| Age | Commit message (Collapse) | Author |
|---|
|
Previously, if certificate revocation checking was turned on, and a
certificate didn't contain a CRL Distribution Points extension, and
there was no relevant CRL in the cache, then ssl_handshake:crl_check
would accept the certificate even if the crl_check option was set to
reject certificates for which the revocation status could not be
determined. With this change, such certificates will only be accepted
if the crl_check option was set to best_effort.
The process for CRL validation is described in section 6.3 of RFC
5280. The text doesn't mention any special treatment to be given to
certificates without distribution points: it just says "For each
distribution point..." (section 6.3.3), which would leave the
revocation status undetermined, unless there were "any available CRLs
not specified in a distribution point but issued by the certificate
issuer". Thus the result of this algorithm should be UNDETERMINED in
this case, not UNREVOKED, and the crl_check option should govern how
the implementation reacts to this result.
|
|
When establishing a TLS connection with {verify, verify_none}, if the
server has a certificate with a critical extension, for example a
"Netscape Cert Type" extension, certificate verification would fail,
which is surprising given that the name of the option suggests that no
verification would be performed.
With this change, certificate extensions marked as critical are
ignored when using verify_none.
|
|
The test_server application has previously been deprecated.
In OTP 19, we will move relevant parts of test_server into the
common_test application. Test suites that include test_server.hrl
must be updated to include ct.hrl instead. Test suites that include
test_server_line.hrl must removed that inclusion. Test suites that
call the test_server module directly will continue to work in OTP 19.
The test suites for Erlang/OTP are built and executed in exactly
the same way as previously.
Here are some more details.
The modules test_server*.erl and erl2html2.erl in lib/test_server/src
have been moved to common_test/src.
The test_server.hrl and test_server_line.hrl include files have
been deleted. The macros in test_server.hrl have been copied into
lib/common_test/include/ct.hrl.
The ts*.erl modules and their associated data files in
lib/test_server/src has been been moved to the new directory
lib/common_test/test_server. The ts* modules are no longer built
to lib/common_test/ebin. They will only built when 'make release_tests'
is executed.
The test suite for test_server has been moved to lib/common_test/test.
The rest of the files have been deleted.
|
|
|
|
Cleanliness.
|
|
Since no test suites includede test_server.hrl, there is no need
to have test_server in the include path or code path.
|
|
As a first step to removing the test_server application as
as its own separate application, change the inclusion of
test_server.hrl to an inclusion of ct.hrl and remove the
inclusion of test_server_line.hrl.
|
|
* maint:
xmerl: Remove 'no_return' Dialyzer warnings
xmerl: Add suppression of Dialyzer warnings
eunit: Add suppression of Dialyzer warnings
debugger: Add suppression of Dialyzer warnings
kernel: Add suppression of Dialyzer warnings
mnesia: Add suppression of Dialyzer warnings
observer: Add suppression of Dialyzer warnings
runtime_tools: Add suppression of Dialyzer warnings
stdlib: Add suppression of Dialyzer warnings
test_server: Add suppression of Dialyzer warnings
tools: Add suppression of Dialyzer warnings
Conflicts:
lib/stdlib/src/erl_lint.erl
lib/stdlib/src/otp_internal.erl
|
|
* hb/add_dialyzer_suppressions/OTP-12862:
xmerl: Remove 'no_return' Dialyzer warnings
xmerl: Add suppression of Dialyzer warnings
eunit: Add suppression of Dialyzer warnings
debugger: Add suppression of Dialyzer warnings
kernel: Add suppression of Dialyzer warnings
mnesia: Add suppression of Dialyzer warnings
observer: Add suppression of Dialyzer warnings
runtime_tools: Add suppression of Dialyzer warnings
stdlib: Add suppression of Dialyzer warnings
test_server: Add suppression of Dialyzer warnings
tools: Add suppression of Dialyzer warnings
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* ia/pr/958/OTP-13334:
ssl: verify cert signature against original cert binary
|
|
* rickard/ds-fixes-master:
Fix unique_SUITE for dirty schedulers
Add dirty scheduler process termination test
Ensure that work is done on the correct type of schedulers
|
|
* bjorn/cuddle-with-tests:
erl_prim_loader_SUITE: Refactor helper functions
Move record compilation errors to erl_lint_SUITE
compile_SUITE: Use get_files/3 in more places
compile_SUITE: Replace confusing files/2 with get_files/3
|
|
|
|
* tuncer/ei-breakage:
ei: fix breakage reported by Sergei Golovan
Revert "musl: fix gethostbyname_r/gethostbyaddr_ selection"
OTP-13328
|
|
The default error logger, the one in use before a more sophisticated
error logger can be installed, has rather terse output, in part because
it cannot rely on io:format. This patch attempts to improve the error
logger within that constraint:
- Print timestamps as YYYY-MM-DD HH:MM:SS
- For error reports with format strings, just print the format string
and the format arguments on separate lines
- For error reports with tuple lists, print each pair on a separate line
|
|
* maint:
asn1: Suppress warnings for improper lists in generated code
|
|
* bjorn/asn1/suppressions/OTP-13324:
asn1: Suppress warnings for improper lists in generated code
|
|
This removes the duplication in having both `cmp_eq`
and `CMP_EQ` and normalizes their name to uppercase.
|
|
Given the function definition below:
check(X) when X >= 0, X <= 20 -> true.
@nox has originally noticed that perfoming lt and ge
guard tests were performing slower than they should be.
Further investigation revealed that most of the cost
was in jumping to the erts_cmp function. This patch
brings the operations already inlined in erts_cmp
into the emulator, removing the jump cost.
After applying these changes, invoking the check/1
function defined above 30000 times with different
values from 0 to 20 has fallen from 367us to 213us
(measured as average of 3 runs). This is a
considerably improvement over Erlang 18 which takes
556us on average.
Floats have also dropped their time from 1126us
(on Erlang 18) to 613us.
|
|
* rickard/ds-fixes:
Fix unique_SUITE for dirty schedulers
Add dirty scheduler process termination test
Ensure that work is done on the correct type of schedulers
Conflicts:
erts/emulator/beam/erl_process.c
erts/emulator/beam/erl_process.h
erts/emulator/beam/erl_process_dump.c
|
|
|
|
In scheduler_SUITE add a new test that runs a single dirty I/O
scheduler and launches a number of dirty I/O NIF calls that each sleep
for 3 seconds. Given the single scheduler, the first of these will run
while the rest queue up. Then start killing these processes, and
verify they call exit correctly.
|
|
Only the actual call to the dirty nif is allowed to execute on
dirty schedulers. The dirty nif is not allowed to execute on
normal schedulers if dirty schedulers are available.
Arrival of exit signals and system tasks, while a process was
scheduled for execution on a dirty scheduler, could mess up the
process internal state.
Preparation for dirty system task has been made, but is currently
unused.
|
|
ResA may have been GC'd after its last use.
|
|
|
|
* maint:
mnesia: let loader check if tablelock is needed
mnesia: Avoid deadlock possibility in mnesia:del_table_copy schema
|
|
* dgud/mnesia/del_schema_hangs/OTP-13284:
mnesia: let loader check if tablelock is needed
mnesia: Avoid deadlock possibility in mnesia:del_table_copy schema
|
|
Eliminate duplicated code by factoring out the common code
for starting erl_boot_server and a slave node.
Also, in the new start_boot_server/0 helper, fix a problem
with Linux systems that assign 127.0.1.1 as the IP address
for the hostname.
Also stop using the -setcookie option when starting a node
using -loader inet. The inet loading method doesn't use
the distribution anymore.
|
|
|
|
* egil/fix-lcnt-dead-code/OTP-13319:
tools: Remove dead code in lcnt
|
|
|
|
* maint:
Eliminate crash because of unsafe delaying of sub-binary creation
|
|
* bjorn/compiler/beam_bsm/OTP-13309:
Eliminate crash because of unsafe delaying of sub-binary creation
|
|
Conflicts:
lib/stdlib/src/supervisor.erl
|
|
* nybek/speed_up_supervisor_count_children:
Speed up supervisor:count_children/1; simple_one_for_one
Add supervisor:get_callback_module/1
OTP-13290
|
|
* maint:
dialyzer: Correct byte_size() and comparisons
Conflicts:
lib/hipe/cerl/erl_bif_types.erl
|
|
* hb/dialyzer/fix_bitstr_bug/OTP-13312:
dialyzer: Correct byte_size() and comparisons
|
|
The current implementation is roughly O(N*M) where N is the number of items to be removed, and M is the number of items in the map. This does not include the cost of `maps:from_list` or `maps:to_list`. This leads to pretty horrifying execution times on large maps regardless of how many or few keys are to be removed.
The new implementation is O(N) where N is the number of items to be removed. For each N there's the cost of removing a key from a map, and but in practice that turns out to be a vast improvement for all map sizes I tested
The new maps:take/2 implementation similarly builds a list of keys and values by iterating only the list of desired keys, and then hands it off to maps:from_list. This turned out to be faster than N maps:put calls.
|
