Age | Commit message (Collapse) | Author |
|
|
|
john/erts/update-zlib/OTP-15351/ERL-749
* fhunleth/fix-muslc-compiler-error:
Allow undefined macros when building zlib
|
|
|
|
Implement Signature Algorithms (TLS 1.3)
|
|
* maint:
beam_utils: Handle bs_start_match2 in anno_defs
|
|
into maint
* john/compiler/bs_match-anno-liveness-fix/OTP-15353/ERL-753:
beam_utils: Handle bs_start_match2 in anno_defs
|
|
The previous check whether ErLLVM could be enabled and/or tested simply
checked whether a suitable version of the LLVM tool chain was present
in the path. Obviously this is not enough: there should also be a check
that we are running in an architecture on which the ErLLVM compiler
has been ported. Fix the function that provides this functionality and
also rename it in order to more appropriately describe what it does.
In principle, this change introduces a backwards incompatibility as the
function is one of those exported by the `hipe' module, but this
function was not documented and the chances that it has been used
somewhere else that the test suite are pretty low (if not zero).
|
|
causing ASSERT in sys_memset to fail.
|
|
|
|
The option 'signature_algs_cert' is not set by default.
Change-Id: Ib87cedc5e48b3ac7a36a30bc7caa08d3193f12fa
|
|
Update default hash algorithm (md5 -> sha1) used for generating
the server and CA certificates.
Default support for md5 has been removed for TLS 1.2 and OTP-15248
introduced a check for the whole {hash, signature} algorithm pair
as defined by RFC5246.
Change-Id: I964914914f522c10ef11c8c7c72bb9e4a0c38010
|
|
Change-Id: Ie60b2a2651ea975cebd0ccf0c7e2953f89986463
|
|
Change-Id: Ifb933d1bad647b941b7324c0712a7bc20ae74efa
|
|
Implement handling of the signature algorithms extension described by
RFC 8446. This commit updates the behavior of legacy TLS versions to
align them with RFC 8446 (TLS 1.3) and RFC 5246 (TLS 1.2).
- TLS 1.0/1.1 clients validate the client certificate against the
certificate_type field of the CertificateRequest message.
- TLS 1.2 client verifies the hash/signature algorithm pair of the
client certificate when processing a CertificateRequest. Old
behavior only checked the signature algorithms.
- TLS 1.2 server verifies that the server certificate is signed by
a hash/signature algorithm pair that appears in the
"singature_algorithms" or "signature_algorithms_cert" (RFC 8446)
extensions of the ClientHello.
Change-Id: I3e0a0d7408984f5e5b1233968934fe34d64eb2b7
|
|
Add documentation to the ssl option "signature_algs_cert"
introduced by TLS 1.3. The client/server will send a
"signature_algorithms_cert" extension, if TLS 1.3 or later
is used.
Change-Id: I17d612f311a1deef7e29473c3998e7f99fa56f02
|
|
|
|
* maint:
Updated OTP version
Prepare release
erts: Fix UNC path handling on Windows
erts: Fix a compiler warning
eldap: Fix race at socket close
Fix bug for sockopt pktoptions on BSD
erts: Fix memory leak on file read errors
|
|
* maint-21:
Updated OTP version
Prepare release
erts: Fix UNC path handling on Windows
erts: Fix a compiler warning
eldap: Fix race at socket close
Fix bug for sockopt pktoptions on BSD
erts: Fix memory leak on file read errors
|
|
|
|
|
|
maint-21
* ingela/maint/ssl/packet-options-to-tls-sender/OTP-15348:
ssl: TLS sender process needs to get updates of the socket option packet
|
|
* ingela/maint/ssl/close-alert-ERL-738/OTP-15337:
ssl: ERL-738 - Correct alert handling with new TLS sender process
|
|
maint-21
* hans/eldap/prevent_EXIT_at_close/OTP-15342/ERIERL-242:
eldap: Fix race at socket close
|
|
* john/erts/fix-unc-paths-windows/OTP-15333/ERL-737:
erts: Fix UNC path handling on Windows
erts: Fix a compiler warning
|
|
maint-21
* bjorn/compiler/fix-binary-matching/ERL-689/OTP-15335:
Fix rare bug in binary matching (again)
|
|
* raimo/BSD-sockopt-pktoptions/ERIERL-187/OTP-14297:
Fix bug for sockopt pktoptions on BSD
|
|
* john/erts/fix-prim_file-error-leak/OTP-15318:
erts: Fix memory leak on file read errors
|
|
Conflicts:
erts/preloaded/ebin/prim_inet.beam
|
|
RaimoNiskanen/raimo/getifaddrs-netns/ERIERL-189/OTP-15121
Implement {netns,NS} option for inet:getifaddrs/1 and friends
|
|
* john/kernel/cuddle-seq_trace-test:
seq_trace: Fix label_capability_mismatch test
|
|
This fixes 200ms delay on the last TCP segment when using
file:sendfile/2 on Linux (ERL-698).
|
|
* maint:
Updated OTP version
Prepare release
|
|
* maint-17:
Updated OTP version
Prepare release
|
|
|
|
|
|
maint-17
* sverker/r16/binary_to_atom-utf8-crash/ERL-474/OTP-14590:
erts: Fix crash in binary_to_atom/term for invalid utf8
|
|
* sverker/big-bxor-bug/ERL-450/OTP-14514:
erts: Fix bug in bxor of a big negative number
|
|
* sverker/bin2term-zlib-bug/ERL-340/OTP-14159:
erts: Fix binary_to_term for compressed and zlib >= v1.2.9
|
|
* rickard/thr-prgr-unmanaged-delay-bug/OTP-13869:
Fix erts_thr_progress_unmanaged_delay()
|
|
* rickard/drv-send-term-thr-bug/OTP-13866:
Fix thread calls to erl_drv_send_term()/erl_drv_output_term()
|
|
* rickard/port-sig-dropped-fix/OTP-13424:
Fix implementation of dropped signal to port
|
|
When building Erlang on a system that uses the Musl C library, it's
possible to get the following error:
In file included from zlib/adler32.c:11:0:
zlib/zutil.h:172:39: error: "_LFS64_LARGEFILE" is not defined [-Werror=undef]
(!defined(_LARGEFILE64_SOURCE) || _LFS64_LARGEFILE-0 == 0)
^~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
On the same systems, zlib is built without `-Werror=undef` so do the
same when building it with Erlang.
Signed-off-by: Frank Hunleth <[email protected]>
|
|
* maint:
crypto: Update RSA tests after algorithms doc chapter
crypto: Update RSA options to match specs and different OpenSSL versions - Put rsa_pkcs1_oaep_padding in supports/0 - #ifdef updates - Refine PKCS1_OAEP defines
|
|
* hans/crypto/fix_RSA_opts/OTP-15302:
crypto: Update RSA tests after algorithms doc chapter
crypto: Update RSA options to match specs and different OpenSSL versions - Put rsa_pkcs1_oaep_padding in supports/0 - #ifdef updates - Refine PKCS1_OAEP defines
|
|
|
|
- Put rsa_pkcs1_oaep_padding in supports/0
- #ifdef updates
- Refine PKCS1_OAEP defines
|
|
When compiled on OTP 22, the test suite will not load on the
OTP 20 node required for this test.
|
|
* maint:
Run emacs tests from test_suite
Emacs: consider case in erlang-get-identifier-at-point
Emacs: do not accept compiler warnings in selected elisp files
Emacs: add test-erlang-mode
|
|
* pr/1949:
Run emacs tests from test_suite
Emacs: consider case in erlang-get-identifier-at-point
Emacs: do not accept compiler warnings in selected elisp files
Emacs: add test-erlang-mode
|
|
|