| Age | Commit message (Collapse) | Author |
|---|
|
|
|
* lukas/clean_doc_xmldir/OTP-15190:
docs: make clean all XMLDIR
|
|
|
|
* maint-21:
Updated OTP version
Update release notes
Update version numbers
Fix trace_info/2
Provide build support for standalone corba repo
Fix release notes for OTP-21.0.2
Move to a dirty scheduler even when we have pending system tasks
|
|
* siri/logger/post-21/OTP-15132:
[logger] Allow setting kernel parameter 'logger_level' to 'all'
[kernel] Reduce risk of dead lock when terminating logger_sup
[logger] Fix regexp replacement for unicode strings
Update proc_lib:report_cb to obey logger formatter's size limiting params
[logger] Allow report callback with two arguments returning a string
Don't call report_cb from cth_log_redirect - formatter does that
Add legacy test of sasl_report_file_h and size limiting
[logger] Remove compiler warnings in test
[logger] Fix problem with test cases waiting for handler restart
[logger] Add ?LOG macro which takes Level as argument
[logger] Improve spec for set_handler_config/3 and set_primary_config/2
[logger] Generate .png file from .dia
[logger] Update documentation
|
|
|
|
|
|
|
|
|
|
If the report callback is a fun of arity 2, then the second argument
is a map with the keys 'encoding', 'depth' and 'chars_limit', and the
fun must return a string which is size limited according to the given
depth and chars_limit.
If the report callback is a fun of arity 1, then it must return a
tuple containing a format string and a list of arguments. The
formatter will produce the string, and limit it's size.
|
|
|
|
|
|
|
|
|
|
|
|
Specify which keys and associated values are allowed.
|
|
|
|
|
|
|
|
|
|
* john/erts/fix-dirty-reschedule-bug/OTP-15154:
Move to a dirty scheduler even when we have pending system tasks
|
|
* john/erts/fix-21.0.2-release-notes:
Fix release notes for OTP-21.0.2
|
|
* rickard/trace-info-bug/OTP-15183:
Fix trace_info/2
|
|
* rickard/corba-build/OTP-15176:
Provide build support for standalone corba repo
|
|
|
|
Fix net_kernel:connect_node/1 to local node
|
|
|
|
* sverker/erts/monitored_by-docs/ERL-648/OTP-15180:
os_mon: Fix volatile test cpu_sup_SUITE:util_api
erts: Fix spec and docs for process_info 'monitored_by'
|
|
Dummy merge as ic is gone.
|
|
Docs says min _memchunk is 32, so lets use that.
|
|
|
|
longs, longlongs and wchar were too small on 64-bit
which could lead to potential buffer overflow at encoding.
__OE_DOUBLESZ__ was too big, probably due to old text format.
|
|
* ingela/backport/merge:
ssl: Prepare for release
ssl: Fix test case to only check relevant info for the test
ssl: Correct connection_information on ECC-curves
ssl: No cipher suite sign restriction in TLS-1.2
ssl: Add psk as anonymous key exchange in ssl_handshake:select_hashsign/5
ssl: anon test should use dh or ecdh anon keyexchange
ssl: Correct key_usage check
ssl: Fix ECDSA key decode clause
ssl: Avoid hardcoding of cipher suites and fix ECDH suite handling
ssl: Run all test case combinations
ssl: Correct ECC suite and DTLS ECC handling
|
|
ingela/backport/merge
|
|
IngelaAndin/ingela/ssl/unexpected-call/ERL-664/OTP-15174
ssl: Improve error handling
|
|
|
|
to be no-op and return true
as it always has before OTP-21.0.
|
|
|
|
Conflicts:
lib/ssl/test/ssl_basic_SUITE.erl
|
|
|
|
Conflicts:
lib/ssl/test/ssl_ECC_SUITE.erl
|
|
Failing to recognize psk as an anonymous key exchange would fail the connection
when trying to decode an undefined certificate.
|
|
|
|
The Key Usage extension is described in section 4.2.1.3 of X.509, with the following possible flags:
KeyUsage ::= BIT STRING {
digitalSignature (0),
nonRepudiation (1), -- recent editions of X.509 have
-- renamed this bit to contentCommitment
keyEncipherment (2),
dataEncipherment (3),
keyAgreement (4),
keyCertSign (5),
cRLSign (6),
encipherOnly (7),
decipherOnly (8) }
In SSL/TLS, when the server certificate contains a RSA key, then:
either a DHE or ECDHE cipher suite is used, in which case the RSA key
is used for a signature (see section 7.4.3 of RFC 5246: the "Server
Key Exchange" message); this exercises the digitalSignature key usage;
or "plain RSA" is used, with a random value (the 48-byte pre-master
secret) being encrypted by the client with the server's public key
(see section 7.4.7.1 of RFC 5246); this is right in the definition of
the keyEncipherment key usage flag.
dataEncipherment does not apply, because what is encrypted is not
directly meaningful data, but a value which is mostly generated
randomly and used to derive symmetric keys. keyAgreement does not
apply either, because that one is for key agreement algorithms which
are not a case of asymmetric encryption (e.g. Diffie-Hellman). The
keyAgreement usage flag would appear in a certificate which contains a
DH key, not a RSA key. nonRepudiation is not used, because whatever is
signed as part of a SSL/TLS key exchange cannot be used as proof for a
third party (there is nothing in a SSL/TLS tunnel that the client
could record and then use to convince a judge when tring to sue the
server itself; the data which is exchanged within the tunnel is not
signed by the server).
When a ECDSA key is used then "keyAgreement" flag is needed for beeing
ECDH "capable" (as opposed to ephemeral ECDHE)
|
|
|
|
ECDH suite handling did not use the EC parameters form the certs
as expected.
Conflicts:
lib/ssl/src/ssl_cipher.erl
|
|
Fix test case code to use keyAgreement for ECDH_ECDSA
Conflicts:
lib/ssl/test/ssl_ECC.erl
lib/ssl/test/ssl_ECC_openssl_SUITE.erl
lib/ssl/test/ssl_to_openssl_SUITE.erl
|
|
When test handling was corrected it was obvious that DTLS ECC handling
was not compleated.
Conflicts:
lib/ssl/src/ssl.erl
lib/ssl/test/Makefile
lib/ssl/test/ssl_ECC.erl
lib/ssl/test/ssl_ECC_SUITE.erl
lib/ssl/test/ssl_ECC_openssl_SUITE.erl
|
|
Don't match floats.
|
|
to include ports and NIF resources.
Added new opaque type 'nif_resource'.
|
