| Age | Commit message (Collapse) | Author |
|---|
|
Allow applications to use a packet_size setting on a socket to control
acceptable HTTP header line length. This gives them the ability to
accept HTTP headers larger than the default settings allow, but also
lets them avoid DOS attacks by accepting header lines only up to
whatever length they wish to allow.
Without this change, if an HTTP request/response line or header
arrives on a socket in http, http_bin, httph, or httph_bin parsing
mode, and the request/response line or header is too long to fit into
a default inet_drv buffer of 1460 bytes, an unexpected error
occurs. These problems were described and discussed on
erlang-questions in June 2011 in this thread:
http://erlang.org/pipermail/erlang-questions/2011-June/059563.html
In the original code, no buffer reallocation occurs to enlarge the
buffer, even if packet_size or line_length are set in a way that
should allow the HTTP data to be parsed properly. The only available
workaround was to collect headers and parse them using
erlang:decode_packet, but that approach has drawbacks such as having
to collect all HTTP header data before it can be handed to
decode_packet for correct parsing, and also requiring each and every
Erlang web server developer/maintainer to add the workaround to his or
her web server.
Change the packet parser to honor the packet_size setting for HTTP
parsing. If packet_size is set, and an HTTP request/response or header
line exceeds the default 1460 byte TCP buffer limit, return an
indication to tcp_remain that it should realloc the buffer to enlarge
it to packet_size. Also fix the HTTP parsing code to properly honor
line_length by truncating any HTTP request/response or header lines
that exceed that setting.
For backward compatibility, default behavior is unchanged; if an
application wants to be able to accept long HTTP header lines, it must
set packet_size to an appropriate value. Buffer reallocation occurs
only when needed, so the original default buffer size in the code is
still the default.
Make the line mode parsing honor packet_size as well, for consistency.
Add new regression tests to the emulator decode_packet suite and also
to the kernel gen_tcp_misc suite.
The documentation for packet_size in inet:setopts/2 is already
sufficient.
Many thanks to Sverker Eriksson for his guidance on how to best fix
this bug and also for reviewing a number of patch attempts prior to
this one.
|
|
* sverk/crypto-sha256:
crypto: Add sha256,384,512 in documentation for rsa_verify
crypto: Add sha{256,384,512} to rsa_verify
crypto: Add sha256 and sha512
OTP-9778
|
|
|
|
* sa/dialyzer-fixes:
Correct callback spec in application module
Refine warning about callback specs with extra ranges
Cleanup autoimport compiler directives
Fix Dialyzer's warnings in typer
Fix Dialyzer's warning for its own code
Fix bug in Dialyzer's behaviours analysis
Fix crash in Dialyzer
OTP-9776
|
|
* ia/ssl/test-cases-maint2:
Added tcp_delivery_workaround to the test case invalid_signature_server
|
|
* lukas/common_test/reverse_hook_order/OTP-9774:
Reverse hook order for *_end_per_* hooks
|
|
* lars/orber/ssl-options/OTP-9773:
[orber] Change the option handling for ssl
|
|
The workaround ought to have been added to this case when it was added to
the test case invalid_signature_client
|
|
* lars/erl_docgen/arity-calculation-bug/OTP-9772:
[erl_docgen] Fix arity calculation bug
|
|
|
|
|
|
|
|
|
|
* sverk/deprecate-nif-reload:
erts: Deprecate the NIF reload mechanism
OTP-9771
|
|
* bjorn/test-cases:
lcnt_SUITE: Be kind to slow machines
crypto_SUITE: Reinstate what was "lost in translation"
fileTransferSUITE: Cope with missing/broken crypto application
sensitive_SUITE: Fix spuriously failing recv_trace/1
eprof_SUITE: Cope with fast computers and bad time measurements
cover_SUITE: Cope with missing/broken crypto application
otp_SUITE: Write log files about undefined functions and so on
|
|
The second function erts_unblock_fpe is not needed in here.
|
|
* ia/ssl/dialyzer-R15:
Callback specs now handled by -callback directive in the behaviour module.
|
|
* siri/sasl/improve-doc/OTP-9294:
Add all valid report types in documentation of rb:list
Fix minor faults in documentation of release handling
Rename create_target.xml to create_target.xmlsrc to prepare for codeinclude
|
|
* hb/kernel/too_greedy_disk_log/OTP-9764:
Make sure disk_log does not write too much data
|
|
* ia/ssl/rc4-no-split:
Do not do the 1/n-1 split for RC4 as it is not vulnerable to the Rizzo/Duong-Beast attack.
|
|
Rizzo/Duong-Beast attack.
|
|
* hb/erts/minor_doc_fix/OTP-9762:
Minor fix of erts_alloc.xml
|
|
While disk_log eagerly collects logged data for better performance,
collecting too much data may choke the system and cause huge binaries
to be written. (Reported by Klarna.)
(Logging data faster than the speed disk_log can write to disk can
still cause problems.)
|
|
Bump the value for timetrap timeout, and also call lcnt:stop/0
in end_per_testcase/2 so that failure in one test case will not
cause all the following to fail.
|
|
When crypto_SUITE was migrated to the common_test format in commit
f6b19ef8603b46c64f3722ede3915dd1ac67bae8, some things were lost
in translation. Reinstate the previous behaviour:
1) Run the info/1 test case. This test case will cause a skip if
the test is run on a non-commercial platform and the entire
crypto application is missing. If the crypto application exists,
but does not work properly, the test case will fail.
2) If info/1 is skipped or fails, don't run any other test cases
in crypto_SUITE. (That is, if there is a basic problem, ONE
failed test case is sufficient indication.)
|
|
|
|
Only three messages are guaranteed to be in message queue of the
tracer process. The second {trace_delivered,_,_} message may or
may not be there.
|
|
|
|
|
|
Write some extra log files for easy access by other tools.
|
|
* rickard/time_t:
Fix time types
OTP-9767
|
|
|
|
|
|
* pan/win64-port:
Update static cache
Back to not using 32bit time_t
Remove ancient WaitForInputIdle workaround
Iron out bugs in Win64 found in daily builds
Make Win64 build work both under MSYS and Cygwin
Fix aclocal.m4 to override changes in opu
Make whole of OTP build and release on Win64
Get cerl and distribution working in Win64
Get working prompt in Win64 using bootstrap code
Build Win64 Erlang emulator using MSYS
Add static win64 cache
OTP-9130
OTP-9766
|
|
IPV6 was disabled in cache when it should actually be supported
Cache updated to disable all sctp for configure speed
|
|
|
|
|
|
Almost all uses of the 'long' datatype is removed from VM and tests
Emulator test now runs w/o drivers crashing
Nasty abs bug fixed in VM as well as type errors in allocator debug functions
Still one allocator test that fails, domain knowledge is needed to fix that.
Fix type inconsistency in beam_load causing crashes
|
|
|
|
|
|
Removed symbolic links from repository.
|
|
Can still not setup -a, but cerl works.
|
|
|
|
Still does not run, just compiles.
|
|
|
|
|
|
|
|
* ta/sendfile/OTP-9240: (31 commits)
Add sendfile server printouts
Skip recv/send during tests for fallback platforms
Remove header/trailer support
Remove windows implementation
Expand sendfile documentation
Only allow tcp sockets as target for sendfile
Move sendfile api to file module
Preliminary work on header/trailer
Use free_sendfile explicitly for non-async
Remove debug printouts
Add tests for send/recv/sendfile interactions
Remove tests for file_server sendfile
sendfile caller now has to be the controlling_process
Remove support for file_server, sendfile has to be raw
Set chunk size to 3 GB
Change type of fd to be ErlDrvEvent
Add ifdef's for HAVE_SENDFILE
Fix freebsd support for sendfile
Change nbytes to 64 bit
Implement ignorefd for TCP
...
|
|
|
|
|
