTP-13670: ssl: ordsets:intersection/2 did not give the expected result
2016-06-13Merge branch 'kennethlakin/maint/tls-use-negotiated-prf/PR-1042/OTP-13546' ↵Erlang/OTP
into maint-18 * kennethlakin/maint/tls-use-negotiated-prf/PR-1042/OTP-13546: ssl: Use cipher suite's PRF in prf/5
2016-06-13Merge branch 'ingela/ssl/maint-rel' into maint-18Erlang/OTP
* ingela/ssl/maint-rel: ssl: Prepare for release
2016-06-13ssl: Mitigate load increase when the whole session table is invalidatedIngela Anderton Andin
2016-06-13inets: Prepare for releaseIngela Anderton Andin
2016-06-13ssl: Prepare for releaseIngela Anderton Andin
2016-06-09ssl: Use cipher suite's PRF in prf/5Kenneth Lakin
Use the negotiated cipher suite's PRF algorithm in calls to ssl:prf/5, rather than a hard-coded one. For TLS 1.0 the PRF algorithm was hard-coded to MD5/SHA1. This was correct 100% of the time. For TLS 1.1 and 1.2 the PRF algorithm was hard-coded to SHA256. This was correct only some of the time for TLS 1.2 and none of the time for TLS 1.1. Because the TLS handshake code calls tls_v1:prf/5 through another path, the handshaking process used the negotiated PRF and did not encounter this bug. A new test (prf) has been added to ssl_basic_SUITE to guard against future breakage.
2016-06-09ssl:recv timeout() can be 0Joe DeVivo
gen_tcp:recv allows this, and if you're doing something like Transport:recv(Socket, 0, 0), TCP will work and SSL will exit with function_clause There were other cases of this throughout the module. This PR cleans them all up.
2016-06-09ssl: ordsets:intersection/2 did not give the expected resultIngela Anderton Andin
Turns out we can not count on the "hashsigns" sent by the client and the supported "hashigns" sets to have required properties of ordsets.
2016-06-09inets: Handle multiple \t in mime types fileIngela Anderton Andin
2016-05-03Updated OTP versionOTP-18.3.3Erlang/OTP
2016-05-03Prepare releaseErlang/OTP
2016-05-03Merge branch 'ingela/inets/deprecated-inets_regexp/OTP-13533' into maint-18Erlang/OTP
* ingela/inets/deprecated-inets_regexp/OTP-13533: inets: Prepare for release inets: Put back inets_regexp module in OTP 18
2016-05-03Merge branch 'ingela/ssl/maint/algo-fixes/OTP-13525' into maint-18Erlang/OTP
* ingela/ssl/maint/algo-fixes/OTP-13525: ssl: Correct guard expression ssl: Correct cipher suites conversion
2016-05-03Merge branch 'peppe/ct_misc_18_patches' into maint-18Erlang/OTP
* peppe/ct_misc_18_patches: Add flag/option for disabling the character escaping functionality Fix bug using the wrong lists search function Fix bug with clashing timestamp values Fix problem with stylesheet tags getting escaped Skip pre/post test IO suite if cover or debug is running Tweak pre_post_io test case to run without failing Fix various log related problems
2016-05-03Merge branch 'peppe/ct_remove_nodelay/OTP-13462' into maint-18Erlang/OTP
* peppe/ct_remove_nodelay/OTP-13462: Update the reference manual Make the nodelay setting configurable and false per default
2016-05-03Merge branch 'zandra/cth_surefire-bug/OTP-13513' into maint-18Erlang/OTP
* zandra/cth_surefire-bug/OTP-13513: add testcase for the surefire hook bug fix cht_surefire bug when pre_init_per_suite fails
2016-05-03inets: Prepare for releaseIngela Anderton Andin
2016-05-03inets: Put back inets_regexp module in OTP 18Ingela Anderton Andin
Put back unused module inets_regexp and remove it in OTP 19 instead as it is an incompatibility, although it is an undocumented module and should not affect other applications (the world is not perfect).
2016-05-02Add flag/option for disabling the character escaping functionalityPeter Andersson
OTP-13537
2016-05-02Update the reference manualPeter Andersson
OTP-13462
2016-05-02Fix bug using the wrong lists search functionPeter Andersson
2016-05-02Fix bug with clashing timestamp valuesPeter Andersson
2016-05-02Fix problem with stylesheet tags getting escapedPeter Andersson
OTP-13536
2016-05-02Skip pre/post test IO suite if cover or debug is runningPeter Andersson
OTP-13535 The return value of ct:get_timetrap_info/0 has been modified.
2016-05-02Tweak pre_post_io test case to run without failingPeter Andersson
2016-05-02Fix various log related problemsPeter Andersson
2016-04-29ssl: Correct guard expressionIngela Anderton Andin
The guard should check that the TLS version is at least TLS-1.2.
2016-04-29ssl: Correct cipher suites conversionIngela Anderton Andin
Correct conversion errors form commit d2381e1a8d7cd54f7dc0a5105d172460b005a8fb Please enter the commit message for your changes. Lines starting
2016-04-28Make the nodelay setting configurable and false per defaultPeter Andersson
2016-04-27add testcase for the surefire hook bugZandra