Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-11-22 | Updated OTP versionOTP-18.3.4.1.1 | Ingela Anderton Andin | |
2017-11-22 | Prepare release | Ingela Anderton Andin | |
2017-11-22 | ssl: Countermeasurements for Bleichenbacher attack | Ingela Anderton Andin | |
Back ported for security reasons. Remove DTLS changes as DTLS is not at all working in OTP 18. | |||
2016-06-22 | Updated OTP versionOTP-18.3.4.1 | Erlang/OTP | |
2016-06-22 | Update release notes | Erlang/OTP | |
2016-06-22 | Merge branch 'hans/ssh/retry_pwd_patch/OTP-13674' into maint-18 | Erlang/OTP | |
* hans/ssh/retry_pwd_patch/OTP-13674: ssh: update vsn.mk ssh: polishing of password prompt's linefeed ssh: Fix a hazard bug in ssh_auth ssh: Some code cuddling in ssh_io ssh: Fix type error in args of ssh_auth:sort_selected_mthds ssh: Make client send a faulty pwd only once, ssh_connection_handler part ssh: Make client send a faulty pwd only once, ssh_auth part ssh: test cases for no repetition of bad passwords | |||
2016-06-22 | ssh: update vsn.mk | Hans Nilsson | |
2016-06-22 | ssh: polishing of password prompt's linefeed | Hans Nilsson | |
2016-06-22 | ssh: Fix a hazard bug in ssh_auth | Hans Nilsson | |
2016-06-22 | ssh: Some code cuddling in ssh_io | Hans Nilsson | |
2016-06-22 | ssh: Fix type error in args of ssh_auth:sort_selected_mthds | Hans Nilsson | |
2016-06-22 | ssh: Make client send a faulty pwd only once, ssh_connection_handler part | Hans Nilsson | |
2016-06-22 | ssh: Make client send a faulty pwd only once, ssh_auth part | Hans Nilsson | |
Conflicts: lib/ssh/src/ssh_connection_handler.erl | |||
2016-06-22 | ssh: test cases for no repetition of bad passwords | Hans Nilsson | |
2016-06-13 | Updated OTP versionOTP-18.3.4 | Erlang/OTP | |
2016-06-13 | Update release notes | Erlang/OTP | |
2016-06-13 | Merge branch 'ingela/inets/clean-white-space/OTP-13663' into maint-18 | Erlang/OTP | |
* ingela/inets/clean-white-space/OTP-13663: inets: Prepare for release inets: Handle multiple \t in mime types file | |||
2016-06-13 | Merge branch 'ingela/maint/ssl/max-session-table/OTP-13490' into maint-18 | Erlang/OTP | |
* ingela/maint/ssl/max-session-table/OTP-13490: ssl: Mitigate load increase when the whole session table is invalidated | |||
2016-06-13 | Merge branch 'joedevivo/maint/ssl/PR-1063/OTP-13635' into maint-18 | Erlang/OTP | |
* joedevivo/maint/ssl/PR-1063/OTP-13635: ssl:recv timeout() can be 0 | |||
2016-06-13 | Merge branch 'ingela/maint/ssl/tls-1.2-available-hashsigns/OTP-13670' into ↵ | Erlang/OTP | |
maint-18 * ingela/maint/ssl/tls-1.2-available-hashsigns/OTP-13670: ssl: ordsets:intersection/2 did not give the expected result | |||
2016-06-13 | Merge branch 'kennethlakin/maint/tls-use-negotiated-prf/PR-1042/OTP-13546' ↵ | Erlang/OTP | |
into maint-18 * kennethlakin/maint/tls-use-negotiated-prf/PR-1042/OTP-13546: ssl: Use cipher suite's PRF in prf/5 | |||
2016-06-13 | Merge branch 'ingela/ssl/maint-rel' into maint-18 | Erlang/OTP | |
* ingela/ssl/maint-rel: ssl: Prepare for release | |||
2016-06-13 | ssl: Mitigate load increase when the whole session table is invalidated | Ingela Anderton Andin | |
2016-06-13 | inets: Prepare for release | Ingela Anderton Andin | |
2016-06-13 | ssl: Prepare for release | Ingela Anderton Andin | |
2016-06-09 | ssl: Use cipher suite's PRF in prf/5 | Kenneth Lakin | |
Use the negotiated cipher suite's PRF algorithm in calls to ssl:prf/5, rather than a hard-coded one. For TLS 1.0 the PRF algorithm was hard-coded to MD5/SHA1. This was correct 100% of the time. For TLS 1.1 and 1.2 the PRF algorithm was hard-coded to SHA256. This was correct only some of the time for TLS 1.2 and none of the time for TLS 1.1. Because the TLS handshake code calls tls_v1:prf/5 through another path, the handshaking process used the negotiated PRF and did not encounter this bug. A new test (prf) has been added to ssl_basic_SUITE to guard against future breakage. | |||
2016-06-09 | ssl:recv timeout() can be 0 | Joe DeVivo | |
gen_tcp:recv allows this, and if you're doing something like Transport:recv(Socket, 0, 0), TCP will work and SSL will exit with function_clause There were other cases of this throughout the module. This PR cleans them all up. | |||
2016-06-09 | ssl: ordsets:intersection/2 did not give the expected result | Ingela Anderton Andin | |
Turns out we can not count on the "hashsigns" sent by the client and the supported "hashigns" sets to have required properties of ordsets. | |||
2016-06-09 | inets: Handle multiple \t in mime types file | Ingela Anderton Andin | |
2016-05-03 | Updated OTP versionOTP-18.3.3 | Erlang/OTP | |
2016-05-03 | Prepare release | Erlang/OTP | |
2016-05-03 | Merge branch 'ingela/inets/deprecated-inets_regexp/OTP-13533' into maint-18 | Erlang/OTP | |
* ingela/inets/deprecated-inets_regexp/OTP-13533: inets: Prepare for release inets: Put back inets_regexp module in OTP 18 | |||
2016-05-03 | Merge branch 'ingela/ssl/maint/algo-fixes/OTP-13525' into maint-18 | Erlang/OTP | |
* ingela/ssl/maint/algo-fixes/OTP-13525: ssl: Correct guard expression ssl: Correct cipher suites conversion | |||
2016-05-03 | Merge branch 'peppe/ct_misc_18_patches' into maint-18 | Erlang/OTP | |
* peppe/ct_misc_18_patches: Add flag/option for disabling the character escaping functionality Fix bug using the wrong lists search function Fix bug with clashing timestamp values Fix problem with stylesheet tags getting escaped Skip pre/post test IO suite if cover or debug is running Tweak pre_post_io test case to run without failing Fix various log related problems | |||
2016-05-03 | Merge branch 'peppe/ct_remove_nodelay/OTP-13462' into maint-18 | Erlang/OTP | |
* peppe/ct_remove_nodelay/OTP-13462: Update the reference manual Make the nodelay setting configurable and false per default | |||
2016-05-03 | Merge branch 'zandra/cth_surefire-bug/OTP-13513' into maint-18 | Erlang/OTP | |
* zandra/cth_surefire-bug/OTP-13513: add testcase for the surefire hook bug fix cht_surefire bug when pre_init_per_suite fails | |||
2016-05-03 | inets: Prepare for release | Ingela Anderton Andin | |
2016-05-03 | inets: Put back inets_regexp module in OTP 18 | Ingela Anderton Andin | |
Put back unused module inets_regexp and remove it in OTP 19 instead as it is an incompatibility, although it is an undocumented module and should not affect other applications (the world is not perfect). | |||
2016-05-02 | Add flag/option for disabling the character escaping functionality | Peter Andersson | |
OTP-13537 | |||
2016-05-02 | Update the reference manual | Peter Andersson | |
OTP-13462 | |||
2016-05-02 | Fix bug using the wrong lists search function | Peter Andersson | |
2016-05-02 | Fix bug with clashing timestamp values | Peter Andersson | |
2016-05-02 | Fix problem with stylesheet tags getting escaped | Peter Andersson | |
OTP-13536 | |||
2016-05-02 | Skip pre/post test IO suite if cover or debug is running | Peter Andersson | |
OTP-13535 The return value of ct:get_timetrap_info/0 has been modified. | |||
2016-05-02 | Tweak pre_post_io test case to run without failing | Peter Andersson | |
2016-05-02 | Fix various log related problems | Peter Andersson | |
2016-04-29 | ssl: Correct guard expression | Ingela Anderton Andin | |
The guard should check that the TLS version is at least TLS-1.2. | |||
2016-04-29 | ssl: Correct cipher suites conversion | Ingela Anderton Andin | |
Correct conversion errors form commit d2381e1a8d7cd54f7dc0a5105d172460b005a8fb Please enter the commit message for your changes. Lines starting | |||
2016-04-28 | Make the nodelay setting configurable and false per default | Peter Andersson | |
2016-04-27 | add testcase for the surefire hook bug | Zandra | |