| Age | Commit message (Collapse) | Author |
|---|
|
Conflicts:
lib/crypto/src/crypto.erl
|
|
|
|
|
|
|
|
* maint:
crypto: sha3_224 and sha3_256 errors fixed
|
|
|
|
* maint:
ssh: Use exported crypto types
public_key: Generate refman from types and specs
public_key: Rework -type and -spec Check existing specs with code and documentation and adjust. Prepare for doc generation
public_key: Setup for doc generation
public_key: Remove special type signature for one test
crypto: Add missing documentation for enable_fips_mode/1
crypto: Generate refman from types and specs and fix links in engine chapter for generated crypto module refman
crypto: Rework -type and -spec Check code and documentation and write -type/-spec or adjust existing. Prepare for doc generation
crypto: Setup for doc generation
crypto: A user's guide chapter on algorithm details Such as keylengths, blocksizes and IV lengths are hard to find otherwise
|
|
* hans/crypto/doc/OTP-15134:
ssh: Use exported crypto types
public_key: Generate refman from types and specs
public_key: Rework -type and -spec Check existing specs with code and documentation and adjust. Prepare for doc generation
public_key: Setup for doc generation
public_key: Remove special type signature for one test
crypto: Add missing documentation for enable_fips_mode/1
crypto: Generate refman from types and specs and fix links in engine chapter for generated crypto module refman
crypto: Rework -type and -spec Check code and documentation and write -type/-spec or adjust existing. Prepare for doc generation
crypto: Setup for doc generation
crypto: A user's guide chapter on algorithm details Such as keylengths, blocksizes and IV lengths are hard to find otherwise
|
|
|
|
|
|
Check existing specs with code and documentation and adjust. Prepare for doc generation
|
|
|
|
|
|
|
|
and fix links in engine chapter for generated crypto module refman
|
|
Check code and documentation and write -type/-spec or adjust existing. Prepare for doc generation
|
|
|
|
Such as keylengths, blocksizes and IV lengths are hard to find otherwise
Conflicts:
lib/crypto/doc/src/crypto.xml
|
|
* maint:
Updated OTP version
Update release notes
Update version numbers
erts: Fix "Prevent inconsistent node lists" fix
Fix include-path regression caused by dd0a39c
Restore default SIGTERM behaviour for port programs
|
|
* maint-21:
Updated OTP version
Update release notes
Update version numbers
erts: Fix "Prevent inconsistent node lists" fix
Fix include-path regression caused by dd0a39c
Restore default SIGTERM behaviour for port programs
|
|
|
|
* maint:
syntax_tools: Correct unfolding of the stacktrace variable
|
|
maint
* hasse/syntax_tools/fix_stacktrace_var/OTP-15291/ERL-719:
syntax_tools: Correct unfolding of the stacktrace variable
|
|
* peterdmv/ssl/property_test_client_hello:
ssl: Property test hello extensions
Change-Id: I78f5cdef8702141b78e9123efe34e381a5e5d12c
|
|
|
|
'ingela/ssl/unorded-or-incomplete-cert-chain/OTP-12983/OTP-15060' into maint
* ingela/ssl/unorded-or-incomplete-cert-chain/OTP-12983/OTP-15060:
ssl: Handle incomplete and unorded chains
|
|
If the peer sends an incomplete chain that we can reconstruct with
our known CA-certs it will be accepted.
We will assume that the peer honors the protocol and sends an orded
chain, however if validation fails we will try to order the chain in
case it was unorded. Will also handle that extraneous cert where present.
See Note form RFC 8446
Note: Prior to TLS 1.3, "certificate_list" ordering required each
certificate to certify the one immediately preceding it; however,
some implementations allowed some flexibility. Servers sometimes
send both a current and deprecated intermediate for transitional
purposes, and others are simply configured incorrectly, but these
cases can nonetheless be validated properly. For maximum
compatibility, all implementations SHOULD be prepared to handle
potentially extraneous certificates and arbitrary orderings from any
TLS version, with the exception of the end-entity certificate which
MUST be first.
|
|
* maint:
crypto: Fix valgrind error
|
|
* hans/crypto/valgrind:
crypto: Fix valgrind error
|
|
|
|
|
|
* anders/diameter/21.1/OTP-15202:
vsn -> 2.1.6
Update appup for 21.1
|
|
* anders/diameter/dpr/OTP-15198:
Fix function_clause when sending a request after an outgoing DPA
|
|
* sverker/enif-cancel-select/OTP-15095:
erts: Add ERL_NIF_SELECT_CANCEL flag for enif_select
|
|
|
|
|
|
|
|
into maint-21
* sverker/erts/fix-aborted-pending-connection-race/OTP-15296:
erts: Fix "Prevent inconsistent node lists" fix
|
|
maint-21
* john/compiler/fix-rebar-recompiles-maint-21/OTP-15292:
Fix include-path regression caused by dd0a39c
|
|
* rickard/port-prog-sigterm-fix/OTP-15289:
Restore default SIGTERM behaviour for port programs
|
|
done in a31216200bdee2c04b3fb3ae5e26607674715c8a
that could cause a new pending connection to be incorrectly aborted.
|
|
Extend test generators with ClientHello extensions:
- TLS 1.2: supported_version
- TLs 1.3: supported_version and signature_scheme_list
Change-Id: I43356a2a921edade124eceb004f20411c7e92619
|
|
* peterdmv/ssl/tls13_ciphers:
ssl: Fix cipher suite handling
ssl: Add TLS 1.3 cipher suites
Change-Id: I6b306d29642ba38639157ed1afea8b8df38af30e
|
|
* maint:
crypto: Remove 'experimental' comments for ecdh
|
|
* hans/crypto/x25519_x448/OTP-15240:
crypto: Remove 'experimental' comments for ecdh
|
|
|
|
* ingela/ssl/psk-correction/OTP-15285:
ssl: Correct handling of all PSK cipher suites
|
|
Before only some PSK suites would be correctly negotiated and most PSK
ciphers suites would fail the connection.
PSK cipher suites are anonymous in the sense that they do not use
certificates except for rsa_psk.
|
|
* maint:
erlang-mode: fix void variable align-rules-list error
|
|
erlang-mode: fix void variable align-rules-list error
|
