| Age | Commit message (Collapse) | Author |
|---|
|
|
|
The current SSL implementation has a PEM cache running through the ssl
manager process, whose primary role is caching CA chains from files on
disk. This is intended as a way to save on disk operation when the
requested certificates are often the same, and those cache values are
both time-bound and reference-counted. The code path also includes
caching the Erlang-formatted certificate as decoded by the public_key
application
The same code path is used for DER-encoded certificates, which are
passed in memory and do not require file access. These certificates are
cached, but not reference-counted and also not shared across
connections.
For heavy usage of DER-encoded certificates, the PEM cache becomes a
central bottleneck for a server, forcing the decoding of every one of
them individually through a single critical process. It is also not
clear if the cache remains useful for disk certificates in all cases.
This commit adds a configuration variable for the ssl application
(bypass_pem_cache = true | false) which allows to open files and decode
certificates in the calling connection process rather than the manager.
When this action takes place, the operations to cache and return data
are replaced to strictly return data.
To provide a transparent behaviour, the 'CacheDbRef' used to keep track
of the certificates in the cache is replaced by the certificates itself,
and all further lookup functions or folds can be done locally.
This has proven under benchmark to more than triple the performance of
the SSL application under load (once the session cache had also been
disabled).
|
|
* maint-19:
Updated OTP version
Prepare release
erts: Make sure to flush potential exit message
|
|
|
|
|
|
* lukas/kernel/os_cmd_fix_exit_message_leak/OTP-13813:
erts: Make sure to flush potential exit message
|
|
|
|
* maint-18:
Updated OTP version
Prepare release
Conflicts:
OTP_VERSION
erts/doc/src/notes.xml
erts/vsn.mk
otp_versions.table
|
|
* maint-19:
Updated OTP version
Prepare release
Avoid segfault when printing slogan after crashdumping
Fix race causing lost wakeup on receive-after timeout
|
|
into maint
* bjorn/compiler/ambiguous_catch_try_state/ERL-209/OTP-13804:
[ERL-209] Fix ambiguous_catch_try_state inconsistency error
|
|
* bjorn/asn1/support-parallel-build/OTP-13624:
asn1_test_lib: Compile ASN.1 modules in parallel
Support 'make -j' when compiling ASN.1 modules
|
|
Test that the changes in the previous commit allows us to
compile ASN.1 modules in parallel.
|
|
When attempting to build multiple ASN.1 modules in parallel (e.g. by
running 'make -j'), the ASN.1 compiler could crash because the names
of the .asn1db files clashed. For example, if A.asn1 and B.asn1 both
import from C.asn1, the compiler would write a C.asn1db file when
compiling A.asn1 and when compiling B.asn1.
We can avoid this problem if the compiler only writes the
module's own .asn1db file. That is, when compiling A.asn1,
the compiler would only write A.asn1db, not C.asn1db. Also,
make sure that we make the write atomic by first writing to
a temporary file that is then renamed.
|
|
* lukas/erts/tracing/fix_sparc_align_issue/OTP-13803:
erts: Align ErtsThrPrgrLaterOp when free'ing tracer
|
|
On Sparc all structs with a double word element in are assumed
to be allocated on a two word boundary. So we have to make sure
that the ErtsThrPrgrLaterOp * points to 8 / 16 byte aligned memory.
As it only costs one word I've done it on all architectures in case
some unknown other arch also needs this.
|
|
* lukas/erts/fix_init_stop_code_load_race/OTP-13802:
erts/kernel: Fix code loading deadlock during init:stop
|
|
When init:stop is called it walks the application hierarchy
and terminates each process. Some of these processes may do
something while terminating and sometimes that something
needs to load some new code in order to work. When this happens
the code_server could just be in the process of terminating
or the erl_prim_loader could be active. In both these cases
the request to load the new code would cause a deadlock in the
termination of the system.
This commit fixes this by init rejecting attempts to load new code
when init:stop has been called and fixing a termination race in
the code_server.
This however means that the process that tried to do something
when told to terminate (for instance logging that it is terminating)
will crash instead of loading the code.
|
|
* binarin/even-more-absolute-paths/PR-1103/OTP-13800:
Use perl discovered by configure
Don't make assumptions about build tools paths
|
|
* avellable/erts/correct_atomicity_typo:
Correct spelling of atomicity
|
|
|
|
|
|
* rickard/erl-crash-dump-bug/OTP-13799:
Avoid segfault when printing slogan after crashdumping
|
|
* rickard/proc-tmo-bug/OTP-13798:
Fix race causing lost wakeup on receive-after timeout
|
|
|
|
|
|
* rickard/erl-crash-dump-bug/OTP-13799:
Avoid segfault when printing slogan after crashdumping
|
|
* rickard/proc-tmo-bug/OTP-13798:
Fix race causing lost wakeup on receive-after timeout
|
|
|
|
|
|
It is not safe to share code between 'catch' blocks.
|
|
* ingela/ssl/dialyzer:
ssl: Conform to dialyzer spec
|
|
|
|
with run_erl option -sleepy-child
to provoke race when slave pty is late
|
|
|
|
Conflicts:
lib/ssl/src/ssl.appup.src
|
|
|
|
|
|
* lukas/kernel/fix_os_cmd_background_compat/OTP-13741:
kernel: Use ^D as eot for os:cmd on unix platforms
|
|
* raimo/ssl/version-selection/maint-19/OTP-13753:
Improve version selection
|
|
* ingela/inets/mod_esi-handle-PUT-DELETE/OTP-13688:
inets: Prepare for release
inets: Fix typo in doc
inets: Add mod_esi test for PUT
inets: Unify mod_esi "PUT" callback input
inets: Add mod_esi support for PUT AND DELETE
|
|
This is needed as doing only an 'exit' will only exit the
program, but any children started in the program that have
stdout/stderr still open will keep the port open until they
terminate. i.e.
os:cmd("while true; do echo sleep 1; sleep 1; done&").
would block os:cmd forever because the while loop keeps its copies
of stdout/stderr open forever.
It could be argued that this is correct behaviour, and it is
the way it works on windows, but changing this breaks backwards
compatability for os:cmd which is not acceptable.
|
|
|
|
|
|
|
|
Change it to { Input :: string() | undefined, Body :: string() }
|
|
|
|
into maint
* duncaen/crypto/fix-algo_cipher-array-size/PR-1140/OTP-13789:
Fix segfault in crypto by increasing algo_cipher array
|
|
|
|
Conflicts:
OTP_VERSION
lib/ssh/doc/src/notes.xml
lib/ssh/test/ssh_sup_SUITE.erl
lib/ssh/vsn.mk
otp_versions.table
|
|
|
